Privacy Policy — GrozServices

Privacy Policy

Last updated: January 2025  |  Effective: January 2025

Important: This Privacy Policy explains how GrozServices collects, uses, and protects your personal data. By using our website or services, you agree to the practices described herein. This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

GrozServices is a marketing consultancy that helps small and medium-sized businesses promote their activities, events, and projects. We operate at www.grozservices.com.

For data protection purposes, GrozServices is the Data Controller responsible for your personal information.

Contact for data matters: contact@grozservices.com

2. What Personal Data We Collect

Information you provide directly:

  • Name and email address — when you subscribe to our newsletter or create an account
  • Contact form data — name, email, and your message when you contact us
  • Account credentials — if you register for a GrozServices account
  • Payment information — processed securely by our payment provider (we do not store full card details)

Information collected automatically:

  • Usage data — pages visited, time spent, links clicked
  • Technical data — IP address, browser type and version, device type, operating system
  • Cookie data — see our Cookie Policy section below

3. How We Use Your Personal Data

We use your personal data only where we have a lawful basis to do so. The UK GDPR allows us to process personal data under the following bases:

  • Contract performance: To deliver services you have purchased or requested
  • Legitimate interests: To improve our website, respond to enquiries, and ensure security
  • Consent: To send you marketing emails and newsletters (you can withdraw consent at any time)
  • Legal obligation: To comply with laws and regulations applicable to our business

4. Marketing Communications

If you subscribe to our newsletter or opt in to marketing, we may send you updates about our services, business news, and events. You can unsubscribe at any time by clicking the unsubscribe link in any email or contacting us at contact@grozservices.com.

We will never sell your personal data to third parties for their marketing purposes.

5. Cookies

Our website uses cookies to enhance your experience. Cookies are small text files stored on your device. We use:

  • Essential cookies: Required for the website to function (e.g., session management, cart functionality). These cannot be disabled.
  • Analytics cookies: Help us understand how visitors use our site (e.g., pages visited, time on site). We use these only with your consent.
  • Functional cookies: Remember your preferences such as language settings.
  • Third-party cookies: Set by services such as Squarespace and any embedded social media content.

You can manage your cookie preferences via our Cookie Consent banner when you first visit the site, or at any time through your browser settings.

6. Sharing Your Data

We may share your data with the following categories of third parties, but only where necessary:

  • Squarespace Inc. — our website platform provider (based in the USA; data transfer covered by Standard Contractual Clauses)
  • Payment processors — to process transactions securely
  • Email service providers — to send newsletters and communications
  • Legal authorities — if required by law, court order, or regulatory requirement

We require all third parties to respect the security of your data and treat it in accordance with applicable data protection law.

7. International Transfers

Some of our service providers (including Squarespace) are based outside the UK/EEA. Where we transfer your data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO).

8. Data Retention

  • Newsletter subscribers: Until you unsubscribe or request deletion
  • Customer account data: For the duration of your account plus 3 years
  • Contact form messages: Up to 2 years
  • Financial/transaction records: 7 years (legal requirement)

9. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of access — to receive a copy of the personal data we hold about you
  • Right to rectification — to correct inaccurate or incomplete data
  • Right to erasure — to request deletion of your data ("right to be forgotten")
  • Right to restriction — to limit how we process your data in certain circumstances
  • Right to data portability — to receive your data in a structured, machine-readable format
  • Right to object — to object to processing based on legitimate interests or direct marketing
  • Rights related to automated decision-making — we do not use automated decision-making or profiling

To exercise any of these rights, email us at contact@grozservices.com. We will respond within 30 days.

10. Security

We take appropriate technical and organisational measures to protect your personal data from unauthorised access, loss, or misuse. Our website is served over HTTPS and we use secure, reputable third-party platforms. However, no internet transmission is 100% secure, and we cannot guarantee absolute security.

11. Complaints

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the UK's supervisory authority:

Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113

We would, however, appreciate the opportunity to address your concerns before you contact the ICO — please reach out to us first.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any significant changes will be communicated via email (to subscribers) or a notice on our website. The "Last updated" date at the top of this page will always reflect the most recent version.

Questions about your privacy?

We're happy to help and will respond within 30 days.

contact@grozservices.com