[Business Name] ("we", "us", "our") is the data controller responsible for your personal data collected through our Audience Blueprint service.

We collect personal data when you apply for an Audience Blueprint. The data we collect includes:a) Application Data: i. Name ii. Email address iii. Business name iv. Industry v. Target audience information vi. Offer details vii. Price pointb) Transaction Data: i. Payment confirmation ii. Purchase historyc) Technical Data: i. IP address ii. Browser typed) We do not collect special category data (such as health, race, ethnicity, religious beliefs, or political opinions).

a) To provide the Blueprint service: i. Review and process your application ii. Create and deliver your customized Blueprint iii. Process payment iv. Communicate with you about your application and deliveryb) Legal and administrative requirements: i. Maintain tax and financial records as required by HMRC ii. Comply with legal obligationsc) Business communications: i. Send you information about additional services or exclusive offers (existing customers only, with the ability to opt out at any time)d) You can opt out of receiving business communications at any time by clicking "unsubscribe" in any email or by contacting us directly.

a) We use the following service providers to operate our business: i. Tally.so (Belgium, EU): Application forms and data collection ii. Google Workspace (USA): Email communication and document delivery iii. Stripe (USA): Payment processing iv. Webflow (USA): Website hosting v. Notion (USA): Internal business operations and record-keeping. b) We do not sell your personal data to third parties. c) In certain circumstances, we may share your data with: i. Professional advisors (accountants, lawyers) bound by confidentiality obligations ii. Public authorities if legally required.

a) Some of our service providers are based outside the UK:b) EU locations (Tally): Covered by UK adequacy regulations, meaning your data receives the same level of protection as in the UK.c) USA locations (Google, Stripe, Webflow, Notion): These providers are certified under the EU-U.S. Data Privacy Framework and its UK Extension, ensuring adequate protection of your data. You can verify their certification status at https://www.dataprivacyframework.gov/list

We retain your personal data for the following periods:a) Unsuccessful applications (no payment made): Deleted within 30 days of application review.b) Customer transaction and delivery records: Retained for 6 years from the date of your final transaction, in accordance with HMRC tax requirements.c) Email correspondence: Retained for 3 years from the date of last contact to maintain customer service records.d) Cancelled or refunded projects: Financial records retained for 6 years from the date of cancellation to comply with tax regulations.e) After these periods, your data is securely deleted unless we have a legal obligation to retain it longer.

Under UK data protection law, you have the right to:a) Under UK data protection law, you have the right to: i. Access your personal data - request what information we hold about you ii. Correct inaccurate data - ask us to update incorrect information iii. Delete your data - request erasure (subject to legal retention requirements - we must keep financial and tax records for 6 years under HMRC regulations) iv. Object to processing - object to processing based on legitimate interests v. Restrict processing - request that we limit how we use your data vi. Data portability - receive your data in a usable format vii. Withdraw consent - withdraw consent at any time (where consent is the lawful basis)b) To exercise any of these rights, contact us at theteam@nichered.com. We will respond within one month.c) Automated Decision-Making We do not use automated decision-making or profiling when reviewing applications or providing services. All applications are reviewed manually.