Privacy Policy

Hughes Bespoke Ltd ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information when you engage with our services or visit our website. It also outlines your rights concerning your personal data under applicable data protection laws, including the General Data Protection Regulation (GDPR).

Who We Are

Hughes Bespoke provides turnkey event solutions, including bespoke exhibition stands, large-format print services, and custom interior design. Our mission is to help brands create impactful and sustainable live brand experiences.

For any data-related inquiries, you can contact us at:

Hughes Bespoke Ltd
Unit 15, No. 2. Bulrushes Business Park

Coombe Hill Road

East Grinstead

West Sussex

RH19 4LZ

United Kingdom

Email: hello@hughesbespoke.co

Phone: +44 1495 848 498

What Information We Collect

We may collect personal information from you when you:

Visit our website or LinkedIn page
Fill out a Lead Gen Form
Contact us via email or phone
Engage with our services

The types of personal information we collect may include:

Name
Job Title
Company Name
Email Address
Phone Number
Event Details (such as event dates and service requirements)
Any additional information you choose to provide

We also collect non-personal information, such as your IP address, browser type, and website usage statistics, to improve our online services.

How We Use Your Information

We use the personal information we collect to:

Respond to your inquiries
Provide our services and fulfil client requests
Personalize your experience with Hughes Bespoke
Send you relevant updates, offers, and information about our services (with your consent)
Improve our website and marketing efforts

We will never sell your personal data to third parties.

Legal Basis for Processing Your Information

Under GDPR, we process your personal data based on the following legal grounds:

Consent: You have given clear consent for us to process your personal data for specific purposes.
Contract: Processing is necessary to fulfil a contract with you or to take steps at your request before entering into a contract.
Legitimate Interests: We have a legitimate interest in processing your data to improve our services and communicate with clients and leads.

How We Share Your Information

We may share your information with trusted third-party service providers to help us operate our business, provide our services, and improve our website and marketing efforts. These third parties are required to handle your data securely and in compliance with applicable data protection laws.

The third-party providers we use include:

Website Hosting Provider (Wix) – We use Wix to host and manage our website. This means that some of the data you submit through our website, such as contact forms, may be processed by Wix on our behalf.
Email Service Provider (Outlook) – We use Outlook to send and receive emails. If you contact us via email, your personal data (such as your name, email address, and message) will be processed by Outlook.
Analytics Provider (Google Analytics) – We use Google Analytics to track how users interact with our website, such as which pages they visit and how long they stay on the site. Google Analytics collects information such as IP addresses and browsing activity.
Advertising Platforms (LinkedIn Ads, Facebook Ads, Instagram Ads) – We use these platforms to run targeted marketing campaigns. These platforms may process data such as your IP address, location, and interactions with our ads.
IT Support Provider (Systems IT) – We work with Systems IT, a UK-based IT services provider, to manage and secure our IT infrastructure. Systems IT processes personal data on our behalf in compliance with GDPR and does not transfer data outside the UK or EEA.

We do not share your personal data with third parties for their own marketing purposes.

How We Store and Protect Your Information

We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it from unauthorized access, disclosure, alteration, or destruction.

The security measures we have in place include:

SSL Encryption: Our website uses SSL certificates (https) to encrypt data transmitted between your browser and our servers.
Secure Servers: We store personal data on secure servers that are protected by firewalls and access controls.
Access Controls: We restrict access to personal data to authorized staff only. Staff members who access personal data are bound by confidentiality obligations and are trained on data protection best practices.
Password Policies: We enforce strong password policies for all staff members to reduce the risk of unauthorized access.
Two-Factor Authentication (2FA): We use two-factor authentication to add an additional layer of security to our accounts and systems.

We also conduct regular reviews of our security practices and update them as necessary to ensure we continue to protect personal data in accordance with GDPR requirements.

Your Rights Under GDPR

If you are a resident of the European Union (EU) or the United Kingdom (UK), you have the following rights regarding your personal data:

Right to Access: You can request a copy of the personal data we hold about you.
Right to Rectification: You can request that we correct any inaccurate or incomplete data.
Right to Erasure: You can request that we delete your personal data, subject to certain legal obligations.
Right to Restrict Processing: You can request that we limit the processing of your data.
Right to Data Portability: You can request that we transfer your data to another service provider in a structured, commonly used format.
Right to Object: You can object to our processing of your data for certain purposes.

To exercise any of these rights, please contact us at: hello@hughesbespoke.co

How to Opt-Out of Marketing Communications

We only send marketing emails to individuals who have explicitly opted in to receive them. You may sign up to receive marketing communications from us via forms on our website or through social media platforms.

If you no longer wish to receive marketing communications, you can withdraw your consent at any time by:

Clicking the "Unsubscribe" link in any marketing email you receive from us.
Contacting us directly at: hello@hughesbespoke.co

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and collect information about how you interact with our site.

When you visit our website for the first time, you will see a cookie consent banner that allows you to:

Accept all cookies
Reject non-essential cookies
Manage your cookie preferences

You can manage your cookie preferences at any time by adjusting your settings through our cookie consent banner.

For more details, please see our Cookie Policy.

Data Transfers Outside the EU/UK

We may transfer personal data outside of the European Economic Area (EEA) or the United Kingdom when we use third-party service providers that operate globally.

Whenever we transfer your data outside the EU/UK, we ensure that appropriate safeguards are in place to protect your personal data in accordance with GDPR requirements.

The following third-party service providers may transfer data outside the EU/UK:

Wix (Israel, US, and other locations)
Outlook (Microsoft)
Google Analytics
LinkedIn Ads
Facebook Ads / Instagram Ads

Systems IT processes personal data in the UK only.

Data Breach Procedure

If a personal data breach occurs that poses a risk to individuals' rights and freedoms, we will notify the relevant data protection authority (the ICO in the UK) within 72 hours and inform affected individuals if necessary.

Sensitive Personal Data

We do not collect any sensitive personal data.

Children's Privacy

Our services are not intended for individuals under the age of 16.

Changes to This Privacy Policy

We will notify users of significant changes through a website banner or email.

Effective Date: 17 March 2025