• Call Us: +44 (0)20 3886 2333
  • Email: info@localstalk.co
Need marketing help?
Submit a brief

Privacy Policy

Home Privacy Policy

Privacy Policy

Last Updated: 22 December 2024

1. Who We Are

Company Name: Locals Talk Limited
Company Number: 09959535
Registered Address: 128 City Road, London, EC1V 2NX, United Kingdom
Trading Address: Locals Talk, Studio X, Innovation Centre, Knowledge Gateway, Boundary Road, Colchester CO4 3ZQ
Website: https://localstalk.co
Telephone: +44 (0)20 3886 2333
Email: info@localstalk.co
Data Protection Officer: Billie Nabeel Tabassum (info@localstalk.co)

Locals Talk Limited is a data-driven marketing consultancy specialising in SEO, digital advertising, content strategy, and web development. We are committed to protecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

This Privacy Policy explains what personal data we collect, how we use it, who we share it with, how long we keep it, and your rights in relation to your data.

2. Information We Collect

2.1 Information You Provide Directly to Us

Contact Enquiries:
When you contact us via forms on our website or email, we collect:

  • Full name
  • Email address
  • Telephone number
  • Company name and job title
  • Nature of enquiry
  • Any other information you choose to provide in your message

Consultation Bookings:
When you book a consultation via Calendly, we collect:

  • Name
  • Email address
  • Telephone number (if provided)
  • Preferred meeting times
  • Company information
  • Meeting preferences and notes

Newsletter Subscriptions:
When you subscribe to our newsletters (via Mailchimp, LinkedIn, Medium, Substack, or other platforms), we collect:

  • Email address
  • Name (where provided)
  • Subscription preferences and interests
  • Engagement metrics (email opens, clicks, time spent reading)

Client Engagements:
When you engage our services under a retainer arrangement, we collect:

  • Business contact information
  • Billing and payment information
  • Company details and structure
  • Marketing objectives and requirements
  • Access credentials for platforms and services we manage on your behalf

2.2 Information Collected Automatically

Website Analytics:
We collect information about how you use our website using various analytics tools including Google Analytics, Google Analytics 4, and Hotjar. This includes:

  • IP address (anonymised where possible)
  • Browser type, version, and language settings
  • Device type, operating system, and screen resolution
  • Pages visited, time on site, and navigation paths
  • Referral sources (how you found our website)
  • Geographic location (country and city level)
  • User interactions (clicks, scrolls, form interactions)

Cookies and Similar Technologies:
Our website uses cookies and similar tracking technologies. Please see Section 10 (Cookie Policy) below for detailed information about the cookies we use.

Hotjar User Behaviour Analytics:
We use Hotjar to understand how users interact with our website. Hotjar may collect:

  • Mouse movements, clicks, and scrolling behaviour
  • Form interactions (but not the content of form fields)
  • Device and browser information
  • Pages visited and time spent on each page

Hotjar does not collect personally identifiable information unless you explicitly provide it. For more information, see Hotjar’s privacy policy at https://www.hotjar.com/legal/policies/privacy/.

2.3 Client Platform Data

When you engage us for marketing consultancy services, we require access to various platforms and tools to deliver our services effectively. With your explicit authorisation, we may access:

Advertising Platforms:

  • Google Ads accounts and campaign data
  • Meta (Facebook/Instagram) Business Manager and Ads accounts
  • TikTok Ads Manager
  • X (formerly Twitter) Ads
  • LinkedIn Campaign Manager
  • Microsoft Advertising (Bing Ads)
  • Other advertising platforms as required

Analytics and Measurement:

  • Google Analytics and GA4 properties
  • Adobe Analytics
  • Adjust (mobile app analytics)
  • Triple Whale (e-commerce analytics)
  • Hotjar accounts
  • Other analytics platforms specific to your business

SEO and Content Tools:

  • Ahrefs data and reports
  • SEMrush accounts
  • Google Search Console
  • Screaming Frog crawl data
  • Other SEO tools as required

Customer Relationship Management (CRM):

  • HubSpot CRM data, contacts, and workflows
  • Zoho CRM information
  • Salesforce data (where applicable)
  • Other CRM platforms you use

