top of page

Privacy Policy

R&R Creative takes compliance with this policy very seriously.  Data will be processed under our legal obligations and data collected will be based on Legitimate Interest.

This Privacy Policy applies to information R&R Creative collect about individuals who interact with the organisation. It explains what personal information we collect and how we use it.

Personal data that we process

The types of data we collect follow current data protection legislation (GDPR).  This data may include names, individuals' phone numbers and email addresses.

  • For example, we must read and store your emails so we can respond effectively.

How we use your data

We will only appropriately use your data.  We may use your personal information to:

  • Reply to enquiries you send to us.

  •  Where you have specifically agreed we may send marketing communications via a method you have agreed to (email or post) Relating to work which we think may be of interest.


When we share your data

We will only pass your data to third parties in the following circumstances:

  • We are required by law.  For example – we are requested by regulatory bodies under relevant legislation.

  • It is necessary to protect and safeguard the interests of an individual.

  • We have obtained your consent.

  • We will not sell your data to a third-party organisation for marketing, fundraising, or campaigning.


How long we keep your data

We take the principles of data minimisation and removal seriously we will only ask for the minimum amount of purposeful data, which will be promptly once no longer required.

Where data is collected based on consent a record will be kept for 3 years.

Rights you have over your data:

  • Where data processing is based on consent, you may revoke this consent at any time by emailing

  • You have the right to ask for the deletion of your information. 

  • You have the right of access to the information we hold about you

  • You have the right to lodge a complaint with the Information Commissioner if you feel your rights have been infringed. 

  • A full summary of your legal rights over your data can be found via the Information Commissioner:

Cookies & usage tracking

The R & R Creative website does not use Cookies or Google Analytics to track your data.



We may modify this Privacy Policy from time to time and will publish the most current version on our website. If a modification meaningfully reduces your rights, we'll notify people whose personal data we hold and are affected.


Ruth Flanagan, The Director of R & R Creative is responsible for this policy and can be contacted at 


The General Data Protection and Regulations  (GDPR) will be followed:

Implement measures to ensure privacy by design, including:

  • Data minimisation

  • Pseudonymisation

  • Transparency

  • Creating and improving security and privacy procedures on an ongoing basis


 Ruth Flanagan, The Director of R & R creative is responsible for

  • Reviewing all data protection procedures and policies regularly

  • Data protection training has been undertaken.

  • Ensure all systems, and software meet security standards and check security software regularly to ensure it is functioning.

  • Reply promptly to data protection queries.

  • Data that is processed will be accurate, relevant only necessary for the purpose for which it was obtained.

  • personal data will be held for no longer than is necessary. And will follow GDPR guidelines.

R & R Creative will ensure that individuals can exercise their rights by:

  • Providing privacy notices which are concise, transparent, free of charge and easily accessible.

  • A privacy notice will be supplied in a timely fashion and always be available on the Rand R Creative Website.

  • R & R Creative notes that the public has the right to lodge complaints with the ICO.  Make a complaint | ICO

  • R & R Creative will respond to any data information requests within one month. Once a subject access request has been made, data will not be changed or amended.  Doing so is a criminal offence. Data requested will be given in a structured, readable way.

  • If any Third Party data controllers are used R & R will set contracts that contain specific clauses which set out both parties’ liabilities, obligations and responsibilities.

  • Regular data audits will contain information on what data is held, where it is stored, how it is used,

  • Any breach of this policy or data protection laws must be reported under a legal obligation to report any data breaches to the ICO within 72 hours.


If you have any questions or concerns about anything in this policy do not hesitate to contact Ruth Flanagan via the website contact form.

bottom of page