Privacy policy.

1. Who We Are

Post Agency Ltd ("we", "us", "our") is a company incorporated in England and Wales. 

Registered office:  

7 Boyton Road 
Ipswich 
IP3 9PD 
United Kingdom 

Company number: 17095197 

ICO registration number: ZC115226 

Email: info@postagency.co.uk

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, Post Agency Ltd is the data controller of personal data collected through this website, unless otherwise stated. 

This Privacy Policy explains how we collect, use, store and protect personal data when you interact with our website and in the course of providing our services. 

2. Scope of This Policy

This policy applies to personal data we collect about: 

  • Visitors to our website 

  • Individuals who contact us or submit enquiries 

  • Prospective and current clients 

  • Supplier and partner contacts 

  • Individuals whose data we process in the course of providing services 

  • Job applicants and, where relevant, employees and contractors 

Where we process personal data on behalf of clients in the delivery of advertising, marketing or digital services, we typically act as a data processor. In those circumstances, the relevant client is the data controller and their privacy policy will apply. 

3. The Personal Data We Collect

3.1 Information You Provide Directly

We may collect: 

  • Name 

  • Email address 

  • Telephone number 

  • Company name and job title 

  • Postal address 

  • Information submitted via contact forms, event registrations or content downloads 

  • Any other information you choose to provide 

3.2 Information Collected Automatically

When you visit our website, we may collect: 

  • IP address 

  • Browser type and version 

  • Device type and operating system 

  • Referring website 

  • Pages visited and time spent on pages 

  • Interaction data such as clicks and navigation patterns 

We do not seek to identify individual visitors using analytics data unless you choose to provide identifiable information through a form or other direct interaction. 

3.3 Personal Data from Third Parties

We may receive business contact information from third parties where you have provided permission for your data to be shared, for example at industry events or conferences. 

4. How We Use Your Personal Data

We use personal data to: 

  • Respond to enquiries and provide information about our services 

  • Enter into and perform contracts 

  • Deliver advertising, marketing and consultancy services 

  • Manage client and supplier relationships 

  • Send relevant business communications and updates 

  • Improve our website and services 

  • Comply with legal and regulatory obligations 

  • Establish, exercise or defend legal claims 

We do not sell personal data. 

5. Lawful Bases for Processing

We rely on one or more of the following lawful bases: 

  • Performance of a contract 

  • Taking steps at your request prior to entering into a contract 

  • Compliance with a legal obligation 

  • Our legitimate interests, including operating and improving our business, responding to enquiries and maintaining network security 

  • Consent, where required (for example in relation to non-essential cookies or certain marketing communications) 

Where we rely on legitimate interests, we have considered the potential impact on individuals and concluded that our interests do not override your fundamental rights and freedoms. 

6. Marketing Communications

We may send business-related communications where permitted by law and where we believe they are relevant to your professional interests. 

You can opt out at any time by: 

  • Clicking the unsubscribe link in any email 

  • Contacting us directly 

We will promptly honour all opt-out requests. 

7. Website Analytics and Third-Party Tools

When someone visits our website, we may use carefully selected third-party services to understand visitor behaviour and manage enquiries. These may include: 

  • Google Analytics – to collect aggregated information about website usage and visitor behaviour patterns.  

These services may process data on our behalf as data processors. We do not permit these providers to use the data for their own purposes. 

Where analytics data is collected, it is processed in a way that does not intentionally identify individual visitors. 

Further information is available in our Cookie Policy. 

8. International Transfers

Some of our service providers may process personal data outside the United Kingdom. 

Where this occurs, we ensure appropriate safeguards are in place, such as: 

  • UK International Data Transfer Agreements (IDTAs) 

  • UK Addendum to Standard Contractual Clauses 

  • Transfers to countries subject to adequacy regulations 

We take reasonable steps to ensure personal data remains protected to standards equivalent to UK data protection law. 

9. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse or alteration. These measures include: 

  • Secure hosting environments 

  • Encryption in transit (HTTPS) 

  • Access controls and role-based permissions 

  • Contractual confidentiality obligations with staff and suppliers 

10. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected. 

Retention periods are determined based on: 

  • The nature and sensitivity of the data 

  • The purpose for which it was collected 

  • Legal, regulatory and accounting requirements 

  • Applicable limitation periods for legal claims 

For example: 

  • Enquiry data is typically retained for up to 24 months unless a relationship develops. 

  • Client contract data is retained for up to 6 years following the end of the contractual relationship. 

  • Marketing suppression data may be retained indefinitely to ensure we respect opt-out requests. 

11. Your Rights

Under UK data protection law, you have the right to: 

  • Be informed about how your data is used 

  • Request access to your personal data 

  • Request rectification of inaccurate or incomplete data 

  • Request erasure of your personal data where there is no compelling reason for continued processing 

  • Request restriction of processing 

  • Object to processing based on legitimate interests 

  • Request data portability in certain circumstances 

  • Withdraw consent at any time where processing is based on consent 

  • Object to direct marketing at any time 

  • Not be subject to automated decision-making, including profiling, where it produces legal or similarly significant effects 

To exercise any of these rights, please contact us using the details above. 

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO). 

12. Links to Other Websites

Our website may contain links to other websites. This Privacy Policy does not apply to those websites and we encourage you to review their privacy policies. 

13. Changes to This Policy

We keep this Privacy Policy under regular review. The latest version will always be available on our website, together with the date of last update. 

14. Modern Slavery Statement (Website Privacy Notice Addendum)

Post Agency Ltd is not a "relevant commercial organisation" for the purposes of section 54 of the Modern Slavery Act 2015, based on its current turnover. 

However, we are committed to operating ethically and with integrity in all business dealings. We seek to ensure that modern slavery, forced labour and human trafficking have no place within our business or supply chain. We expect similar standards from our suppliers and partners and endeavour to follow best practice in line with the principles of the Modern Slavery Act 2015.