Email Marketing:

  • Klaviyo subscriber lists, campaign data, and automations
  • Mailchimp audiences, campaigns, and analytics
  • Other email service providers you use

E-commerce and Business Platforms:

  • Shopify store data and customer information
  • Other e-commerce platform data

Social Media:

  • Facebook, Instagram, LinkedIn, X (Twitter), TikTok, and other social media accounts
  • Page insights and performance data
  • Audience demographics and engagement metrics

Website and Technical Access:

  • Domain registrar accounts (GoDaddy, Namecheap, etc.)
  • Web hosting accounts
  • Content Management Systems (WordPress, etc.)
  • Google Workspace (G Suite) or Microsoft 365 accounts
  • Website files, databases, and configuration

Other Business Systems:

  • Project management tools (Asana, Monday.com, etc.)
  • Communication platforms (Slack, Microsoft Teams, etc.)
  • Payment processing data (where relevant to conversion tracking)
  • Any other systems necessary to deliver our services

We only access this data with your explicit written permission and use it solely for the purpose of delivering the marketing services you have engaged us for. We do not use your client data for any other purpose without your consent.

3. How We Use Your Information

We process your personal data for the following purposes:

3.1 Service Delivery (Legitimate Interests & Performance of Services)

  • Responding to Enquiries: To answer your questions, provide quotes, and discuss potential projects
  • Delivering Marketing Services: To execute SEO strategies, manage advertising campaigns, create content, analyse performance, and provide strategic recommendations
  • Campaign Management: To set up, monitor, optimise, and report on advertising campaigns across Google Ads, Meta, TikTok, LinkedIn, and other platforms
  • SEO Implementation: To conduct technical audits, perform keyword research, create and optimise content, build links, and improve search rankings
  • Analytics and Reporting: To track performance, generate insights, and provide you with regular reports on campaign effectiveness
  • Content Creation: To research, write, edit, and publish content across your digital channels
  • Website Management: To maintain, update, and improve your website’s performance and user experience
  • Strategy Development: To analyse market conditions, competitor activity, and customer behaviour to inform strategic recommendations

3.2 Communication (Legitimate Interests)

  • Client Communications: To update you on project progress, share reports, and discuss strategic matters
  • Marketing Communications: To send newsletters, industry insights, case studies, and promotional materials (only with your consent)
  • Service Updates: To inform you of changes to our services, new offerings, or important notices
  • Event Invitations: To invite you to webinars, workshops, and industry events we host or attend

3.3 Business Operations (Legitimate Interests & Legal Obligations)

  • Financial Administration: To process payments, send invoices, and maintain financial records
  • Quality Assurance: To review our work, ensure service quality, and identify areas for improvement
  • Legal Compliance: To meet our obligations under tax law, company law, and data protection legislation
  • Security: To protect our systems, detect fraud, and prevent unauthorised access
  • Dispute Resolution: To resolve complaints, handle contract disputes, and defend legal claims

3.4 Website Improvement (Legitimate Interests)

  • User Experience: To understand how visitors use our website and identify ways to improve navigation and content
  • Performance Optimisation: To ensure our website loads quickly and functions correctly across devices
  • Security: To identify and address security vulnerabilities

4. Legal Basis for Processing

Under UK GDPR, we must have a legal basis for processing your personal data. We rely on the following legal bases:

Legitimate Interests (Article 6(1)(f)):
We process most data on the basis that it is necessary for our legitimate business interests, such as:

  • Running and improving our consultancy services
  • Communicating with clients and prospects
  • Ensuring the security of our systems
  • Conducting business administration

We have assessed that these interests are not overridden by your rights and freedoms.

Consent (Article 6(1)(a)):
For newsletter subscriptions, non-essential cookies, and certain marketing activities, we rely on your explicit consent. You can withdraw consent at any time.

Legal Obligation (Article 6(1)(c)):
We process certain data to comply with legal requirements, such as:

  • Maintaining financial records for HMRC
  • Responding to lawful requests from authorities
  • Meeting our obligations under company law

Vital Interests (Article 6(1)(d)):
In rare circumstances, we may process data to protect someone’s life or physical safety.

