Menu
sales@insignialabels.co.uk
01244 888 100

Privacy Policy

HomePrivacy Policy

Privacy Policy for Insignia Labels

Last Updated: July 31, 2025

At Insignia Label Solutions Ltd (“we,” “us,” or “our”), we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at insignialabels.co.uk (the “Website”). We operate as a label printing company based in North Wales, UK, specializing in self-adhesive labels for business and personal use.

This policy complies with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), the Privacy and Electronic Communications Regulations 2003 (PECR) as amended by the Data (Use and Access) Act 2025 (DUAA), and other relevant UK data protection laws. We aim to be transparent about our data practices while adhering to principles of lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality, and accountability.

If you have any questions about this Privacy Policy or our data practices, please contact us at the details provided in the “Contact Us” section below.

1. Who We Are: Data Controller Information

Insignia Label Solutions Ltd is the data controller responsible for your personal data. Our registered office is at Unit 15, Greenfield Business Park, Bagillt Road, Greenfield, Holywell, Flintshire, CH8 7HJ, United Kingdom.

We are registered with the Information Commissioner’s Office (ICO) under registration number [Insert ICO Registration Number if applicable; if not registered, note that small businesses processing limited data may not require registration under DUAA amendments, but we comply voluntarily].

We do not process personal data on a large scale or as a core activity, so we are not required to appoint a Data Protection Officer (DPO) under UK GDPR. However, for any data protection queries, you can contact our designated privacy representative at info@insignialabels.co.uk.

2. Personal Data We Collect

We collect personal data that you provide to us directly, as well as information collected automatically when you use our Website. We only collect data necessary for our legitimate purposes, in line with data minimisation principles.

2.1 Data You Provide Directly

  • Contact Information: When you use our contact form to inquire about our label printing services, request quotes, or provide feedback, we may collect your name, email address, phone number, company name, and any other details you include in your message.
  • Other Communications: If you email us or call us, we may retain records of those interactions, including any personal data shared.

We do not currently offer account creation, newsletter sign-ups, or e-commerce features on our Website. If we introduce such features in the future, this policy will be updated accordingly.

2.2 Data Collected Automatically

  • Device and Usage Information: We may collect information about your device and how you interact with our Website, such as IP address, browser type, operating system, referring URLs, pages viewed, and timestamps. This helps us understand Website usage and improve our services.
  • Cookies and Similar Technologies: Our Website may use cookies, web beacons, or similar tracking technologies to enhance functionality and user experience. For details, see our “Cookies and Tracking Technologies” section below.

We do not collect sensitive personal data (e.g., racial or ethnic origin, political opinions, health data) unless you voluntarily provide it in communications, in which case we will process it only with your explicit consent or as required by law.

2.3 Data from Third Parties

We do not routinely receive personal data from third parties. If we do (e.g., from business partners referring inquiries), we ensure it is shared lawfully and update you as required.

3. How We Use Your Personal Data

We process your personal data for specific, legitimate purposes only, as outlined below. We rely on appropriate legal bases under UK GDPR Article 6, such as consent, contract performance, legitimate interests, or legal obligations.

Purpose Types of Data Used Legal Basis
Responding to inquiries via contact form or email Name, email, phone, message content Contract (to provide quotes or services) or legitimate interests (to manage customer relations)
Improving Website functionality and user experience Device info, usage data Legitimate interests (to analyze and enhance our site)
Complying with legal obligations All relevant data Legal obligation (e.g., record-keeping for tax or regulatory purposes)
Marketing (if applicable in future) Email, name Consent (opt-in required under PECR)

We conduct legitimate interest assessments where applicable to ensure our interests do not override your rights. Under DUAA amendments to UK GDPR, we may rely on “recognized legitimate interests” for certain low-risk processing, such as basic analytics, but we always prioritize transparency.

We do not use your data for automated decision-making or profiling that produces legal effects or significantly affects you.

