Privacy Policy

Effective Date: 1 August 2025
Last Updated: 1 August 2025

1. Introduction

This Privacy Policy explains how Persona Pro ("we," "us," or "our") collects, uses, and protects your personal information when you use our website and services. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), UK Data Protection Act 2018, and relevant US privacy laws.

2. Data Controller Information

Company: Marclo Trading as Persona Pro
Address: Macclesfield Unite Kingdom
Email: [email protected]
Phone: 01625 326880

For GDPR purposes, we are the data controller for personal information we collect about you.

3. Information We Collect

3.1 Information You Provide Directly

  • Account Information: Name, email address, phone number, business details

  • Payment Information: Billing address, payment method details (processed securely by third parties)

  • Communication Data: Messages, feedback, and correspondence with us

  • Business Information: Company details, marketing challenges, target audience information

  • Service-Specific Data: Information provided for persona development, questionnaire responses

3.2 Information Collected Automatically

  • Usage Data: How you interact with our website and services

  • Device Information: IP address, browser type, device type, operating system

  • Cookies and Tracking: See our Cookie Policy section below

  • Analytics Data: Website performance and user behavior metrics

3.3 Information from Third Parties

  • Payment Processors: Transaction and billing information

  • Marketing Platforms: Email engagement and campaign performance data

  • Public Sources: Publicly available business information for research purposes

4. How We Use Your Information

4.1 Service Provision

  • Deliver our persona research, courses, and related services

  • Process payments and manage your account

  • Provide customer support and technical assistance

  • Communicate about your services and account

4.2 Business Operations

  • Improve and develop our services

  • Conduct research and analytics

  • Ensure security and prevent fraud

  • Comply with legal obligations

4.3 Marketing Communications

  • Send newsletters and product updates (with your consent)

  • Provide relevant content and offers

  • Conduct market research and surveys

4.4 Legal Basis for Processing (GDPR)

We process your personal data based on:

  • Contract Performance: To provide services you've purchased

  • Legitimate Interests: For business operations, security, and service improvement

  • Consent: For marketing communications and certain cookies

  • Legal Compliance: To meet regulatory and legal requirements

5. Information Sharing and Disclosure

5.1 We Do Not Sell Personal Data

We do not sell, rent, or trade your personal information to third parties for their commercial purposes.

5.2 Service Providers

We may share information with trusted service providers who assist in:

  • Payment processing (Stripe, PayPal, etc.)

  • Email marketing (Mailchimp, ConvertKit, etc.)

  • Analytics and website optimization (Google Analytics, etc.)

  • Customer support tools

  • Cloud hosting and data storage

5.3 Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal process or government requests

  • Enforce our terms and conditions

  • Protect our rights, safety, or property

  • Prevent fraud or security threats

5.4 Business Transfers

In the event of a merger, acquisition, or sale, personal data may be transferred to the new entity, subject to the same privacy protections.

6. Data Retention

We retain personal information for as long as necessary to:

  • Provide our services and fulfill contractual obligations

  • Comply with legal and regulatory requirements

  • Resolve disputes and enforce our terms

  • Achieve legitimate business purposes

Typical retention periods:

  • Account Data: Duration of account plus 7 years for business records

  • Marketing Data: Until you unsubscribe or request deletion

  • Service Data: Duration of service provision plus reasonable period for potential claims

  • Payment Data: As required by financial regulations (typically 6-7 years)

7. Your Rights Under GDPR and UK Data Protection Laws

If you are in the EU/EEA or UK, you have the following rights:

7.1 Access and Portability

  • Request a copy of the personal data we hold about you

  • Receive your data in a portable format

7.2 Correction and Completion

  • Correct inaccurate or incomplete personal data

  • Update your information through your account or by contacting us

7.3 Deletion ("Right to be Forgotten")

  • Request deletion of your personal data in certain circumstances

  • Note: We may need to retain some information for legal compliance

7.4 Processing Restrictions

  • Request that we limit how we process your personal data

  • Object to processing based on legitimate interests

7.5 Marketing Opt-Out

  • Unsubscribe from marketing communications at any time

  • Manage communication preferences in your account

7.6 Data Protection Authority

You have the right to lodge a complaint with your local data protection authority.

To exercise your rights, contact us at: [[email protected]]

8. International Data Transfers

We may transfer personal data outside your country of residence. When we do:

  • We ensure appropriate safeguards are in place

  • We use Standard Contractual Clauses or other approved mechanisms

  • We comply with applicable data protection laws

9. Security Measures

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit and at rest

  • Regular security assessments and updates

  • Access controls and authentication requirements

  • Staff training on data protection practices

  • Incident response procedures

10. Cookies and Tracking Technologies

10.1 What Are Cookies

Cookies are small data files stored on your device that help us improve your experience.

10.2 Types of Cookies We Use

  • Essential Cookies: Required for website functionality

  • Analytics Cookies: Help us understand website usage

  • Marketing Cookies: Used for targeted advertising (with consent)

  • Preference Cookies: Remember your settings and preferences

10.3 Cookie Management

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

10.4 Third-Party Cookies

We may use third-party services that set their own cookies, including:

  • Google Analytics (website analytics)

  • Facebook Pixel (advertising)

  • Payment processors (transaction processing)

11. Children's Privacy

Our services are not directed to children under 16 (or 13 in the US). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected

  • Right to delete personal information

  • Right to opt-out of the sale of personal information

  • Right to non-discrimination for exercising privacy rights

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. We will:

  • Post the updated policy on our website

  • Notify you of material changes via email or website notice

  • Obtain consent where required by law

14. Data Subject Requests and Contact

14.1 How to Contact Us

For privacy-related questions or to exercise your rights:

Email: [email protected]
Mail: Hordern farm Pottery, Macclesfied SK110AN
Phone: 01625326880

14.2 Response Time

We will respond to valid requests within:

  • GDPR/UK: 30 days (extendable to 60 days for complex requests)

  • CCPA: 45 days (extendable to 90 days with notice)

14.3 Identity Verification

We may require identity verification before processing certain requests to protect your personal information.

15. Regional-Specific Information

15.1 For EU/EEA and UK Users

  • Processing is based on lawful bases under GDPR/UK GDPR

  • You may lodge complaints with your national supervisory authority

  • Cross-border transfers comply with adequacy decisions or appropriate safeguards

15.2 For US Users

  • We comply with applicable state privacy laws including CCPA, CPRA, and emerging state regulations

  • We do not discriminate against users who exercise privacy rights

16. Business Contact Information

Persona Pro
As detailed above


This Privacy Policy is designed to be compliant with GDPR, UK Data Protection Act 2018, CCPA, and other applicable privacy laws. For specific legal questions about your situation, we recommend consulting with qualified legal counsel.