Privacy and Cookies Policy
At Allegory, we are committed to protecting and respecting your privacy.
This policy (and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting you are accepting and consenting to the practices described in this policy.
For the purpose of the UK data protection laws, the data controller is Allegory at 225 Shoreditch High Street, London, E1 6PJ.
Information we collect from you
We will collect and process the following types of data:
Information you provide: This includes information collected when you fill in forms on our website (www.allegoryagency.co.uk) or when you correspond with us via phone, email, or other means. It includes, but is not limited to, your name, email address, phone number, business address, and any details you provide when signing up for our mailing list, making enquiries, or contacting us for services.
Information we collect about you: When you visit our website, we automatically collect certain technical information such as:
- IP address
- Browser type and version
- Operating system and platform
- Time zone setting
- Clickstream data, page interaction information, length of visits, and browsing behaviour
We do not access personal content from your devices and do not collect or store contact lists, media files, or login information from your phone or computer.
We may use the information we collect from you for various purposes. For each purpose, we are required to confirm the ‘legal basis’ that allows us to use your information, as follows:
| Purpose | Legal basis | ||
|
| ||
| To notify you about changes to our products and services. | Legitimate interests. | ||
| Consent | ||
| Legitimate interests | ||
Some data is required to provide services; if you choose not to provide it, we may not be able to offer those services. Other data is optional and collected with your consent.
Information we collect about you from other sources
We may receive information such as name, contact details, or professional interests from third parties, including partners, suppliers, or publicly available sources (for example, professional websites, news articles). Where appropriate and practical, we will explain how we intend to use this information and the lawful basis for doing so.
| Purposes for which we will process the information | Legal basis for the processing | ||
| Legitimate interests Legitimate interests |
Disclosure of your information
We may share your data with:
- Our third-party service providers (ie.Google Workspace, Xero, Slack, Streamtime, IT Guys) who process data on our behalf
- Business partners or subcontractors for operational delivery of services
- Legal or regulatory bodies, if required to comply with legal obligations
- In the event of a merger or acquisition, your data may be transferred as part of the business assets
- We do not conduct credit checks and do not share your data for that purpose
Email mailing list & marketing messages
We operate a mailing list to share updates, news, or relevant service information from time to time. You will only receive marketing communications if you’ve opted in. All messages include the option to unsubscribe at any time.
Our handling of personal data
All personal data is stored on secure, cloud-based platforms hosted by third-party providers such as Google Workspace, Xero, and Streamtime. These services are selected for their high security standards and compliance with international data protection regulations.
We do not operate our own servers. All systems are protected by encryption, access controls, and multi-factor authentication. Some of our providers may store or process data outside the UK. In these cases, we rely on UK adequacy decisions or Standard Contractual Clauses (SCCs).
Transmission of data over the internet can never be guaranteed as entirely secure. We take reasonable steps to protect your data in transit and at rest
Any payment transactions are encrypted using SSL/TLS technology. Where we have provided (or you have chosen) a password to access our systems or platforms, you are responsible for keeping it confidential and not sharing it with others.
The length of time that we will store your data will depend on the ‘legal basis’ for why we are using that data, as follows:
| Legal basis | Retention basis | ||
|
| ||
|
| ||
Consent |
|
We do not use automated decision-making processes.
Your rights
You have the following rights:
- To access your personal data
- To rectify inaccurate or incomplete data
- To request erasure (subject to legal exceptions)
- To restrict processing where applicable
- Data portability
- To object to processing based on legitimate interests or direct marketing
- To withdraw consent at any time
To exercise your rights, please contact us at team@allegoryagency.co.uk
You also have the right to complain to the Information Commissioner’s Office (ICO) if you believe we are mishandling your data.
External website & third-party links
Our website may contain links to third-party websites. We do not accept responsibility for their content or privacy practices. Users should verify any shortened or external links before clicking.
We maintain official social media profiles but will never request passwords or sensitive personal information via social platforms. Social sharing buttons on our site are used at your discretion.
Cookies policy
We use cookies to:
- Enable website functionality
- Analyse website performance and usage
- Remember your preferences
- Serve relevant advertising content
You can manage cookies via your browser settings. Blocking cookies may limit some website features.
| Cookie | Purpose | |
| Google Analytics cookies |
|
Please review Google’s privacy policy for more information.
Contact
Questions about this policy should be directed to:
Emma Thwaites, Data Protection Officer (DPO)
Email: emma@allegoryagency.co.uk