Scriptoria Privacy Policy

1. Who we are

Scriptoria is committed to protecting personal data and respecting privacy.

For the purposes of UK data protection legislation, Scriptoria is the data controller.

Legal entity: Scriptoria
Registered address: 1 The Hayloft, 17A Seely Road, London, SW17 9QP
ICO registration number: ZB009924
Contact email: enquiries@scriptoria.co.uk

Scriptoria is registered with the UK Information Commissioner’s Office (ICO).

2. What this notice covers

This notice explains, at a high level, how Scriptoria collects and uses personal data relating to individuals who interact with us in the course of our work. This includes, as relevant:

• clients and prospective clients;
• website visitors;
• mailing list subscribers;
• suppliers and professional contacts; and
• individuals who communicate with us in a professional capacity.

This notice applies to the Scriptoria websites, including scriptoria.co.uk and scriptoria-pmc.co.uk.

Some activities or engagements may be supported by additional privacy information where appropriate.

3. What data do we collect

Depending on the nature of the interaction, we may process personal data such as:

• names, job titles, and organisational details;
• business contact information;
• professional correspondence and communications;
• information provided in the course of meetings, proposals, or contractual engagements; and
• website usage data collected through cookies and similar technologies.

We do not normally process special category personal data via our websites.

4. Why do we collect this data

We process personal data for the following purposes:

• to provide and manage our services;
• to communicate with clients, prospective clients, and professional contacts;
• to administer marketing communications where consent has been provided;
• to manage business and contractual relationships; and
• to operate, secure, and improve our websites and digital services.

5. The lawful basis under which we process your data

We process personal data on one or more of the following lawful bases under UK GDPR:

• Consent – for example, where individuals opt in to receive marketing communications;
• Contract – where processing is necessary for the performance of a contract or to take steps prior to entering into a contract;
• Legitimate interests – including managing client and professional relationships, operating and improving our services, ensuring network and information security, and developing our business, provided such interests are not overridden by individual rights; and
• Legal obligation – where processing is required to comply with applicable law.

6. Providing personal data

Providing certain personal data is necessary to enable us to enter into contracts and provide services. If such data is not provided, we may be unable to provide those services or respond to enquiries.

7. Data sharing and international transfers

We may share personal data with organisations we work with where this is necessary to fulfil our contractual, professional, or legal obligations, or to support the delivery of our services.

This includes service providers and professional advisers who support our IT systems, communications, marketing, analytics, and website security. These organisations act on our instructions and are subject to contractual data protection obligations.

Some organisations may process personal data outside the United Kingdom. Where this occurs, appropriate safeguards are implemented in accordance with UK data protection legislation.

8. Data retention

Personal data is retained only for as long as necessary for the purposes for which it is processed.

Client and contractual data is typically retained for up to seven years following the end of the relationship for legal, regulatory, and accounting purposes. Marketing data is retained until consent is withdrawn or an individual unsubscribes. Website usage data is retained in accordance with cookie settings and provider retention periods.

9. Automated decision-making

We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals.

10. Your rights

Individuals have rights under UK data protection law, including the right to be informed about how their personal data is used, the right to access, rectify, erase, restrict or object to the processing of their personal data, the right to data portability in certain circumstances, and the right to withdraw consent at any time.

These rights are not absolute and may be subject to certain legal limitations, depending on the nature of the processing and the lawful basis relied upon.

Individuals also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).

To exercise any of these rights, please contact us using the details set out in Section 12.

11. Our data protection policy

Scriptoria maintains a detailed Data Protection Policy which sets out how we comply with UK data protection legislation, including governance arrangements, data subject rights, security measures, and internal procedures.

This privacy notice is intended to provide a concise overview for external audiences. The full Data Protection Policy is available HERE.

12. Contact

If you have any questions about this notice or how personal data is processed, please contact:
enquiries@scriptoria.co.uk

Cookie Policy

Use of cookies

The Scriptoria websites use cookies and similar technologies. Some cookies are strictly necessary for the operation of the websites, while others are non-essential and are used for analytics, marketing, and website security.

Non-essential cookies are blocked by default and are set only after you provide consent via our cookie banner. You can manage or withdraw your consent at any time using our cookie settings link.

Cookies used on our websites may process pseudonymous personal data, such as IP addresses and online identifiers.

Types of cookies used

Analytics cookies

These cookies help us understand how visitors use our websites so we can improve performance and user experience. Analytics cookies are used across both the main Scriptoria website and the PMC microsite.

• _ga (Google Analytics) – distinguishes users and analyses site usage; expires after up to 2 years.
• _ga_* (Google Analytics) – stores session state and interaction data for a specific Google Analytics property; expires after up to 2 years.

Marketing and tracking cookies

These cookies may be used to support marketing activities, measure advertising effectiveness, and identify business visitors. Marketing and tracking cookies are only set where relevant services are active and consent has been provided.

• test_cookie (Google DoubleClick) – tests whether cookies can be set by the browser; expires after 1 day.
• IDE (Google DoubleClick) – delivers and measures advertising across websites; expires after approximately 13 months.
• bcookie (LinkedIn) – enables LinkedIn features and advertising tracking; expires after 1 year.
• li_gc (LinkedIn) – stores consent preferences; expires after 6 months.
• lidc (LinkedIn) – manages data centre routing; expires after 1 day.
• Apollo.io cookie – identifies business visitors and supports B2B lead enrichment using pseudonymous data such as IP address and page views. For more information, including duration, please visit Apollo.io’s Privacy Policy.

Security cookies

Security cookies are used on parts of our websites where protective measures are enabled, such as forms on the PMC microsite. These cookies help protect our websites from spam and misuse.

• _GRECAPTCHA (Google reCAPTCHA) – used to distinguish humans from bots and protect forms from abuse.

Third-party cookies and international transfers

Many of the cookies used on our websites are set by third-party providers, including Google, LinkedIn, and Apollo.io. These providers may process data outside the United Kingdom.

Where this occurs, international transfers are safeguarded using UK adequacy regulations or appropriate contractual safeguards, such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses.

Managing cookies

You can:

• accept or reject non-essential cookies via our cookie banner;
• change your preferences at any time using our cookie settings link; or
• disable cookies through your browser settings (note that this may affect website functionality).

Disabling cookies via browser settings does not prevent the use of cookies already set through our consent mechanism.

For more information about Google’s data practices, see:
https://www.google.com/policies/privacy/partners/

To opt out of Google Analytics, you can use Google’s browser add-on:
https://tools.google.com/dlpage/gaoptout

Please note that both the main Scriptoria website (scriptoria.co.uk) and our PMC microsite (scriptoria-pmc.co.uk) share this privacy policy and cookie notice. While the sites may use different cookies depending on the services and functionality in use (for example, reCAPTCHA and Apollo.io cookies on the PMC microsite), all cookies set by either site are governed by the policy outlined here.