Solutions
Website DesignLocal SEO & GEOPaid AdvertisingReputation ManagementCRM & AutomationSocial MediaEmail MarketingAnalytics & ReportingWhite-Label
View All Services
IndustriesCase StudiesROI CalculatorAbout
Appearance
Book a Strategy Call
Legal

Privacy Policy

This policy explains how Prism Digital Group Limited collects, uses, stores, and protects your personal information across all our services and brands.

1. Information We Collect

We collect information you provide directly: name, email, phone number, company name, and any details shared via our contact forms or during consultations. We also collect usage data via cookies and analytics tools (Google Analytics 4, Microsoft Clarity) including IP address, browser type, pages visited, and session duration.

For clients using our CRM services, we may also process data on your behalf including your customers' contact details, booking information, and communication history. In this capacity, we act as a data processor.

We do not collect sensitive personal data (health information, financial details, etc.) unless specifically required for a service engagement and with your explicit consent.

2. How We Use Your Information

We use your information for the following purposes:

  • To respond to enquiries and provide requested services
  • To send relevant marketing communications (with consent)
  • To improve our website and services through analytics
  • To comply with legal obligations
  • To manage our client relationships and service delivery
  • To personalise your experience on our website

3. Legal Basis for Processing

Under GDPR, we process your data on the following legal bases:

  • Consent: When you submit a contact form or subscribe to marketing communications
  • Contract: When processing is necessary to deliver services you have contracted us for
  • Legitimate interest: For improving our services, website analytics, and fraud prevention
  • Legal obligation: When required by law (e.g., tax records, regulatory compliance)

4. Data Sharing

We do not sell your data. We share data only with: service providers who assist our operations (hosting, CRM, email), analytics platforms (Google, Microsoft), and legal authorities when required by law.

Our key data sub-processors include: Google (Analytics, Ads), Microsoft (Clarity), Vercel (Hosting), and Stripe (Payment processing). All sub-processors are vetted for GDPR compliance.

5. Data Retention

We retain personal data for the following periods:

  • Contact form submissions: 2 years from last interaction
  • Client data: Duration of engagement plus 6 years (HMRC requirement)
  • Marketing consent records: Until consent is withdrawn
  • Analytics data: 26 months (GA4 default retention)
  • Website cookies: See Cookie section below

6. Data Protection

We comply with GDPR (UK/EU), CCPA (California), and PIPEDA (Canada). We implement industry-standard security measures including encryption, access controls, and regular security audits.

Data is stored on servers within the EU/UK and US. Where data is transferred outside the UK/EU, we ensure appropriate safeguards are in place (Standard Contractual Clauses or adequacy decisions).

7. Your Rights

Under GDPR, CCPA, and PIPEDA you have the right to:

  • Access your personal data and receive a copy
  • Correct inaccurate or incomplete data
  • Delete your personal data (right to be forgotten)
  • Withdraw consent at any time
  • Request data portability in a machine-readable format
  • Object to processing based on legitimate interests
  • Lodge a complaint with a supervisory authority (ICO in the UK)

To exercise any of these rights, contact us at privacy@prismdigitalgroup.co.uk. We will respond within 30 days.

8. Cookies

We use the following types of cookies:

  • Essential cookies: Required for site functionality (session management, security)
  • Analytics cookies: Google Analytics 4 and Microsoft Clarity to understand usage patterns
  • Marketing cookies: Used for ad retargeting and conversion tracking (Google Ads, Meta Pixel)

You can control cookie preferences through your browser settings. Disabling analytics and marketing cookies will not affect site functionality.

9. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.

10. Contact

For privacy-related enquiries, contact us at:

  • Email: privacy@prismdigitalgroup.co.uk
  • Post: Prism Digital Group Limited, registered in England & Wales

If you are not satisfied with our response, you may lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Last updated: February 2026