Privacy Policy
Introduction
Ronyauq Brand Atelier is the data controller of your personal information. This policy sets out what data we collect, how we process it, and the rights you have under UK GDPR and the Data Protection Act 2018.
If you have any questions about this Privacy Policy or how we handle your information, please see our contact details at the end of this page.
Who does this Policy apply to?
This policy applies to anyone who:
-
Visits our website
-
Provides their personal details when enquiring about or purchasing our services
-
Engages with us at events, online, or through other channels
Personal data we process
Depending on how you interact with us, we may collect and process information such as:
-
Name and contact details (address, phone number, email address)
-
Professional details (your role, company, or area of expertise)
-
Demographic details (e.g. age, gender, interests you share with us)
-
Payment details for purchases or bookings
-
Information about your engagement with our services (such as website activity, project involvement, or event attendance)
We may also process “special category data” if you choose to share it with us. This could include details about health, cultural or religious beliefs, or any other information you disclose that falls under sensitive data.
How we obtain your personal data
We collect data in two ways:
-
Directly from you: for example, when you complete forms, contact us, book a service, or sign up to updates.
-
Automatically: when you browse our website, through cookies or similar technologies (see our Cookie Policy below.
How we use your personal data
We use personal information to:
-
Deliver and manage the services you’ve requested
-
Communicate with you about updates, opportunities, or changes relevant to our work together
-
Handle payments and maintain records for accounting and tax purposes
-
Improve our website and services through analytics and research
-
Carry out operational administration (such as scheduling, project planning, or event coordination)
Legal Bases for processing
Under UK GDPR, we process your personal data on the following grounds:
-
Legitimate Interests
To run our business effectively while respecting your rights. Examples:-
Creating and maintaining your client record
-
Tracking engagement with services or events
-
Providing support or resources you’ve asked for
-
-
Consent
Where you have given us clear permission. For example:-
Opting into receiving newsletters or promotional updates
-
-
Contractual Necessity
When we need to fulfil a contract with you. Examples:-
Processing payments
-
Delivering agreed services
-
Informing you of essential changes
-
-
Legal Obligation
Where we are required to comply with the law. Examples:-
Record-keeping for tax and audit purposes
-
Fraud prevention
-
Protecting the rights of individuals, including children and vulnerable people
-
Information about children
Our services are designed for professionals and businesses. Where children’s data is relevant (e.g. in brand projects that involve family content), we will always request parental or guardian consent before processing.
Sharing your personal data
We respect your privacy and only share data when necessary. This may include:
-
Service providers: e.g. payment processors, IT support, or software platforms used to run our website and operations
-
Analytics providers: who help us understand how our site is used so we can improve it
-
Legal obligations: sharing with regulators, law enforcement, or other authorities if required
We never sell your personal information to third parties.
How we store your data
We take data security seriously. Measures include:
-
Encryption and secure servers
-
Restricted access protocols
-
Contracts with all third-party providers requiring them to protect your information to the same standard we do
All data is stored within the UK or EEA unless explicitly stated otherwise.
Retention of information
We keep your data only for as long as it serves the purpose it was collected for. In practice, this usually means:
-
For the duration of our working relationship, plus a period of up to 7 years to meet legal or contractual obligations.
-
For marketing communications, until you unsubscribe or request deletion.
Please scroll down for our Data Retention Policy.
Your Rights
You have rights under data protection law, including the right to:
-
Be informed about how your data is used (this policy provides that)
-
Access the personal data we hold on you
-
Rectify inaccuracies or complete incomplete information
-
Erase your data in certain circumstances (“the right to be forgotten”)
-
Restrict processing of your data in specific cases
-
Data portability – request your data in a structured format
-
Object to processing, including for marketing purposes
-
Withdraw consent at any time, where consent is the basis for processing
We do not use automated decision-making in our business.
Exercising these rights is free of charge. If you make a request, we will respond within one month.
Summary
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. If you’d like to exercise your rights or have any questions about this Privacy Policy, please contact us via enquiries@ronyauqbrandatelier.com
DATA RETENTION POLICY
Introduction
At Ronyauq Brand Atelier, we value not only the brands we build but also the trust you place in us. Protecting your personal data is part of that promise. In line with UK GDPR and the Data Protection Act 2018, this Data Retention Policy explains how we handle, store, and eventually delete personal information collected through our website. It applies to all who engage with us online, whether as visitors, clients, collaborators, or community members.
Principles of Data Retention
Our approach to data retention is guided by the following principles:
-
Lawfulness, Fairness & Transparency: Your data is treated with respect, integrity, and clarity.
-
Purpose Limitation: Information is only held for specific, legitimate reasons.
-
Data Minimisation: We collect and keep only what’s truly necessary.
-
Accuracy: We aim to ensure data is relevant and up to date.
-
Storage Limitation: Data is kept no longer than needed.
-
Security: Your information is safeguarded against misuse or unauthorised access.
