Privacy Policy

1. Who We Are

PMDN Creative is a UK-based creative studio operated by a sole trader. For the purposes of the UK GDPR and the Data (Use and Access) Act 2025, PMDN Creative is the data controller of personal information collected through this website.

PMDN Creative is registered with the Information Commissioner’s Office (ICO). If you have any questions, please contact pmdncreative@gmail.com.

2. Information We Collect

2.1 Information You Provide Directly When you submit an enquiry, we collect:

  • Name, email address, and business name.

  • Any project details included in your message.

2.2 Automatically Collected Information & Cookies We collect limited technical data (IP address, browser type, pages visited) through Squarespace’s hosting systems.

  • Cookie Update (2026): In accordance with the latest PECR updates, we use essential and "low-risk" functional cookies for website performance. For non-essential tracking or marketing cookies, we obtain your consent via our cookie banner.

3. How We Use Your Information

We use your data to respond to enquiries, manage client projects, and maintain tax records.

  • No Automated Decision-Making: As of February 2026, UK law requires disclosure of automated processing. PMDN Creative does not use solely automated systems or AI to make significant legal or financial decisions about you (such as automated credit scoring or service denials). All enquiries are reviewed by a human.

4. Lawful Basis for Processing

We rely on the following legal bases:

  • Legitimate Interests: To respond to business enquiries and manage relationships.

  • Contract: To fulfill our obligations once you become a client.

  • Legal Obligation: For tax and accounting purposes.

5. Data Retention

  • Enquiries: Retained for 12 months if no project is started.

  • Client Records: Retained for 6 years after the end of the working relationship to comply with UK tax law.

6. International Data Transfers

We host our site via Squarespace. Some data may be processed outside the UK.

  • 2026 Compliance: We ensure all transfers meet the "Data Protection Test" under the DUAA 2025, ensuring protections are not materially lower than those provided by UK law.

7. Your Rights

Under UK law, you have the right to access, correct, or delete your data, and to object to processing.

8. Changes to This Policy

This policy is reviewed regularly to stay compliant with UK digital laws.

Last updated: February 2026