Legal

Privacy Policy

Last updated: 19 April 2026

Empowered Collective Studio takes your privacy seriously. This policy explains what personal data we collect, why we collect it, and what rights you have under UK GDPR.

1. Who we are

Empowered Collective Studio ("we", "us", "our") is a content and authority studio operated by Ade Adesokan, trading at Bridge End House, Bacup Road, Waterfoot, Rossendale, BB4 7AW, United Kingdom.

We are the Data Controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 for any personal data you provide via our website, forms, and services.

For any privacy-related enquiries, contact: empoweredcollectivestudio@gmail.com.

2. What personal data we collect

We may collect the following categories of personal data:

• Contact information: name, email address, phone number, business name, role.
• Application and intake data: information you submit via our forms (Authority Leak Audit, Sprint/Elite applications, blueprint intakes).
• Communications: emails and messages you send us.
• Technical data: IP address, browser type, device information, pages visited, referring URLs, and similar analytics data collected automatically when you visit the site.
• Marketing preferences: whether you've opted in to marketing communications.

We do not knowingly collect sensitive personal data (health, biometric, political views, etc.).

3. Why we collect your data (lawful basis)

We process personal data under the following lawful bases:

• Contract: to provide the services you've agreed to (Elite, Sprint, Residency, Studio Access) and to process applications.
• Legitimate interests: to respond to enquiries, operate our website, improve our services, and send relevant business communications to existing clients.
• Consent: for marketing communications and non-essential cookies. You can withdraw consent at any time.
• Legal obligation: to comply with UK tax, accounting, and other legal requirements.

4. How we use your data

We use personal data to:

• Respond to your enquiries and deliver the services you book.
• Process applications for our Sprint and Elite programmes.
• Send the Authority Leak Audit results to your email.
• Send relevant business updates, if you've opted in.
• Improve our website and services through anonymised analytics.
• Comply with UK tax and regulatory obligations.

5. Who we share your data with

We share personal data only with trusted third-party processors required to operate our business. These currently include:

• Google Workspace — email, Google Forms, Google Drive (United States, under Standard Contractual Clauses).
• Studio Ninja — client management and invoicing (Australia, under Standard Contractual Clauses).
• Netlify — website hosting (United States, under Standard Contractual Clauses).
• Vimeo — video hosting (United States, under Standard Contractual Clauses).
• Our accountant — for tax and bookkeeping purposes, UK-based.

We do not sell your personal data to anyone, ever.

6. How long we keep your data

We keep personal data only as long as necessary for the purpose it was collected:

• Enquiries that don't convert to clients: 12 months from last contact.
• Client records: for the duration of our engagement plus 6 years (UK tax requirement).
• Marketing contacts: until you unsubscribe.
• Website analytics: up to 26 months.

7. Your rights under UK GDPR

You have the following rights in respect of your personal data:

• Right to be informed — about how we use your data (this policy).
• Right of access — to request a copy of the data we hold about you.
• Right to rectification — to have incorrect data corrected.
• Right to erasure — to have your data deleted (subject to legal retention requirements).
• Right to restrict processing — to ask us to pause processing your data.
• Right to data portability — to receive your data in a machine-readable format.
• Right to object — to direct marketing or processing based on legitimate interests.
• Rights in relation to automated decision-making — we do not make automated decisions about you.

To exercise any of these rights, email empoweredcollectivestudio@gmail.com. We will respond within one month.

8. Cookies and tracking

We use a small number of essential and analytics cookies on this website. See our Cookie Policy for full details on what we use and how to opt out.

9. Security

We take reasonable technical and organisational measures to protect your personal data, including encrypted storage, two-factor authentication on critical accounts, and regular software updates. No system is 100% secure; we will notify you and the ICO within 72 hours of any personal data breach that puts your rights at risk.

10. International transfers

Some of our processors are based outside the UK (primarily in the USA and Australia). Where data is transferred internationally, we rely on the UK's adequacy regulations or Standard Contractual Clauses as the transfer mechanism.

11. Children's data

Our services are for business founders over 18. We do not knowingly collect personal data from anyone under 18.

12. Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top reflects the most recent change. Material changes will be flagged on our homepage.

13. Complaints

If you believe we have mishandled your personal data, please contact us first so we can try to resolve it. If you're not satisfied, you have the right to complain to the UK's data protection regulator:

Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113