Privacy Policy

How we collect, use and protect personal data

Last updated: 28 April 2026

1. Introduction

EEW Design Limited (“EEW Design”, “we”, “us”) respects privacy and is committed to protecting personal data. This Privacy Policy explains how we collect, use, store and share personal data in connection with our website, client relationships, supplier relationships and creative services.

This policy is intended to comply with applicable UK data-protection law, including the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018 where relevant.

2. Who we are

EEW Design Limited is the controller of personal data processed for our own business purposes, such as managing client relationships, supplier relationships, enquiries, marketing and website administration.

For some client projects, we may process personal data on a client’s behalf as a processor. Where that applies, the relevant client agreement, project terms or data-processing terms will govern that processing.

Contact details:
EEW Design Limited
1 Hill Crescent, Surbiton, Surrey, KT5 8DP, England
policy@eew-design.com

3. Personal data we may collect

Depending on how you interact with us, we may collect:

  • name, job title and organisation;

  • business email address, phone number and postal address;

  • enquiry details and project information;

  • billing, payment and accounting information;

  • correspondence and meeting notes;

  • feedback, approvals and project instructions;

  • website usage information, such as IP address, device information, browser type and analytics data where cookies or similar technologies are used;

  • social media profile information if you contact us through social platforms; and

  • personal data included in content, files or materials supplied for a client project.

We do not intentionally collect special-category personal data unless it is necessary for a specific project or provided to us by a client or contact. If special-category data is supplied, it should only be provided where there is a lawful basis and clear purpose.

4. How we collect personal data

We may collect personal data when:

  • you contact us through our website, email, phone or social media;

  • you request a proposal, estimate or service;

  • you provide project materials, copy, images, video, documents or data;

  • we communicate with you during a project;

  • you supply services to us;

  • you visit our website; or

  • a client, colleague, supplier or other contact provides your details for legitimate business purposes.

5. How we use personal data

We use personal data to:

  • respond to enquiries;

  • prepare proposals, estimates and project plans;

  • provide creative, digital, video, print-management and related services;

  • manage client and supplier relationships;

  • communicate about projects, approvals, revisions and deadlines;

  • issue invoices, process payments and maintain accounting records;

  • manage legal, compliance, insurance and business-administration obligations;

  • protect our rights, property, systems and confidential information;

  • improve our website, services and communications; and

  • send business updates or marketing communications where permitted by law.

6. Lawful bases for processing

We rely on one or more of the following lawful bases:

  • Contract: where processing is necessary to provide services, manage a project, issue invoices or deal with suppliers.

  • Legitimate interests: where processing is necessary for normal business administration, client relationship management, service improvement, security or direct business-to-business communication, provided those interests are not overridden by individual rights.

  • Legal obligation: where processing is necessary to comply with tax, accounting, regulatory or legal obligations.

  • Consent: where we rely on consent for specific activities, such as certain marketing communications or non-essential cookies.

  • Vital interests or public task: these are unlikely to apply to our normal business but may apply in exceptional circumstances.

7. Client project materials

Clients may provide personal data within documents, images, videos, presentations, reports or other project materials. The client is responsible for ensuring that it has a lawful basis to provide that personal data to EEW Design and that any necessary notices or permissions have been obtained.

EEW Design will use client project materials only for the agreed project purpose, unless otherwise authorised or required by law.

8. Sharing personal data

We may share personal data with:

  • freelancers, contractors or suppliers assisting with a project;

  • print, production, hosting, software, video, cloud-storage or communications providers;

  • professional advisers, including accountants, insurers and legal advisers;

  • payment and banking providers;

  • regulators, courts, law-enforcement bodies or public authorities where required; and

  • a purchaser or successor if our business or assets are restructured or transferred.

We only share personal data where there is a legitimate business need, lawful basis or legal requirement, and we expect recipients to protect it appropriately.

Where AI-assisted tools are used in connection with our work, we take proportionate steps to avoid entering personal data, confidential client information or sensitive project materials into public AI tools unless there is a lawful basis, client authorisation or appropriate safeguards in place.

9. International transfers

Some software, cloud, communications or hosting providers may process personal data outside the UK. Where this occurs, we seek to use providers that rely on recognised transfer mechanisms or safeguards, such as adequacy regulations, standard contractual clauses or equivalent protections where required.

10. Data security

We use proportionate technical and organisational measures to protect personal data, including:

  • access controls and password protection;

  • secure cloud-based storage and collaboration tools;

  • device security measures;

  • limited access to client files on a need-to-know basis;

  • confidentiality expectations for suppliers and contractors; and

  • review of data and access arrangements where appropriate.

No system is completely secure, but we take reasonable steps to reduce the risk of unauthorised access, loss, misuse or disclosure.

11. Data retention

We keep personal data only for as long as reasonably necessary for the purpose for which it was collected, including legal, accounting, tax, contractual and business-record purposes.

Typical retention periods may include:

  • enquiry records: for a reasonable period after the enquiry is resolved;

  • client and project records: for the duration of the relationship and then for a reasonable period for legal, tax and audit purposes;

  • accounting and tax records: generally for at least six years where required;

  • final project files and deliverables: for a reasonable archive period unless otherwise agreed; and

  • marketing contacts: until you unsubscribe or object, subject to periodic review.

Specific retention periods may vary depending on the project, client requirements and legal obligations.

12. Your data-protection rights

Depending on the circumstances, you may have rights to:

  • access your personal data;

  • correct inaccurate personal data;

  • request deletion of personal data;

  • restrict processing;

  • object to processing;

  • request data portability;

  • withdraw consent where processing is based on consent; and

  • complain to the Information Commissioner’s Office (“ICO”).

These rights are subject to legal limits and may not apply in every case.

13. Marketing communications

We may send occasional business-to-business communications about our services where permitted by law and where we believe they may be relevant. You can opt out of marketing communications at any time by contacting us or using any unsubscribe link provided.

We will not sell personal data to third parties for marketing purposes.

14. Cookies and website analytics

Our website may use cookies or similar technologies to operate the site, understand website usage and improve user experience. Where required, we will ask for consent before setting non-essential cookies.

A separate Cookie Policy may be provided where additional detail is required.

15. Data breaches

If we become aware of a personal-data breach, we will assess the risk and take appropriate steps to contain and investigate it. Where required by law, we will notify the ICO and affected individuals within the applicable timescales.

16. Changes to this policy

We may update this Privacy Policy from time to time. The most recent version will be available on our website.

17. Contact

Questions about this Privacy Policy or requests relating to personal data can be directed to:

Emile Wendling
Director, EEW Design Limited
policy@eew-design.com

You also have the right to complain to the Information Commissioner’s Office. Details are available at ico.org.uk.

Have a project in mind?

Whether it’s a webcast that needs editing, a deck that needs reshaping or a report that deserves better design, we can help you get it over the line.

Share a few details – or drop us a link to your existing content – and we’ll come back with a simple, no-obligation proposal.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Copyright ©2026 EEW Design Ltd. Independent creative studio for corporate and public-sector teams in South West London.