Skip to main content

Privacy Policy

Last updated: June 2026

This policy explains how Signatures Media Ltd ("we", "us", "our") collects and uses personal data when you visit signatures.com (the "Site") or use our tools. We are the data controller for that data. We are committed to handling your information in line with the UK GDPR, the Data Protection Act 2018 and, where it applies to visitors in the EEA, the EU GDPR.

1. Who we are

signatures.com is operated by Signatures Media Ltd, a company registered in England and Wales (company number 17150339), with its registered address at 17 Cabul Road, London, England, SW11 2PR. We are registered with the UK Information Commissioner's Office (ICO) under registration number ZC162258. Signatures Media Ltd is the controller responsible for your personal data.

For any question about this policy or your personal data, contact us at privacy@signatures.com. This is the best way to reach us for all data protection enquiries, including requests to exercise your rights (such as access, correction or deletion) and complaints. We aim to acknowledge enquiries promptly and to respond within one month in line with data protection law.

2. The personal data we collect

We collect only the data we need to run the Site, answer you, and improve our content. We collect personal data directly from you when you interact with the Site and do not obtain personal data about you from third-party sources.

Information you give us

We collect personal data directly from you and automatically from your use of the Site. We do not obtain personal data from third-party data brokers.

Information we collect automatically and with your consent

This data is collected automatically when you access the Site.

We do not deliberately collect special category data (such as health, religion or political views) and we ask that you do not include such information when contacting us or using the Site. The Site is not directed at children, and we do not knowingly collect data from anyone under 16. If we become aware that we have collected personal data from a child in a manner that is not compliant with applicable data protection law, we will take steps to delete it.

3. Why we use your data, and our lawful basis

Under the UK GDPR we must have a lawful basis for each use of your personal data. Our bases are:

Our legitimate interests include operating and improving the Site, providing our tools and content, and ensuring the security of our systems.

Legitimate interests

We have considered the impact on your rights and freedoms and do not consider our interests override them. In particular, we have assessed whether the processing is necessary and proportionate and whether less intrusive means are available.

Where we rely on legitimate interests, we have considered whether those interests are overridden by your interests and rights. You can object to processing at any time on grounds relating to your particular situation - see "Your rights" below. Where we rely on consent, you can withdraw it at any time without affecting processing carried out before withdrawal.

4. Who we share your data with

We do not sell your personal data. We share it only with carefully selected service providers ("processors") who help us run the Site, and only as needed. These currently include:

Each processor acts under a written contract that requires them to act only on our instructions and to implement appropriate technical and organisational measures to protect your personal data. We may also disclose personal data where required by law, including to regulators, courts or law enforcement authorities, to establish or defend legal claims, or in connection with a merger, acquisition, sale or reorganisation of our business.

5. International transfers

Some of our providers (for example Google) are based in, or process data in, countries outside the UK and EEA, including the United States. Our newsletter provider, Brevo, is based in the European Union. Where personal data is transferred outside the UK/EEA, we ensure that an appropriate level of protection is afforded to it in accordance with UK data protection law. This includes relying on a safeguard recognised by law, such as UK "adequacy" regulations (including the UK-US Data Bridge where applicable and the provider is certified), the International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, or EU Standard Contractual Clauses. Where the safeguards are used, we take steps to assess whether they are effective in practice. You can ask us for further information about the safeguards that we rely on by contacting us.

6. How long we keep your data

We retain personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, regulatory and reporting requirements.

7. Cookies and similar technologies

We use a small number of strictly necessary cookies to enable the operation and security of the Site, and - only with your consent - analytics cookies. We do not use advertising or cross-site tracking cookies. Any cookies or similar technologies that are not strictly necessary are only placed on your device after you have given your consent through our cookie consent mechanism. You can give or withdraw consent at any time using the "Cookie settings" link in the footer. Full details are in our Cookie Policy.

8. Automated decision-making

We do not carry out automated decision-making or profiling that produces legal effects, or similarly significant effects on you, within the meaning of applicable data protection law.

This means we do not make decisions about you solely by automated means that could significantly affect your rights, for example decisions that impact your legal position, financial circumstances or access to services.

We may use limited analytics tools to understand how users interact with the Site, but this does not involve profiling individuals in a way that has a significant effect on them.

9. How we protect your data

We use appropriate technical and organisational measures to protect your data, taking into account the nature, scope, context and purposes of the processing and the risks to individuals' rights and freedoms, including encryption in transit (HTTPS/TLS), access controls, and limiting access to the staff and providers who need it.

We also implement measures such as data minimisation and, where appropriate, pseudonymisation. No method of transmission or storage is completely secure, but we take reasonable steps to protect your information and to notify the ICO and affected individuals where the law requires it following a personal data breach.

10. Your rights

If you are in the UK or EEA, you have the right to:

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) - see the "Complaints" section below for details.

To exercise any of these rights, email privacy@signatures.com. We will respond within one month. There is normally no charge. We may need to verify your identity first. In certain circumstances permitted by law, we may extend the response period or decline to act on a request, in which case we will explain our reasons.

11. Complaints

We hope to resolve any concern you raise. If you have a concern about how we handle your personal data, please contact us first using the details above so we can try to resolve it.

You have the right to lodge a complaint with the ICO at ico.org.uk/make-a-complaint or by calling 0303 123 1113. If you are in the EEA, you may complain to your local supervisory authority.

We aim to acknowledge data protection complaints promptly and to respond within a reasonable timeframe in line with our legal obligations.

12. Changes to this policy

We may update this policy from time to time. When we make material changes, we will update the "last updated" date above. Where changes are material, we will take appropriate steps to bring them to your attention and, where required, seek your consent. Please check back periodically.

13. Contact us

Signatures Media Ltd
17 Cabul Road, London, England, SW11 2PR
Privacy enquiries: privacy@signatures.com
All data-protection enquiries, including requests to exercise your rights, should be sent to this address.