Privacy Policy

How we collect, store and use your personal data

Privacy Policy

This policy details how we collect, use, store, transfer and process personal data during communications, website visits and established trading relationships (both during and afterwards).

It also explains what rights you have in relation to how we process your personal data. It is important you read this notice, together with any additional privacy notice we provide during our trading relationship, so you are aware of how and why we are processing your personal data.

This notice may be updated at any time.

How we collect your personal data.

Whenever you contact us, via email, an online form or other means we will obtain personal data about you such as your name, address, email address. We may also obtain sensitive personal data about you if you volunteer it in the communication. If you do volunteer such information, you will be consenting to our processing it for the purpose of dealing with your enquiry/request.

We may monitor your usage of our website. This may include monitoring how many times you visit, which pages you go to, traffic data, location data and the originating domain name of a user’s internet service provider. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.

Personal data use.

We use your personal data for the following purposes:

  • To maintain our own accounts and records;
  • To process payments;
  • To respond to direct enquiries from the individual;
  • To inform customers of technical issues that may arise with the specific product/service we supply;
  • To discuss product/service performance;
  • To help provide the contracted service/product.
  • We may share your personal data with contractors/suppliers/other 3rd parties if it is explicitly required to enable us to complete the contracted service/product

We do not engage in mass marketing or compile/store/use mailing lists of any kind.

We do not sell or pass on your personal data to 3rd party marketing companies.

Legal basis for processing your personal data.

Personal data (article 6 of GDPR).

Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

Disclosure of your personal data

Your personal data will be treated as strictly confidential and will be shared only with employees working on your account or dealing with your enquiry. We may however in the process of fulfilling our service to you, or if legally required to do so, disclose your personal data to:

  • Our agents and service providers (eg web hosts, accountants, contractors, suppliers).
  • Law enforcement agencies in connection with any investigation to help prevent unlawful activity.

Automated decision making

We do not use any automated decision making software/processes in our business.

Data security

We aim to best safeguard your personal data through the technical and organisational processes and systems we have in place, for example:

  • Personal data is stored on secure servers.
  • Local machines are password protected.
  • Online forms are transmitted over SSL.
  • We use 3rd party servers/storage/providers who (to the best of our knowledge) conform to the GDPR.
  • Accounts Data transmitted to our Accountants is done so via a secure portal.

Internet use however is not entirely secure and you acknowledge that we cannot guarantee the security or integrity of any personal data which is transferred to or from you via the internet.

How long do we keep your personal data

Your data will be held for a maximum of 5 years after our service/product delivery has been completed.

All invoicing information is saved for a period of 7 years (to comply with the length of an HMRC investigation period).

Your rights

You have the following rights with respect to your personal data (subject to any exemptions):

  • The right to request a copy of the personal data we hold about you;
  • The right to request we correct any inaccurate or out of date personal data;
  • The right to request your personal data is deleted when we no longer need to retain it;
  • The right to request we provide you with your personal data or transmit it directly to another;
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
  • The right to object to the processing of personal data;

Transfer of data abroad

We use Google Cloud Services for email and some file storage. Google’s certification under the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks includes G Suite and Google Cloud Platform. Google have also gained confirmation of compliance from European Data Protection Authorities for their model contract clauses, affirming that the current contractual commitments for G Suite and Google Cloud Platform fully meet the requirements under the Data Protection Directive to legally frame transfers of personal data from the EU to the rest of the world.

Employees of Big Bang Creative Ltd with access to Google Cloud are required to use 2 Step Verification to login and access their account.

Changes to this privacy notice

Any future changes made to our privacy notice will be posted on this page. Where appropriate/necessary we may also notify you by e-mail of such changes.

Getting in touch

If you have any questions, comments or requests regarding this privacy policy please contact Pete Morton on

Making a complaint

You have the right to make a complaint. To exercise this right, or to voice any queries or concerns you may have please contact Pete Morton on

If your complaint cannot be resolved to your satisfaction, you have the right to lodge it more formally with the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England. Tel: 0303 123 1113.

Further contact options can be found at