Privacy Policy

How we collect, use and protect your personal information.

RH
Rhys Holloway
Creative Director
Updated 11 February 2026

This privacy policy explains how Ocean Arts Cardiff ("we", "us", "our") collects, uses, stores and protects your personal data when you visit our website at www.oceanartscardiff.co.uk or engage with our services. We are committed to ensuring that your privacy is protected in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Ocean Arts Cardiff is a graphic design and illustration studio based at 15 Neptune Ct, Vanguard Way, Cardiff CF24 5PJ, United Kingdom. For the purposes of data protection law, we are the data controller. If you have any questions about this policy or our data practices, you can contact us at:

2. Information We Collect

We may collect and process the following categories of personal data:

  • Identity data: first name, last name, job title, company name.
  • Contact data: email address, telephone number, postal address.
  • Technical data: IP address, browser type and version, time zone, operating system, and other technology on the devices you use to access this website.
  • Usage data: information about how you use our website, products and services.
  • Communications data: records of correspondence when you contact us via email, phone or our contact form.

3. How We Collect Your Data

We collect personal data through:

  • Direct interactions — when you fill in our contact form, email us, call us or meet with us in person.
  • Automated technologies — as you navigate our website, we may automatically collect technical and usage data using cookies, server logs and similar technologies.
  • Third parties — we may receive data from analytics providers such as Google Analytics, advertising networks, and search information providers.

4. How We Use Your Data

We will only use your personal data when the law allows us to. Most commonly, we use your data in the following circumstances:

  • To respond to enquiries submitted through our contact form or via email.
  • To provide our design and illustration services under a contract with you.
  • To send you project updates and invoices related to work we are carrying out for you.
  • To improve our website, services and user experience.
  • To comply with legal and regulatory obligations.

5. Legal Basis for Processing

We rely on the following legal bases under the UK GDPR:

  • Consent: where you have given clear consent for us to process your personal data for a specific purpose (e.g. subscribing to a mailing list).
  • Contract: where processing is necessary for the performance of a contract to which you are party.
  • Legitimate interests: where processing is necessary for our legitimate interests (e.g. improving our services), provided these are not overridden by your rights.

6. Data Sharing

We do not sell, rent or trade your personal data with third parties for marketing purposes. We may share your data with:

  • Service providers who assist us with website hosting, analytics, email delivery and IT support.
  • Professional advisers including lawyers, accountants and insurers where necessary.
  • Regulatory bodies or law enforcement agencies where required by law.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. Contact form submissions are retained for up to 24 months. Client project records are retained for up to 6 years in accordance with HMRC requirements.

8. Your Rights

Under the UK GDPR you have the right to:

  • Request access to your personal data.
  • Request correction of inaccurate or incomplete data.
  • Request erasure of your personal data.
  • Object to the processing of your data.
  • Request restriction of processing.
  • Request data portability.
  • Withdraw consent at any time where we rely on consent as the legal basis.

To exercise any of these rights, please contact us using the details provided in Section 1. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

9. Cookies

Our website uses cookies to distinguish you from other users and to improve your browsing experience. Cookies are small text files placed on your device. You can set your browser to refuse all or some cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, some parts of this website may become inaccessible or not function properly.

Types of cookies we use:

  • Strictly necessary cookies: required for the operation of our website.
  • Analytical cookies: allow us to recognise and count the number of visitors and to see how visitors move around our website.
  • Functionality cookies: used to recognise you when you return to our website.

10. Third-Party Links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

11. Data Security

We have implemented appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

12. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically to stay informed about how we protect your data.

This policy was last updated on 11 February 2026.