privacy & cookie policy

Effective date: 16th December 2025
Last updated: 16th December 2025

1. INTRODUCTION

Bacchanalia Ltd (“we”, “us”, “our”), trading as Bacchus, is committed to protecting your privacy and handling personal data responsibly and transparently.

This Privacy & Cookie Policy explains how we collect, use and protect personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy applies to your use of www.bacchus.agency (the “Site”) and to any personal data you provide to us via email or telephone.

2. WHO WE ARE

Bacchus is a communications and digital marketing agency operated by Bacchanalia Ltd, a company registered in the United Kingdom, with offices in multiple locations globally.

For the purposes of UK data-protection law, Bacchanalia Ltd is the data controller responsible for personal information collected through this Site and through direct correspondence.

If you have any questions about this policy or wish to exercise your data-protection rights, please contact:

Email: hello@bacchus.agency
Telephone: +44 (0)208 968 0202
Address: Edison House, 223–231 Old Marylebone Road, London, NW1 5QT, United Kingdom

3. PERSONAL DATA WE COLLECT

We do not use online forms or user accounts on this Site. We may collect personal data in the following ways:

• Direct correspondence: When you contact us via a mailto link or by phone, we receive your name, email address, telephone number, and any information you choose to include in your message.
• Technical data: Limited technical information such as IP address, browser type, device information, and pages visited may be logged automatically by our website hosting provider or analytics tools.
• Cookies: Small text files used to ensure the Site functions correctly and, where applicable, to understand aggregated website usage.

We do not intentionally collect special-category (sensitive) personal data via this Site.

4. HOW WE USE YOUR DATA AND LAWFUL BASIS

We process personal data for the following purposes:

• To respond to enquiries and communications
• To manage business relationships
• To operate and improve our website and services
• To comply with legal or regulatory obligations

Our lawful bases under UK GDPR are legitimate interests, contract (where applicable), and legal obligation.

We do not sell personal data or use it for unsolicited marketing.

5. COOKIES

a. Cookies used

This Site uses only:

• Essential cookies required for security and core functionality
• Anonymous analytics cookies (if enabled) to understand overall site performance

We do not use advertising, profiling, or behavioural-tracking cookies.

b. Managing cookies

Most browsers accept cookies automatically, but you can change your browser settings to block or delete cookies at any time. Disabling cookies may affect how the Site functions.

For more information, visit: https://www.allaboutcookies.org

6. DATA SHARING

We may share limited personal data with trusted third-party service providers (such as website hosting, IT support, or analytics providers).

All such providers act as data processors and are contractually required to protect personal data and use it only in accordance with our instructions and applicable data-protection laws.

7. INTERNATIONAL TRANSFERS

Where personal data is processed outside the United Kingdom (for example, where service providers operate internationally), we ensure appropriate safeguards are in place, including the UK International Data Transfer Agreement or approved contractual protections.

8. DATA SECURITY AND PERSONAL DATA BREACHES

We implement appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, disclosure or alteration.

While no website or email transmission is entirely secure, we take reasonable steps to safeguard the information we hold.

If we become aware of a personal data breach that poses a risk to individuals’ rights and freedoms, we will:

• Investigate and contain the incident promptly
• Notify the Information Commissioner’s Office (ICO) within 72 hours where required
• Inform affected individuals where there is a high risk of harm

If you believe your personal data may have been compromised, please contact us immediately at hello@bacchus.agency.

9. DATA RETENTION

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy or to meet legal obligations. Correspondence is reviewed periodically and securely deleted when no longer required.

10. YOUR RIGHTS

Under UK GDPR, you have the right to:

• Access your personal data
• Request correction or deletion
• Object to processing based on legitimate interests
• Request restriction or data portability (where applicable)

You also have the right to lodge a complaint with the Information Commissioner’s Office at https://www.ico.org.uk.

11. EXTERNAL LINKS

This Site may contain links to third-party websites. We are not responsible for their content or privacy practices.

12. UPDATES TO THIS POLICY

We may update this policy periodically. The most recent version will always be published on this page.