How long do we keep your personal data?
We retain personal data for as long as it supports the services we provide — and for a reasonable period afterwards to meet any contractual, legal, or operational needs.
Once that time has passed, data is securely deleted or anonymised (for example, combined with other information for non-identifiable statistical insights).
Retention decisions are based on:
-
The potential value of information for record-keeping or analysis
-
Guidance from the Information Commissioner’s Office (ICO) or the National Archives
-
Legal or regulatory requirements
We also put in place organisational and technical safeguards to protect your data throughout its lifecycle.
The purposes, lawful bases and retention periods
Contact Information
-
Purpose: Responding to enquiries made via our website, social channels, or other touchpoints
-
Legal basis: Legitimate interest
-
Data collected: Name, enquiry details
-
Retention: 3 years after last meaningful contact
Interested Parties
-
Purpose: Sharing relevant updates, opportunities, or event details
-
Legal basis: Legitimate interest or consent (for promotional use)
-
Data collected: Name
-
Retention: While active; otherwise 3 years after last contact
-
Opt-out: You can email us or raise a support ticket at any time
Membership Registrations and Database
-
Purpose: Managing registrations and maintaining records
-
Legal basis: Legitimate interest
-
Data collected: Name, contact details, relevant personal information
-
Retention: While membership is active, plus 6 years afterwards
Browsing Data
Cookies are used (with your consent) to improve your experience of our site.
See our Cookie Policy below for details.
Legal bases for Retention
We retain data under the following grounds:
-
Consent: Where you’ve given us explicit permission
-
Contractual Obligations: To fulfil agreements with you
-
Legal Obligations: To comply with regulations
-
Legitimate Interests: For smooth internal operations and security
Your Rights
Under UK GDPR, you have the right to:
-
Access the data we hold about you
-
Correct anything inaccurate or outdated
-
Request deletion (“the right to be forgotten”)
-
Object to certain types of processing
To exercise these rights, simply email us.
Data Deletion and Disposal
When data is no longer required or if you request its removal we ensure it is securely deleted or anonymised so that it cannot be traced back to you.
Security Measures
At Ronyauq Brand Atelier, safeguarding your information is as important as safeguarding your brand. We use industry-standard protections including encryption, secure access protocols, and firewalls to keep your data safe.
COOKIE POLICY
Introduction
Like most websites, we use cookies to keep things running smoothly and to make your browsing experience better. Cookies are tiny text files stored in your browser. They remember your preferences, keep the site secure, and help us understand how people use our website.
By continuing to browse, you agree to us placing cookies on your device. You can manage or update your preferences anytime through our Cookie Settings.
What are cookies?
Cookies are small but mighty. They:
-
Keep the site secure and working properly
-
Remember your choices and preferences
-
Improve speed and performance
-
Give us insights into how visitors use our site
Cookies can be:
-
First-party (set by us directly), or
-
Third-party (set by trusted tools we integrate, like analytics or social media embeds).
The cookies we use
Essential Cookies
These are the non-negotiables—without them, the website won’t function properly. They don’t track personal data and don’t require your consent.
-
XSRF-TOKEN – protects against cross-site request forgery (deleted when you close your browser)
-
hs – ensures secure browsing (deleted when you close your browser)
-
svSession – tracks user sessions (2 years)
-
SSR-caching – indicates how the site was rendered (1 minute)
-
TS* – security cookies for attack detection (deleted when you close your browser)
-
fedops.logger.sessionId – tracks session errors/issues for site resilience (12 months)
-
server-session-bind / client-session-bind – protect APIs (deleted when you close your browser)
Analytics & Performance Cookies
These help us understand how the site is performing so we can keep improving it.
-
_wixCIDX – monitors system performance (3 months)
-
_wix_browser_sess – tracks session data (deleted when you close your browser)
-
consent-policy – remembers your cookie preferences (12 months)
Functional Cookies
These make your experience more seamless—for example, remembering if you’re logged in.
-
smSession – identifies logged-in site members (deleted when you close your browser)
-
bSession – tracks system effectiveness and debugging (30 minutes)
Third-Party Cookies
Some features on our site (like embedded videos, analytics tools, or social sharing options) may use third-party cookies. These are set by the service provider, not us, and may affect how those features work if disabled.
Examples include:
-
Google / YouTube (for video embeds or analytics)
Click Here
-
Facebook / Instagram (for social media sharing or integrations)
Click Here
If we add or remove third-party integrations in the future, the cookies may change accordingly.
Managing your preferences
When you first visit our site, you’ll see a cookie banner with options to:
a) Accept all cookies
b) Reject non-essential cookies
c) Customise your preferences
You can update your choices anytime by clicking Cookie Settings in the footer.
You can also manage Cookies through your browser settings:
-
Google Chrome:
Click Here
-
Mozilla Firefox:
Click Here
-
Safari:
Click Here