BoxBox Branding | Formula-Style Display Cars for Corporate Spaces

Last updated: 10 February 2026

This Privacy Policy explains how BoxBox Branding (“we”, “us”, “our”) collects and uses personal data when you visit our website, contact us, or use our online forms. It also explains your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are (Controller)

We are the “data controller” for the personal data collected via this website.

BoxBox Branding

6 Portland Business Center, Manor House Lane, Datchet, SL3 9EG

Email: enquiries@boxboxbranding.co.uk

Phone: 020 8108 0264

2. The personal data we collect

We may collect and process:

• Contact details: name, email address, telephone number.

• Enquiry details: information you include in your message and any attachments you choose to send.

• Website usage data (if enabled): pages viewed, clicks, time on page, device/browser information, approximate location (derived from IP), and referral source.

• Marketing preferences (if enabled): whether you opted in/out and your communication preferences.

3. How we collect data

We collect data when you:

• Submit a form on our website.

• Email or call us.

• Interact with the site (cookies and similar technologies, if enabled).

4. How we use your data

We use your data to:

• Respond to enquiries and provide information you request.

• Arrange calls/meetings and provide quotes or proposals.

• Improve our website and understand how visitors use it (analytics, if enabled).

• Measure the effectiveness of advertising campaigns (conversion tracking, if enabled).

• Send updates or marketing communications (only if you opt in, if enabled).

5. Lawful bases (UK GDPR)

We rely on one or more of the following lawful bases depending on what you do:

• Consent: for optional cookies (e.g., marketing cookies) and any direct marketing where you opt in.

• Legitimate interests: to respond to enquiries, manage our business, and improve our website (where these interests are not overridden by your rights).

• Contract: where we need to take steps at your request before entering into a contract, or to perform a contract with you.

• Legal obligation: where we must keep certain records for tax, accounting, or compliance purposes.

6. Cookies, analytics and advertising tracking

We may use cookies and similar technologies on this website. These can include:

• Essential cookies (needed for the site to work).

• Analytics cookies (e.g., Google Analytics) to understand website usage.

• Marketing/advertising cookies (e.g., Meta Pixel, LinkedIn Insight Tag) to measure ad performance and improve targeting.

If we use analytics or marketing cookies, we will present a cookie banner/consent tool allowing you to accept or reject non-essential cookies. You can also change your browser settings to block cookies, although parts of the site may not function correctly.

7. Who we share data with (processors)

We may share personal data with trusted third parties who provide services to us, such as:

• Website hosting and infrastructure providers.

• Email and communications providers.

• Form handling tools.

• Customer relationship management (CRM) systems.

• Analytics and advertising platforms (only where enabled and subject to your cookie choices).

These providers act as “processors” and are required to keep your data secure and only use it on our instructions.

8. International transfers

Some providers we use (or will use) may process data outside the UK. Where this happens, we will ensure appropriate safeguards are in place, such as UK International Data Transfer Agreements (IDTAs) and/or adequacy regulations, as required by UK GDPR.

9. How long we keep your data (retention)

We keep personal data only for as long as needed:

• Enquiries: typically up to 12 months after the last contact, unless you become a client or there is an ongoing reason to keep the information.

• Client records (if applicable): for the duration of the relationship and for a reasonable period afterwards, usually up to 6 years for contractual/tax purposes.

• Analytics data: retention periods are set within the analytics platform (where enabled) and reviewed periodically.

10. Security

We use reasonable technical and organisational measures to protect personal data, including access controls and secure service providers. No method of transmission or storage is 100% secure, but we work to reduce risks and respond promptly to incidents where required.

11. Your rights

You have rights under UK GDPR, including:

• Access – request a copy of your personal data.

• Rectification – correct inaccurate or incomplete data.

• Erasure – request deletion (where applicable).

• Restriction – ask us to limit processing in certain circumstances.

• Objection – object to processing based on legitimate interests.

• Data portability – receive certain data in a portable format.

• Withdraw consent – where processing is based on consent, you can withdraw at any time.

To exercise your rights, contact us using the details above.

12. Complaints

If you are unhappy with how we handle your data, please contact us first so we can try to resolve it. You also have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection.

13. Children

Our website is not intended for children and we do not knowingly collect personal data from children.

14. Changes to this Privacy Policy

We may update this policy from time to time. The latest version will be posted on this page with an updated “Last updated” date.

Get in touch

Privacy