Serps Invaders

Privacy Policy

Last updated: [26/08/2025]

At Serps Invaders Ltd. (“we”, “our”, “us”), we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you interact with us, in accordance with the UK GDPR, the Data Protection Act 2018, and other applicable laws.

1. Who We Are

Serps Invaders Ltd. is a digital marketing agency registered in Scotland (Company No. SC388716). Our registered office is at 13-15 Morningside Drive, Edinburgh, Scotland, EH10 5LZ.

If you have questions about this Privacy Policy or how we use your data, please contact us via the details provided in the Contact Us section below.

2. What Data We Collect

We may collect and process the following categories of personal data:

  • Contact information (such as name, email address, phone number, company name and role)

  • Communications (emails, enquiries, correspondence, and call notes)

  • Marketing preferences (newsletter sign-ups, opt-ins and related choices)

  • Website usage data through cookies and analytics (aggregated and non-identifiable statistics)

  • Business information provided in the course of professional services

3. How We Collect Your Data

We collect personal data when you:

  • Submit forms on our website (e.g. contact forms, newsletter sign-ups, whitepaper downloads)

  • Correspond with us by phone, email, or in person

  • Visit and interact with our website, where cookies and analytics tools may collect data

  • Engage with us in a business or client relationship

4. How We Use Your Data

We process personal data to:

  • Provide you with services you have requested

  • Respond to enquiries and manage client relationships

  • Communicate about projects, services, and marketing updates (if you have opted in)

  • Improve our website, services, and campaigns through analytics

  • Comply with legal, financial, and regulatory obligations

5. Legal Bases for Processing

We rely on the following legal bases to process your personal data:

  • Consent – where you opt in to receive marketing communications

  • Contract – where processing is necessary to perform a contract with you or take steps prior to entering a contract

  • Legal obligation – where processing is required to meet our statutory duties (e.g. tax and accounting rules)

  • Legitimate interests – where processing is necessary for our business operations and these interests are not overridden by your rights

6. Data Retention

We retain personal data only as long as necessary to fulfil the purposes for which it was collected, or to meet legal, regulatory, and contractual obligations.

  • Client and business correspondence: up to 6 years after the end of our business relationship

  • Financial and transactional records: minimum 6 years to comply with HMRC requirements

  • Marketing data: until you withdraw consent, after which it will be securely deleted (we may retain proof of consent for audit purposes)

  • Employment and HR records: for the duration of employment and up to 6 years after termination

Where data is no longer required, it will be securely deleted, anonymised, or otherwise disposed of to protect your rights.

7. Data Sharing and Third Parties

We do not sell your personal data. However, we may share it with trusted third-party service providers who assist us in delivering our services, such as:

  • Mailchimp – for email marketing communications

  • Google Analytics – for website performance and usage insights

All third parties are contractually required to process personal data only in accordance with our instructions and applicable data protection laws.

8. International Transfers

We will not transfer your personal data outside the UK or EEA unless appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions recognised by the UK Government.

9. Your Rights

You have the following rights under data protection law:

  • The right to access your personal data

  • The right to request rectification of inaccurate or incomplete data

  • The right to request erasure of your data where lawful

  • The right to restrict or object to certain types of processing

  • The right to withdraw consent to marketing at any time

Requests can be submitted to us using the contact details below. We may request proof of identity before fulfilling your request.

10. Data Security and Breach Handling

We implement appropriate technical and organisational measures to secure your personal data against unauthorised access, alteration, disclosure, or destruction.

In the event of a personal data breach, we will:

  1. Contain and assess the incident immediately

  2. Notify the Information Commissioner’s Office (ICO) within 72 hours, where required

  3. Inform affected individuals without undue delay if the breach presents a high risk to their rights and freedoms

  4. Maintain an internal breach register documenting all incidents

  5. Conduct post-incident reviews to strengthen security and prevent recurrence

11. Cookies

Our website uses cookies and similar technologies to improve your browsing experience, analyse site usage, and support our marketing efforts.

  • Strictly necessary cookies are essential for the website to function and do not require consent.

  • Analytics, functional, and marketing cookies are used only if you provide consent via our cookie banner or settings tool.

  • You may withdraw or adjust your consent at any time through the cookie banner or your browser preferences.

For full details on the cookies we use, their purposes, and their duration, please see our separate Cookie Policy.

12. Policy Updates

We may update this Privacy Policy periodically. Any changes will be posted on this page and, where appropriate, communicated by email. Please check back regularly to stay informed.

13. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at:

Serps Invaders Ltd.
 Email: hello[at]serps-invaders.com

Address: 13-15 Morningside Drive

Edinburgh

EH10 5LZ

United Kingdom

Share This