Effective Date: 22nd July 2025
Next Review Date: July 2026

1. Introduction

Carrot Top Marketing (“we”, “us”, or “our”) is committed to protecting the privacy and security of your personal data. This GDPR Policy outlines how we collect, use, store, and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR).

2. Data Controller

Carrot Top Marketing is the data controller responsible for your personal data. If you have any questions about this policy or how we handle your data, please contact us at:

Carrot Top Marketing
6 Cadnam Road
Southsea
PO4 9JT
Email: hello@carrottopmarketing.co.uk

3. Data We Collect

We may collect, use, store, and transfer different categories of personal data, including

3.1 Identity Data

3.2 Contact Data

3.3 Financial Data

3.4 Transaction Data

3.5 Technical Data

3.6 Profile Data

3.7 Usage Data

3.8 Marketing and Communications Data

3.9 Special Categories of Personal Data

We do not intentionally collect special categories of personal data (e.g. racial or ethnic origin, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, health data, or biometric data). If you voluntarily provide such data, we will only process it with your explicit consent or where legally permitted.

4. How We Collect Your Personal Data

We collect personal data using the following methods

4.1 Direct Interactions

You may provide personal data by filling out forms or communicating with us via email, phone, or post.

4.2 Automated Technologies

When you interact with our website, we may automatically collect technical data using cookies, server logs, and similar technologies.

4.3 Third Parties and Public Sources

We may receive personal data from third-party providers (e.g., analytics services) and publicly available sources.

5. How We Use Your Personal Data

We only use your personal data where the law allows. The lawful bases we rely on include:

5.1 Purposes for Which We Use Your Data

We use your data to:

6. Sharing Your Personal Data

We may share your data with trusted third parties, including:

We require all third parties to respect the confidentiality of your personal data and comply with applicable data protection laws.

7. Data Security

We have implemented appropriate technical and organisational measures to prevent your personal data from being accidentally lost, used, accessed, or disclosed in an unauthorised way.

8. Data Retention

We retain your personal data only as long as necessary for the purposes for which it was collected, including legal and accounting requirements. Typically, we keep client records for up to six (6) years after the conclusion of a business relationship.

9. Your Legal Rights

Under UK GDPR, you have the following rights:

To exercise these rights, contact us at hello@carrottopmarketing.co.uk

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
https://www.ico.org.uk