Padlocks and security image marketing agency Bristol

Obligatory GDPR Blog

Here’s what we’ve done about GDPR and why data security matters for marketing and content agencies.


You all know what GDPR means now, and what a hassle it’s been. The ironic thing about GRPR is that you’ve probably received more unwanted mail in the last few weeks than you have in the last year. We know we have.


You may or may not be interested in how we manage your data. If you are, here’s what we have done:


  • We don’t routinely store personal information, but we’ve been through everything and we’ve deleted anything that could potentially hold personal data.
  • We have a GDPR champion. He’s called Pete, and you can contact him at: He also deals with payments too, hence the email address.
  • We don’t routinely send out direct mail like newsletters or group emails, and don’t hold any email lists of past and present clients. If you get anything like that from us, it’s not from us.
  • Every piece of data we own is kept in password protected folders. The only people who have access to this data are those people who need it.
  • We sometimes run promotions for other businesses and organisations. When we do, we have clear terms and conditions. We’ve recently updated these so that they’re GDPR compliant too.

What about PR lists?


We sometimes manage PR activities for our clients and do have some press lists. We’ve taken advice on this, and agree with PR experts Response Source that press lists are considered ‘legitimate interests’. That means that press lists that only include the email addresses of journalists are acceptable.


If we ever send out a press release (something we do rarely), then we target our lists and include details of how any journalist contacted can remove their details. If you’re a journalist and you’re here for that reason, contact Pete. You’ll never hear from us again.

So, that’s what we’ve done.


If you want to chat about what GDPR means to us, or have any questions then get in touch with us today.