New site coming soon – visit existing website

Privacy Policy


Soap Creative Ltd is firmly committed to the privacy & security of our customers and the data which we store on your behalf. If you require additional information please send us an email about it. You can contact us at hello [at] soapagency [dot] co [dot] uk

Our privacy policy will identify how we use your personal data and how it is stored. Any information that identifies you like your name, contact details, photographs or any data that can be linked can be used to identify your identity.

Who are we?
Soap is an idea & creative agency. We believe you can be extraordinary.

Soap Creative Ltd
Adamson House,
Towers Business Park,
Didsbury, Manchester. M20 2YY

Overview
– What personal data do we collect?
– How do we use your personal data?
– What is the length of time we store your data?
– Who do we share your personal data with?
– What is the consequence of not receiving this information?
– Is your data used outside of the EEA?
– How do we use cookies?
– How does GDPR affect your personal data?
– What are your privacy rights?
– How do we contact each other?

What personal data do we collect?
When you become our customer we request the minimal level of data to be able to process your account (Company Name, Business Name, Operating Address, Company Registration Number). We also use cookies to understand how you utilise our website.
We don’t purchase, receive or sell any data from or to third parties.

How do we use your personal data?
We use your personal data to create your account within our company for creating records for billing & time logging. We may request access to username & passwords when we are requested to assist in systems outside of our own network.
We may from time-to-time send newsletters about our company and recent work.
We only do this with your explicit consent. We do not share or sell any data to third parties.

What is the length of time we store your data?
We don’t enforce any official expiry date on your personal data, however in the process & maintenance of our working client database we may delete any data that is no longer valid.
If you no longer wish us to store any data on your behalf please do contact us to discuss this.

Who do we share your personal data with?
We only share your personal data with directly affiliated partners (such as our hosting providers) to utilise their technology to deliver a better service to you.
In compliance with GDPR we only work with trusted third-parties who also comply fully with GDPR.

What is the consequence of not receiving this information?
If you wish us to not store any of this information we are more than happy to remove it.

Is your data used outside of the EEA?
None of your data is shared outside of the EEA without your consent or request.

How do we use cookies?
We may sometimes need to use cookies within your projects to understand how your customers interact with your website. This is purely used for an analysis aspect only.
No cookie information is used with third-party advertisers or trackers.

How does GDPR affect your personal data?
The General Data Protection Regulation (GDPR) law goes into effect on May 25, 2018. This will replace the EU Data Protection Directive and will apply a single data protection law throughout the EU.
Data protection laws govern the way that businesses collect, use and share your personal data. This requires businesses to process an individual’s personal data fairly and lawfully, allow individuals to exercise legal rights in respect of their personal data and ensure appropriate security protections are put in place to protect the personal data.
We have taken steps to ensure that we will be compliant with the GDPR by May 25, 2018.
When you use our products and services to process EU personal data, we act as a data processor. We store data that you have given us voluntarily.
To ensure full compliance our third-party partners each have provided a Data Processing Agreement, all of which can be read below.

Digital Ocean – https://www.digitalocean.com/security/gdpr/data-processing-agreement/
Heart Internet – https://www.heartinternet.uk/terms/heart-internet-privacy-statement
Google G-Suite – https://gsuite.google.com/terms/dpa_terms.html?_ga=2.2315632.-1759028154.1525339148
Google Analytics – https://privacy.google.com/businesses/compliance/
Mail Chimp – https://kb.mailchimp.com/accounts/management/about-the-general-data-protection-regulation
Campaign Monitor – https://www.campaignmonitor.com/policies/

What are your privacy rights?
By law, with regard to your personal information you have nine important rights:

1. Oppose to processing
You have the right to oppose certain types of processing & marketing.

2. To be informed
You have the right to request clear, transparent and understandable information about how we use your data.

3. Right of access
You have the right to request access to your information.

4. Right to rectification
You have the full right to request to correct your information if it’s inaccurate.

5. Right to erase
The ‘the right to be forgotten’ statement. This means we will delete all your data upon request.

6. Restrict processing
You can request that we restrict or block any further use of your data when being processed.

7. Data portability
You can move, transfer and copy your data easily from our systems to yours without any loss in usability.

8. Right to complain
You have the full right to lodge any complaints in regard to how we handle or process your data.

9. Withdraw consent
You have the right to withdraw your data at any time.

How do we contact each other?
We may contact you from time-to-time by telephone, email, social media and skype.