5. Who We Share Your Data With

We do not sell, rent, or trade your personal data. We may share your information with the following categories of recipients:

5.1 Service Providers and Processors

We work with trusted third-party service providers who process data on our behalf. These include:

Analytics and User Behaviour:

  • Google LLC (Google Analytics, GA4, Google Tag Manager)
  • Hotjar Ltd (user behaviour analytics and heatmaps)

Email and Communication:

  • Mailchimp (Intuit Inc.) – email marketing and newsletters
  • Google Workspace (Google LLC) – business email and collaboration
  • Calendly – meeting scheduling

Customer Relationship Management:

  • HubSpot Inc. – CRM and marketing automation

Advertising and Marketing Tools:

  • Meta Platforms Inc. (Facebook Business Suite)
  • Google Ads
  • LinkedIn Corporation
  • X Corp (formerly Twitter)
  • TikTok (ByteDance Ltd)
  • Microsoft Corporation (Microsoft Advertising)

SEO and Research Tools:

  • Ahrefs Pte Ltd – SEO analysis and backlink research
  • SEMrush Inc. – SEO and competitive research tools

Website and Hosting Infrastructure:

  • Hostinger International Ltd – web hosting services
  • LiteSpeed Technologies – web server and caching
  • Litespeed Cache – website performance optimisation
  • Cloudflare Inc. – content delivery network and security

Payment Processing:

  • Various payment processors for client billing (e.g., Stripe, PayPal, bank transfers)

Consent Management:

  • consentmanager.net – cookie consent management

Professional Services:

  • Accountants and financial advisors
  • Legal advisors (when necessary)
  • Professional indemnity insurers

All service providers are carefully selected and required to maintain appropriate security measures. Where processors are located outside the UK, we ensure appropriate safeguards are in place (see Section 6).

5.2 Client Platforms

When managing your marketing activities, we access platforms on your behalf including:

  • Advertising networks (Google, Meta, TikTok, LinkedIn, Microsoft, X)
  • Analytics platforms (Google Analytics, Adjust, Triple Whale, etc.)
  • Social media networks
  • CRM systems
  • Email marketing platforms
  • E-commerce platforms

We access these platforms using credentials you provide and process data in accordance with their respective terms of service and privacy policies.

5.3 Business Partners

We maintain partnerships with various technology providers and industry organisations including:

  • Google Partner Programme – for Google Ads and analytics support
  • Meta Business Partners – for advertising platform support
  • Microsoft Advertising Partner – for Bing Ads platform support
  • Trustpilot – for reviews and reputation management
  • HubSpot Certified Partner – for CRM and marketing automation
  • Shopify Partners – for e-commerce development
  • Triple Whale Business Partners – for e-commerce analytics
  • University of Essex – for research collaborations and student placements
  • Squarespace Circle Member – for website building and design support
  • Klaviyo Partners – for email marketing support
  • Yell Business – for local business listings
  • Diginius – for digital marketing collaborations
  • Wix Partners – for website building
  • GDPR Local – legal partner providing GDPR compliance advice and EU Representative services to our clients
  • Adjust Partners – for mobile app analytics
  • Google Ads Advisors – for advertising optimisation support
  • Consent Manager Official Partners – for consent management implementation

These partnerships may involve limited data sharing for certification, training, and service delivery purposes.

5.4 Legal and Regulatory Authorities

We may disclose your information when required by law or to:

  • Comply with court orders, warrants, or legal processes
  • Respond to lawful requests from UK authorities (police, HMRC, ICO, etc.)
  • Enforce our terms and conditions
  • Protect our rights, property, and safety, or that of others
  • Prevent fraud or other illegal activity

5.5 Business Transfers

If Locals Talk Limited is acquired by another company, merged, or undergoes restructuring, your data may be transferred to the new entity. We will notify you of any such change and inform you of your rights.

