Kretivz Creative & Digital LLC ("Kretivz", "we", "us") respects your privacy. This Policy explains what personal data we collect, how we use it, who we share it with and the choices you have.
1. Scope of this policy
This policy applies to our public websites, sales and marketing activities, and to the Services delivered under a Statement of Work, unless a separate Data Processing Agreement ("DPA") with the Client governs processing.
2. Data we collect
2.1 Information you provide
Includes name, business email, phone number, company, role and any project details you submit through forms or proposals.
2.2 Information collected automatically
Includes IP address, device and browser metadata, referring URL, pages visited, timestamps, and approximate location derived from IP.
2.3 Information from third parties
Where lawful, we may receive enrichment data (e.g. Clearbit, LinkedIn Sales) limited to business contact details and firmographic context.
3. How we use data
- To respond to enquiries, scope projects and deliver Services.
- To send relevant business communications, including newsletter content you have opted in to.
- To improve our websites, products and creative recommendation systems (in aggregated, de-identified form).
- To comply with legal obligations and protect against fraud or misuse.
4. Legal bases (EEA/UK)
We process personal data on the bases of (a) contract (to deliver Services); (b) legitimate interest (to run and grow our business, secured by appropriate balancing tests); (c) consent (for non-essential cookies and marketing emails); and (d) legal obligation.
5. Sharing & subprocessors
We share personal data only with vetted subprocessors who support our infrastructure (cloud hosting, analytics, CRM, accounting). A current list of subprocessors is available on request to privacy@kretivz.com.
6. International transfers
Where personal data is transferred outside the EEA or UK, we use approved safeguards such as Standard Contractual Clauses and supplementary technical and organisational measures.
7. Retention
We retain personal data only as long as necessary for the purposes set out in this policy and to comply with legal obligations. Sales lead data is reviewed every 24 months; project records are retained for 7 years post-engagement for tax and audit purposes.
8. Your rights
Subject to applicable law, you have the right to (i) access, (ii) rectification, (iii) erasure, (iv) restriction, (v) data portability, (vi) objection, and (vii) lodging a complaint with a supervisory authority. To exercise your rights, contact privacy@kretivz.com.
9. Cookies
We use strictly necessary cookies to operate the site and, with your consent, analytics cookies (Plausible / GA4) to understand how visitors interact with our content. You can manage preferences at any time via the cookie banner.
10. Security
Kretivz maintains a documented information security programme aligned with SOC 2 Type II controls, including encryption in transit and at rest, role-based access, vendor due diligence, vulnerability management and incident response with defined RTOs and RPOs.
11. Children
Our Services are intended for business use and are not directed at children under 16. We do not knowingly collect personal data from children. If we become aware that we have, we will delete it promptly.
12. Contact our DPO
Our Data Protection Officer can be reached at dpo@kretivz.com or by post to Kretivz Creative & Digital LLC, 18 Hatton Gardens, London EC1N 8AT, United Kingdom.