4. Cookies and Tracking Technologies

In compliance with PECR as amended by DUAA 2025, we provide clear information about cookies and obtain consent where required. DUAA has relaxed some rules, aligning PECR more closely with UK GDPR, allowing softer consent for non-intrusive cookies (e.g., analytics without personal identifiers).

Types of Cookies We Use

  • Essential Cookies: Necessary for Website operation (e.g., session management). No consent required as they are strictly necessary.
  • Analytics Cookies: Used to track Website performance (e.g., via Google Analytics). We anonymize IP addresses where possible.
  • Functional Cookies: Enhance user experience (e.g., remembering preferences).

We do not currently use marketing or third-party advertising cookies. If we do, consent will be obtained via a clear banner.

You can manage cookies through your browser settings or our cookie consent tool (if implemented). For more details, withdrawing consent will not affect the lawfulness of prior processing. Exemptions under PECR apply to strictly necessary cookies.

5. Sharing Your Personal Data

We do not sell your personal data. We may share it in limited circumstances:

  • Service Providers: With trusted third parties who assist us, such as IT hosting providers or email services (e.g., Microsoft Outlook). These processors are bound by data protection agreements under UK GDPR Article 28.
  • Legal Requirements: If required by law, such as to respond to court orders or regulatory requests from the ICO.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred with appropriate safeguards.

We ensure all recipients comply with UK data protection laws.

6. International Data Transfers

Our operations are primarily UK-based, and we do not routinely transfer personal data outside the UK. If we need to (e.g., using a US-based cloud provider), we use safeguards like International Data Transfer Agreements (IDTAs) or Addendums to EU Standard Contractual Clauses, as approved by the ICO. We also rely on UK adequacy regulations where applicable (e.g., for EU/EEA transfers).

We assess transfer risks to ensure adequate protection levels, in line with UK GDPR Chapter V.

7. Data Security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, or breach, including encryption, access controls, and regular security reviews. This aligns with the integrity and confidentiality principle.

In the unlikely event of a data breach, we will notify you and the ICO within 72 hours if it poses a high risk to your rights, as required by UK GDPR.

8. Data Retention

We retain personal data only as long as necessary for the purposes outlined, plus any legal retention periods (e.g., 6 years for financial records under tax laws). Contact form data is typically kept for 12 months or until your inquiry is resolved.

After this, data is securely deleted or anonymized, per storage limitation principles.

9. Your Rights Under UK GDPR

You have the following rights regarding your personal data. To exercise them, contact us at info@insignialabels.co.uk. We respond within one month, free of charge (extensions possible for complex requests).

  • Right to be Informed: This policy provides transparency about our data practices.
  • Right of Access: Request a copy of your data.
  • Right to Rectification: Correct inaccurate data.
  • Right to Erasure (“Right to be Forgotten”): Delete data in certain cases (e.g., if no longer needed).
  • Right to Restrict Processing: Limit how we use your data.
  • Right to Data Portability: Receive your data in a structured format for transfer.
  • Right to Object: Object to processing based on legitimate interests or for marketing.
  • Rights Related to Automated Decision-Making: Not applicable, as we do not use this.

If unsatisfied with our response, you can complain to the ICO at ico.org.uk.

10. Children’s Privacy

Our Website and services are not directed at children under 16. We do not knowingly collect data from children. If we become aware of such data, we will delete it promptly.

11. Changes to This Privacy Policy

We may update this policy to reflect changes in our practices or legal requirements, such as DUAA amendments. Changes will be posted here with the updated date. For significant changes, we will notify you via email or Website notice.

12. Contact Us

For questions, rights requests, or complaints:

  • Email: info@insignialabels.co.uk
  • Post: Insignia Label Solutions Ltd, Unit 6, Manor Industrial Estate, Flint, CH6 5UY, United Kingdom
  • Phone: 01244 888 100
© 2026 Insignia Label Solutions LTD