6. International Data Transfers

Some of our service providers are located outside the United Kingdom and European Economic Area (EEA). This means your data may be transferred to and processed in countries including:

United States: Google, Meta, HubSpot, Mailchimp, Hotjar, Ahrefs, X, TikTok
Singapore: Ahrefs, various regional service providers
Other Jurisdictions: Various cloud infrastructure providers, CDN services, and client-specific platforms

When we transfer data internationally, we ensure appropriate safeguards are in place:

UK-US Data Bridge / Adequacy Decisions:
The UK recognises certain countries and regions (including the EEA under the UK-EEA adequacy decision) as providing adequate protection for personal data.

Standard Contractual Clauses (SCCs):
Where no adequacy decision exists, we use Standard Contractual Clauses approved by the UK ICO to govern the transfer.

Processor Guarantees:
We require all processors to implement appropriate technical and organisational measures to protect your data, regardless of location.

US-Based Services:
Many of our key service providers (Google, Meta, HubSpot, Mailchimp) participate in recognised data transfer frameworks and provide additional contractual protections. We regularly review these arrangements to ensure continued adequacy.

You have the right to request information about the safeguards we have in place for international transfers by contacting our Data Protection Officer.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, or as required by law.

Enquiry and Contact Data:
Contact form submissions and initial enquiry data are retained for up to 3 years to track potential opportunities and maintain communication records, unless you request earlier deletion.

Newsletter Subscribers:
We retain your email address and engagement data until you unsubscribe or request deletion. Inactive subscribers may be removed after 3 years of non-engagement.

Client Service Data:
During active client engagements, we retain all necessary data to deliver services effectively. After a project ends or a retainer is terminated:

  • Project documentation and deliverables: 7 years (for professional indemnity purposes)
  • Platform access credentials: Removed upon termination unless continuity of access is agreed for potential future re-engagement; credentials are securely stored and access is monitored
  • Communication records: 7 years (for legal and professional purposes)
  • Financial and invoicing data: 7 years (HMRC requirement)
  • Campaign performance data: Retained indefinitely for case studies and portfolio purposes with brand identification included unless you explicitly request anonymisation or removal

Website Analytics:
Google Analytics data is retained for 26 months by default. Hotjar data is retained for 365 days.

Cookie Data:
Cookie lifespans vary by type and are detailed in Section 10 (Cookie Policy) below.

Legal Requirements:
Some data must be retained longer for legal, accounting, or dispute resolution purposes. We will not delete data that we are legally required to keep.

Secure Deletion:
When data is no longer required, we securely delete or anonymise it to prevent unauthorised access or reconstruction.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.

Technical Measures:

  • Encryption: Data in transit is protected using TLS/SSL encryption. Sensitive data at rest is encrypted where technically feasible.
  • Access Controls: Access to personal data is restricted to authorised personnel only, using strong authentication methods and principle of least privilege.
  • Credential Management: Client access credentials are stored using enterprise-grade password management systems with encryption, multi-factor authentication, and audit logging.
  • Secure Infrastructure: We use reputable hosting providers (Hostinger) with ISO 27001 certification and regular security audits.
  • LiteSpeed Server Technology: Our website runs on LiteSpeed web servers with built-in DDoS protection and security hardening.
  • Regular Updates: We keep all software, plugins, and systems up to date with the latest security patches.
  • Backup and Recovery: Regular automated backups are maintained with encryption and off-site storage.
  • Network Security: Firewalls, intrusion detection systems, and security monitoring protect our infrastructure.

Organisational Measures:

  • Staff Training: All team members receive data protection training and are bound by confidentiality obligations.
  • Data Protection Policies: We maintain internal policies governing data handling, security, and breach response.
  • Vendor Assessment: Third-party processors are evaluated for security practices before engagement.
  • Incident Response: We have procedures in place to detect, respond to, and report data breaches.
  • Regular Audits: We periodically review our security measures and data processing activities.

Client Platform Security: When accessing client platforms, we:

  • Use unique, strong passwords and enable two-factor authentication where available
  • Access systems via secure connections only
  • Do not share credentials outside authorised personnel
  • Remove access immediately upon contract termination
  • Maintain audit logs of access and changes where possible

Limitations:
No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of any passwords or credentials you provide to us.

9. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

9.1 Right of Access (Article 15)

You can request a copy of the personal data we hold about you. We will provide this free of charge in most cases, along with information about how we use your data.

9.2 Right to Rectification (Article 16)

If personal data we hold about you is inaccurate or incomplete, you can ask us to correct or update it.

9.3 Right to Erasure / ‘Right to be Forgotten’ (Article 17)

You can request deletion of your personal data in certain circumstances:

  • The data is no longer necessary for the purposes we collected it
  • You withdraw consent (where consent is the legal basis)
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • Erasure is required to comply with a legal obligation

We may be unable to comply if we have a legal obligation to retain the data or if retention is necessary to establish, exercise, or defend legal claims.

9.4 Right to Restriction of Processing (Article 18)

You can ask us to restrict processing in certain situations:

  • You contest the accuracy of the data (whilst we verify accuracy)
  • Processing is unlawful but you don’t want erasure
  • We no longer need the data, but you need it to establish, exercise, or defend legal claims
  • You have objected to processing (whilst we consider whether our legitimate grounds override yours)

9.5 Right to Data Portability (Article 20)

Where we process your data based on consent or for the performance of a contract, and processing is carried out by automated means, you can request to receive your data in a structured, commonly used, machine-readable format, or ask us to transfer it directly to another controller where technically feasible.

9.6 Right to Object (Article 21)

You can object to processing based on legitimate interests or for direct marketing purposes:

  • Direct Marketing: You have an absolute right to object to direct marketing at any time. We will stop processing your data for this purpose immediately.
  • Legitimate Interests: You can object to processing based on our legitimate interests. We must then stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.

9.7 Rights Related to Automated Decision-Making (Article 22)

We do not use fully automated decision-making or profiling that produces legal or similarly significant effects. If this changes, we will update this policy and inform you of your rights.

9.8 Right to Withdraw Consent

Where we rely on consent as the legal basis for processing, you can withdraw consent at any time. This will not affect the lawfulness of processing based on consent before withdrawal.

9.9 Right to Lodge a Complaint

If you believe we have not handled your data properly, you have the right to lodge a complaint with the UK’s supervisory authority:

Information Commissioner’s Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
Website: https://ico.org.uk/make-a-complaint/

You also have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of alleged infringement if you reside in the EU.

9.10 How to Exercise Your Rights

To exercise any of these rights, please contact us:

  • Email: info@localstalk.co
  • Telephone: +44 (0)20 3886 2333
  • Post: Data Protection Officer, Locals Talk Limited, 128 City Road, London, EC1V 2NX

We will respond to your request within one month, though this may be extended by a further two months for complex requests. We will inform you if an extension is necessary.

We may need to verify your identity before fulfilling your request to ensure data security. We will not charge a fee unless your request is manifestly unfounded or excessive.

10. Cookie Policy

10.1 What Are Cookies?

Cookies are small text files stored on your device (computer, tablet, or mobile phone) when you visit a website. They help websites remember your preferences, analyse how you use the site, and provide a better user experience.

Similar technologies include:

  • Local Storage: Data stored in your browser that persists across sessions
  • Session Storage: Temporary data stored for the duration of your visit
  • Web Beacons (Pixels): Small, invisible images used to track page views and email opens
  • Scripts and Tags: JavaScript code that collects usage information

For simplicity, this policy refers to all these technologies collectively as “cookies.”

10.2 How We Use Cookies

We use cookies to:

  • Ensure our website functions correctly
  • Remember your preferences and settings
  • Understand how visitors use our website
  • Improve user experience and website performance
  • Analyse traffic and measure the effectiveness of our content
  • Enable certain features and functionality

10.3 Types of Cookies We Use

We use the following categories of cookies:

Strictly Necessary Cookies (No Consent Required)

These cookies are essential for the website to function and cannot be switched off. They are usually set in response to actions you take, such as setting privacy preferences, logging in, or filling in forms.

