Privacy Policy
1. Introduction
Clueflow Ltd (“Clueflow”, “we”, “our”, or “us”) is committed to protecting and respecting your privacy.
This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website, communicate with us, or use our services.
We process personal data in accordance with:
The UK General Data Protection Regulation (UK GDPR)
The Data Protection Act 2018
The Privacy and Electronic Communications Regulations (PECR)
By accessing our website or providing your personal information, you acknowledge that you have read and understood this Privacy Policy.
2. Who We Are
Clueflow Ltd
3rd Floor, Franciscan House
51 Princes St
Ipswich
IP1 1UR
United Kingdom
Company Number: 15028639
Data Controller:
Peter Marozas, CEO
Clueflow Ltd is the data controller responsible for the processing of personal data described in this policy.
Contact details:
Email: [email protected]
Phone: 01473 561 055
3. Personal Data We Collect
We may collect, use, store, and transfer different kinds of personal data about you, including:
Information You Provide Directly
Identity Data
Name
Job title
Company name
Contact Data
Email address
Telephone number
Business address
Financial Data
Invoice records
Payment history relating to services we provide
Communication Data
Emails
Phone calls
Customer support communications
Messages exchanged through WhatsApp Business
Automatically Collected Data
When you use our website we may automatically collect:
Technical Data
IP address
Browser type and version
Device information
Time zone setting
Operating system
Usage Data
Pages visited
Time spent on pages
Navigation paths
Website interaction behaviour
This data is collected using technologies including:
Google Analytics / GA4
Microsoft Clarity
Google Tag Manager
WhatConverts
Meta Pixel
LinkedIn Insight Tag
TikTok Ads Pixel
Microsoft Bing Ads
Data from Third-Party Services
We may process personal data stored in platforms used to operate our business, including:
CRM systems (e.g. HubSpot)
Communication platforms (Slack, Microsoft 365)
Call transcription software (Fireflies AI)
Cloud storage services (Google Drive)
Contract management systems (DocuSign)
WhatsApp Business messaging platforms (such as WATI)
4. Lawful Bases for Processing
Under UK GDPR we rely on the following lawful bases for processing personal data:
Contractual Necessity
Processing necessary to perform a contract or take steps prior to entering into a contract.
Legitimate Interests
Processing necessary for our legitimate business interests, including:
operating and improving our services
maintaining business relationships
website analytics and optimisation
fraud prevention and security
Where we rely on legitimate interests we ensure this does not override your fundamental rights.
Consent
Where required by law, including:
marketing communications
certain cookies and tracking technologies
You may withdraw consent at any time.
Legal Obligation
Where we must process data to comply with legal or regulatory requirements.
5. How We Use Personal Data
We use personal data for the following purposes:
Delivering and managing our services
Managing client relationships
Responding to enquiries and communications
Providing customer support
Sending relevant service updates
Conducting marketing activities where permitted
Analysing website performance and improving user experience
Monitoring advertising performance
Preventing fraud and ensuring system security
Meeting legal and regulatory obligations
6. Sharing Your Personal Data
We may share personal data with trusted third parties including:
Service Providers
Companies that provide operational services such as:
website hosting
CRM systems
analytics tools
advertising platforms
communication tools
cloud infrastructure providers
These providers only process data on our behalf and under contractual confidentiality obligations.
Professional Advisors
Including legal, financial, and compliance advisors where necessary.
Regulators and Authorities
Where disclosure is required by law or regulatory obligation.
Business Transfers
If Clueflow Ltd undergoes a merger, acquisition, or asset sale, personal data may be transferred as part of that transaction.
We do not sell personal data to third parties.
7. International Data Transfers
Some third-party providers we use operate outside the United Kingdom.
Where personal data is transferred internationally we ensure appropriate safeguards are in place, including:
UK International Data Transfer Agreements (IDTA)
Standard Contractual Clauses (SCCs)
Transfers to countries with recognised adequacy decisions
These safeguards ensure personal data receives an equivalent level of protection.
8. Cookies and Tracking Technologies
Our website uses cookies and similar technologies to provide functionality, analyse website usage, and support advertising.
Types of cookies we may use include:
Essential Cookies
Required for core website functionality.
Analytics Cookies
Used to understand how visitors interact with the website.
Marketing Cookies
Used to measure advertising performance and deliver relevant advertisements.
Users may manage cookie preferences through the website cookie banner or through their browser settings.
9. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected.
Typical retention periods include:
Client records and contracts – up to 7 years for accounting and legal compliance.
Marketing contact data – until you withdraw consent or opt out.
Website analytics data – up to 24 months.
Call recordings or transcripts – up to 12 months.
WhatsApp Business communications – up to 12 months.
Where possible, data may be anonymised for analytical purposes.
10. Your Data Protection Rights
Under UK GDPR you have the right to:
Access the personal data we hold about you
Correct inaccurate or incomplete data
Request erasure of your personal data
Restrict processing of your data
Request data portability
Object to processing, including direct marketing
Withdraw consent where processing relies on consent
To exercise these rights please contact:
We may need to verify your identity before processing requests.
11. Complaints
If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the UK supervisory authority:
Information Commissioner’s Office (ICO)
https://ico.org.uk
We would appreciate the opportunity to address your concerns first.
12. Security
We implement appropriate technical and organisational security measures designed to protect personal data from:
unauthorised access
alteration
disclosure
loss or destruction
These measures include encryption, access controls, and regular security reviews.
13. Third-Party Websites
Our website may contain links to external websites. We are not responsible for the privacy practices or content of those websites.
Users should review the privacy policies of any third-party websites they visit.
14. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in law, technology, or business operations.
The latest version will always be available on our website with the updated revision date.
15. Contact Information
If you have questions about this Privacy Policy or your personal data, please contact:
Clueflow Ltd
3rd Floor, Franciscan House
51 Princes St
Ipswich
IP1 1UR
United Kingdom
Email: [email protected]
Phone: 01473 561 055
Word on the street - we make it look easy
Ready to harness the full power of your digital marketing efforts? Our approach and services makes scaling feel easy.
Don’t gamble your business away. Partner with an industry-leading digital marketing and web design agency. We’re Clueflow — your trusted digital partner.