Privacy Policy

Last Updated: June 2026

Privacy Policy for THINKFRESH

THINKFRESH is committed to protecting your privacy and handling your personal information responsibly, transparently, and in accordance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

This Privacy Policy explains how we collect, use, store and protect your personal information when you visit our website, contact us, or engage our services.

Who We Are

Data Controller

The Studio
Tingewick Road Farm
Tingewick Road
Buckingham
MK18 4AE
United Kingdom

Email: hello@thinkfresh.co.uk

For the purposes of UK data protection legislation, Stoke Ripley Creative Ltd is the Data Controller of your personal information.

Information We Collect

We may collect and process the following categories of personal information:

Information You Provide

When you contact us, enquire about our services, book a call, apply for membership or become a client, we may collect:

  • Name
  • Company name
  • Job title
  • Email address
  • Telephone number
  • Postal address
  • Business information
  • Project requirements
  • Marketing preferences
  • Any information voluntarily provided through forms, emails or conversations

Information Collected Automatically

When you visit our website, we may collect:

  • IP address
  • Browser type and version
  • Device information
  • Operating system
  • Website usage data
  • Referring website information
  • Pages visited
  • Session duration
  • Cookie identifiers

This information is generally collected through cookies and analytics tools, subject to your consent where required.

How We Use Your Information

We use personal information to:

  • Respond to enquiries and requests
  • Arrange introductory consultations
  • Deliver creative services and membership support
  • Manage client relationships
  • Provide access to client portals and project systems
  • Process invoices and payments
  • Improve our website and services
  • Send relevant marketing communications
  • Monitor website performance and user experience
  • Meet legal, regulatory and contractual obligations

We will only process personal information where we have a lawful basis for doing so.

Lawful Bases for Processing

Under UK GDPR, we rely on the following lawful bases:

Contract

Where processing is necessary to provide services, fulfil agreements, or take steps before entering into a contract.

Legitimate Interests

Where processing is necessary for our legitimate business interests, including:

  • Managing client relationships
  • Improving our services
  • Website analytics
  • Business administration
  • Fraud prevention
  • Network security

We ensure that such interests do not override your rights and freedoms.

Consent

Where required by law, we will obtain your consent before:

  • Sending certain marketing communications
  • Placing non-essential cookies
  • Using marketing and advertising technologies

You may withdraw consent at any time.

Legal Obligation

Where we are required to process information to comply with legal or regulatory requirements.

Marketing Communications

We may send information about our services, membership offerings, insights, updates or events where:

  • You have requested information from us;
  • You are an existing client and the communication relates to similar services; or
  • You have explicitly consented to receive marketing communications.

You may unsubscribe from marketing communications at any time by following the unsubscribe link within our emails or contacting us directly.

Sharing Your Information

We do not sell your personal information.

We may share information with trusted third-party service providers where necessary to operate our business, including:

  • Website hosting providers
  • CRM systems
  • Email marketing platforms
  • Cloud storage providers
  • Project management platforms
  • Client portal providers
  • Payment processors
  • Professional advisers
  • IT and cybersecurity providers

All third parties are required to process information securely and only in accordance with our instructions.

We may also disclose information where required by law or to protect our legal rights.

International Transfers

Some of our service providers may process data outside the United Kingdom.

Where personal information is transferred internationally, we ensure appropriate safeguards are in place, including:

  • UK International Data Transfer Agreements (IDTAs)
  • UK Addendum to Standard Contractual Clauses
  • Adequacy Regulations approved by the UK Government

Data Retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, including:

  • Service delivery
  • Legal obligations
  • Accounting requirements
  • Dispute resolution
  • Business records

Retention periods vary depending on the nature of the information and applicable legal requirements.

Security

We take appropriate technical and organisational measures to protect personal information from:

  • Unauthorised access
  • Accidental loss
  • Misuse
  • Disclosure
  • Alteration
  • Destruction

These measures include secure hosting environments, access controls, encrypted communications where appropriate, and ongoing monitoring of our systems.

While we strive to protect your information, no internet transmission or electronic storage system can be guaranteed to be completely secure.

Your Rights

Under UK GDPR, you may have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Request deletion of your information
  • Restrict processing
  • Object to processing
  • Withdraw consent
  • Request data portability
  • Lodge a complaint with the Information Commissioner's Office (ICO)

To exercise any of these rights, please contact us using the details below.

Third-Party Websites

Our website may contain links to third-party websites.

We are not responsible for the privacy practices or content of external websites and encourage you to review their privacy policies before providing personal information.

Cookies

Our website uses cookies and similar technologies.

For detailed information about how we use cookies and how to manage your preferences, please refer to our Cookie Policy.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legislation, business practices, technology or services.

Any updates will be published on this page and will take effect immediately upon publication.

Contact Us

If you have any questions regarding this Privacy Policy or how we handle personal information, please contact:

THINKFRESH
A trading style of Stoke Ripley Creative Ltd
The Studio
Tingewick Road Farm
Tingewick Road
Buckingham
MK18 4AE

Email: hello@thinkfresh.co.uk

Complaints

If you are unhappy with how we handle your personal information, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).

Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Website: www.ico.org.uk