Cookie NamePurposeProviderDuration
euconsent-v2Stores user’s cookie consent preferencesConsentManager12 months
Cookie consent cookiesVarious consent tracking cookiesConsentManager12 months
PHPSESSIDMaintains session stateLocals TalkSession
WordPress session cookiesEnables WordPress functionalityLocals TalkSession

Functional Cookies (Consent Required)

These cookies enable enhanced functionality and personalisation, such as remembering your preferences, but are not strictly essential for the website to work.

Cookie NamePurposeProviderDuration
Language preference cookiesRemembers language selectionLocals Talk12 months
litespeed_cacheImproves page load speedsLiteSpeedVaries

Performance / Analytics Cookies (Consent Required)

These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. We use this data to improve the website.

Cookie NamePurposeProviderDuration
_gaDistinguishes unique usersGoogle Analytics2 years
ga[container-id]Persists session stateGoogle Analytics 42 years
_gidDistinguishes unique usersGoogle Analytics24 hours
_gatThrottles request rateGoogle Analytics1 minute
Hotjar cookies (_hj*)Records user behaviour and session replaysHotjar365 days

Google Analytics:
We use Google Analytics to analyse website traffic and user behaviour. Google Analytics uses cookies to collect information such as pages visited, time on site, and how you reached our website. This information is transmitted to and stored by Google on servers which may be located outside the UK/EEA. Google uses this information to evaluate your use of our website, compile reports for us, and provide other services relating to website activity and internet usage.

IP addresses are anonymised where possible. For more information on Google Analytics’ privacy practices, visit: https://policies.google.com/privacy

Hotjar:
Hotjar is a user behaviour analytics service that helps us understand how people use our website through heatmaps, session recordings, and feedback polls. Hotjar cookies track:

  • Mouse movements, clicks, and scrolling
  • Pages visited and time spent on each page
  • Form interactions (not the content entered)
  • Device and browser information

Hotjar does not collect personally identifiable information without your explicit consent. For more information, visit: https://www.hotjar.com/legal/policies/privacy/

Targeting / Advertising Cookies (Consent Required)

These cookies may be set through our site by advertising partners. They may be used to build a profile of your interests and show you relevant ads on other sites. They do not store directly identifiable information but are based on uniquely identifying your browser and device.

Cookie NamePurposeProviderDuration
Facebook Pixel Tracks conversions and enables retargetingMeta90 days
Google Ads conversion trackingTracks advertising effectivenessGoogle90 days
LinkedIn Insight TagTracks website visits from LinkedInLinkedIn90 days

Note: We currently do not have a Facebook Pixel implemented on our website. If this changes, we will update this policy and obtain your consent before activation.

Social Media Cookies

If we embed content from social media platforms (YouTube videos, social media feeds, etc.), these platforms may set their own cookies. We do not control these cookies. Please refer to the respective platform’s privacy policy for information.

10.4 Third-Party Cookies

Some cookies are placed by third-party services that appear on our pages. We do not control these cookies. Third parties include:

  • Google (Analytics, Tag Manager, potentially Ads)
  • Hotjar (behaviour analytics)
  • Gravatar (if you comment on blog posts)
  • Social media platforms (if embedded content is present)
  • YouTube (if we embed videos)
  • Font Awesome (icon fonts)
  • reCAPTCHA (spam protection on forms)

Each third party has its own privacy policy governing their use of cookies. We recommend reviewing their policies.

10.5 Cookie Lifespan

Cookies have different lifespans:

  • Session Cookies: Temporary cookies that expire when you close your browser
  • Persistent Cookies: Remain on your device for a set period (from hours to years) or until you delete them

The duration of each cookie is specified in the tables above.

10.6 Managing Your Cookie Preferences

Consent Management Platform:
When you first visit our website, you will see a cookie banner powered by our consent management platform. You can:

  • Accept all cookies
  • Reject non-essential cookies
  • Customise your preferences by category

You can change your cookie preferences at any time by clicking the “Cookie Settings” link in our website footer.

Browser Settings:
You can also control cookies through your browser settings:

  • Google Chrome: Settings > Privacy and Security > Cookies and other site data
  • Mozilla Firefox: Options > Privacy & Security > Cookies and Site Data
  • Safari: Preferences > Privacy > Manage Website Data
  • Microsoft Edge: Settings > Cookies and site permissions > Cookies and site data
  • Mobile Browsers: Settings vary by device and browser

Note: Blocking or deleting cookies may impact your experience on our website and limit certain functionality.

