Storycue Privacy Policy
Last Updated: 28 October 2025
1. Introduction
Storycue, by Bright Sites Consulting Limited (“Storycue”, “we”, “us”, or “our”) provides software-as-a-service (“SaaS”) tools that help customers create, manage, and share content online.
We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and safeguard your personal information when you interact with our websites, apps, or other online services (collectively, the “Services”).
We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Please read this Policy carefully to understand how we handle your personal data.
2. Data Controller
Bright Sites Consulting Limited is the data controller of your personal data.
Registered Address: 49 Greek Street London W1D 4EG
Email: info@brightsites.co.uk
ICO Registration Number: ZB314431
3. Personal Data We Collect
| Category | Examples | Purpose |
| Account Information | Name, email address, password, company name, payment details | To register, authenticate, and manage your account |
| Usage Data | Log files, IP address, device info, pages visited, browser type | To operate and improve our Services |
| Communication Data | Messages, support tickets, marketing preferences | To respond to enquiries and send updates |
| Payment Data | Processed through secure payment providers (we do not store full card data) | To complete transactions |
| Third-Party Data | Information from resellers or partners | To fulfil your requests or manage referrals |
We do not intentionally collect sensitive or special-category data (e.g., health, race, religion).
4. Lawful Bases for Processing
We process your personal data only when we have a valid lawful basis under UK GDPR:
| Lawful Basis | When Applied |
| Contract | To deliver the Services you request |
| Legitimate Interests | To operate, improve, and secure our platform |
| Consent | For optional communications (e.g., newsletters or marketing) |
| Legal Obligation | When required by law or to respond to lawful requests |
Where processing relies on consent, you may withdraw it at any time.
5. How We Use Personal Data
We use your personal data to:
- Provide, maintain, and improve our Services
- Manage your account and billing
- Communicate with you (service notifications, support, updates)
- Personalise features and enhance user experience
- Detect, prevent, and respond to security incidents or fraud
- Comply with legal and regulatory requirements
We do not sell your personal information.
6. How We Share Data
We may share limited personal data with:
- Service Providers – for hosting, analytics, payment, and customer support, bound by strict confidentiality agreements.
- Affiliates and Resellers – where you purchase via an authorised partner.
- Professional Advisors – auditors, accountants, or legal counsel under duty of confidentiality.
- Authorities or Regulators – when required by law.
- Business Transfers – if Storycue merges or is acquired, with proper safeguards in place.
All third parties are required to handle data securely and lawfully.
7. International Data Transfers
If your data is transferred outside the United Kingdom or European Economic Area, we ensure adequate protection through:
- UK adequacy decisions, or
- Standard Contractual Clauses (SCCs) approved by the UK ICO.
A copy of relevant safeguards can be provided on request.
8. Data Retention
We retain your personal data only as long as necessary to:
- Provide the Services and support your account
- Meet legal, tax, or accounting obligations
- Resolve disputes or enforce contracts
When data is no longer needed, it is securely deleted or anonymised.
Typical retention periods:
- Account and billing data – up to 7 years after closure (for compliance)
- Support and communication records – up to 3 years after resolution
9. Data Security
We apply appropriate technical and organisational measures to protect personal data, including:
- Encryption in transit and at rest
- Access controls and authentication
- Regular security testing and monitoring
While we strive to protect your data, no online system is completely secure. You are responsible for safeguarding your login credentials.
10. Your Rights
Under UK data-protection law, you have the right to:
- Access – request a copy of the personal data we hold about you
- Rectification – correct inaccurate or incomplete data
- Erasure – request deletion of your data (“right to be forgotten”)
- Restriction – limit how we process your data
- Portability – receive your data in a structured, machine-readable format
- Objection – object to processing based on legitimate interests
- Withdraw consent – where consent is the legal basis
To exercise your rights, email info@brightsites.co.uk. We will respond within one month.
If you are unsatisfied, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO): www.ico.org.uk
11. Cookies and Tracking
Storycue uses cookies and similar technologies to:
- Operate and secure our Services
- Remember user preferences
- Analyse usage and improve performance
- Deliver relevant content and marketing (where consented)
Non-essential cookies will only be placed after you provide consent. You can manage cookie preferences in your browser settings or via our Cookie Policy.
12. Children’s Privacy
Our Services are not intended for children under 16, and we do not knowingly collect their data. If you believe a child has provided personal information, please contact us to have it removed.
13. Data Protection Officer (DPO)
Storycue has appointed a Data Protection Officer to oversee compliance with this policy.
Contact: sam.doha@brightsites.co.uk
Address: 49 Greek Street London W1D 4EG
14. Updates to This Policy
We may update this Privacy Policy periodically. When significant changes occur, we will notify you via email or a notice on our website. The “Last Updated” date at the top of this policy reflects the latest revision.