Privacy Policy

Last updated: 9 April 2026

Introduction

twinkle-shore Ltd ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, store, and protect information you provide when using our website or engaging our services.

Information We Collect

We may collect and process the following categories of personal data:

Information You Provide Directly

When you contact us for enquiries or services, we collect information such as your name, email address, postal address, project details, and any other information you choose to share in your communications with us.

Information Collected Automatically

When you visit our website, we automatically collect certain technical information including your IP address, browser type, device information, pages visited, time spent on pages, and referring website addresses. This helps us understand how visitors use our site and improve user experience.

Cookies and Similar Technologies

Our website uses cookies to enhance functionality and analyse site usage. You can control cookie preferences through the cookie banner displayed on your first visit. For detailed information about our cookie practices, please see our Cookies Policy.

How We Use Your Information

We use collected information for the following purposes:

  • Responding to your enquiries and providing requested information about our services
  • Managing and delivering projects you engage us to complete
  • Processing payments and maintaining financial records
  • Communicating with you about ongoing projects or service-related matters
  • Improving our website functionality and user experience
  • Analysing website traffic and usage patterns
  • Complying with legal obligations and protecting our legal rights
  • Preventing fraud and ensuring website security

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to fulfil our contractual obligations when you engage our services
  • Legitimate Interests: Processing for business purposes such as improving our services, maintaining security, and communicating about relevant matters
  • Consent: Where you have explicitly agreed to specific processing activities, such as marketing communications
  • Legal Compliance: Processing required to meet regulatory obligations, tax requirements, or legal requests

Data Sharing and Disclosure

We do not sell or rent your personal information to third parties. We may share data with the following categories of recipients:

Service Providers

We engage trusted third-party service providers who assist with business operations, such as accounting services, website hosting, email delivery, and project management tools. These providers access personal data only as necessary to perform their functions and are contractually obligated to protect your information.

Professional Advisers

We may share information with solicitors, accountants, insurance providers, and other professional advisers when necessary for legal, financial, or business purposes.

Legal Requirements

We may disclose personal data if required by law, court order, or regulatory request, or to protect our rights, property, or safety, or that of others.

Business Transfers

In the event of a business sale, merger, or acquisition, personal data may be transferred to the new entity, subject to the same privacy protections outlined in this policy.

Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy or as required by law. Specific retention periods vary depending on data type:

  • Enquiry information from non-clients is typically retained for two years
  • Client project data and contracts are retained for seven years following project completion to meet legal and warranty obligations
  • Financial records are retained according to tax and accounting requirements
  • Website analytics data is retained for three years

After retention periods expire, we securely delete or anonymise personal data.

Your Rights

Under data protection law, you have several rights regarding your personal information:

  • Right to Access: Request confirmation of what personal data we hold about you and obtain a copy
  • Right to Rectification: Request correction of inaccurate or incomplete personal data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restriction: Request that we limit processing of your personal data in specific situations
  • Right to Data Portability: Receive your personal data in a structured, commonly used format or request transfer to another controller
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes
  • Right to Withdraw Consent: Withdraw previously given consent for specific processing activities

To exercise any of these rights, please contact us using the details provided at the end of this policy. We will respond to requests within one month, though complex requests may require additional time.

Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, secure server hosting, access controls, regular security assessments, and staff training on data protection practices.

While we take security seriously, no method of transmission or storage is completely secure. We cannot guarantee absolute security but continuously work to maintain robust protections.

International Data Transfers

Our operations are primarily based in the United Kingdom. If we transfer personal data outside the UK or European Economic Area, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions, to protect your information.

Children's Privacy

Our services are not directed at individuals under sixteen years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us immediately so we can delete it.

Third-Party Websites

Our website may contain links to external websites operated by third parties. We are not responsible for the privacy practices or content of these sites. We encourage you to review the privacy policies of any third-party websites you visit.

Changes to This Policy

We may update this privacy policy periodically to reflect changes in our practices, legal requirements, or business operations. Significant changes will be communicated through a prominent notice on our website. The "Last updated" date at the top of this policy indicates when the most recent revisions were made.

Contact Us

If you have questions about this privacy policy, wish to exercise your data rights, or have concerns about how we handle personal information, please contact us:

Email: [email protected]
Postal Address: twinkle-shore Ltd, 42 Westfield Avenue, Bristol BS6 5NW, United Kingdom

Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection matters, if you believe your personal data has been mishandled.

ICO Contact:
Website: ico.org.uk
Telephone: 0303 123 1113