Third-Party Opt-Outs:

  • Google Analytics Opt-out: https://tools.google.com/dlpage/gaoptout
  • Hotjar Opt-out: https://www.hotjar.com/policies/do-not-track/
  • Network Advertising Initiative: https://optout.networkadvertising.org/
  • Your Online Choices (EU): https://www.youronlinechoices.com/

10.7 Do Not Track (DNT)

Some browsers have a “Do Not Track” feature. Currently, there is no industry standard for how to respond to DNT signals. We do not currently respond to DNT signals, but we provide you with cookie consent options through our consent management platform.

10.8 Changes to Cookie Usage

If we make significant changes to how we use cookies, we will update this policy and notify you via our cookie consent banner or by email if you are a client or subscriber.

11. Links to Third-Party Websites

Our website may contain links to third-party websites, including:

  • Client websites and portfolio examples
  • Partner organisations
  • Industry resources and articles
  • Social media platforms
  • Service providers and tools

We are not responsible for the privacy practices or content of these external sites. We recommend reviewing their privacy policies before providing any personal information.

When you click on external links, you leave our website and this Privacy Policy no longer applies.

12. Children’s Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at info@localstalk.co. We will promptly investigate and delete any such data.

13. Changes to This Privacy Policy

We review and update this Privacy Policy regularly to reflect changes in our practices, technology, legal requirements, and business operations.

When We Update:

  • The “Last Updated” date at the top will change
  • Material changes will be highlighted on our website
  • If you are a client or newsletter subscriber, we may notify you by email
  • For significant changes affecting your rights, we may request renewed consent where required

Your Responsibility:
We encourage you to review this policy periodically. Continued use of our website or services after changes indicates acceptance of the updated policy.

Version History:
Previous versions of this policy are available upon request by contacting our Data Protection Officer.

14. Legal Framework and Compliance

This Privacy Policy complies with:

  • UK General Data Protection Regulation (UK GDPR)
  • Data Protection Act 2018
  • Privacy and Electronic Communications Regulations 2003 (PECR)
  • Electronic Commerce (EC Directive) Regulations 2002

We are registered with the Information Commissioner’s Office (ICO) as required under UK data protection law.

15. Business-to-Business (B2B) Processing

Most of our clients are businesses, and much of the personal data we process relates to business contacts (employees, directors, contractors). While UK GDPR applies to all personal data, we recognise that business contacts generally expect their professional contact details to be used for business purposes.

We process business contact data on the basis of legitimate interests for:

  • Business development and client relationship management
  • Providing quotes and proposals
  • Delivering contracted services
  • Sending relevant business communications

You still have all the rights outlined in Section 9, including the right to object to processing or request deletion.

16. Data Protection Impact Assessments (DPIAs)

Where our processing activities are likely to result in high risk to individuals’ rights and freedoms, we conduct Data Protection Impact Assessments to:

  • Identify and minimise risks
  • Assess necessity and proportionality
  • Determine appropriate safeguards
  • Document our compliance

17. Contact Us

If you have any questions about this Privacy Policy, how we handle your personal data, or wish to exercise your rights, please contact:

Data Protection Enquiries:
Email: info@localstalk.co
Telephone: +44 (0)20 3886 2333

Data Protection Officer:
Billie Nabeel Tabassum
Email: info@localstalk.co
Post: Data Protection Officer, Locals Talk Limited, 128 City Road, London, EC1V 2NX, United Kingdom

General Enquiries:
Website: https://localstalk.co
Telephone: +44 (0)20 3886 2333
Email: info@localstalk.co

Complaints:
If you are not satisfied with our response to a data protection concern, you have the right to lodge a complaint with:

Information Commissioner’s Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom
Telephone: 0303 123 1113
Website: https://ico.org.uk/make-a-complaint/
Email: casework@ico.org.uk

Locals Talk Limited – Leveraging data to fuel demand.

Company Number: 09959535 | Registered in England and Wales