The Curated Brief — Privacy Policy (UK)

Effective date: [31/12/2025]
Last updated: [30/12/2025]

The Curated Brief (“we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share personal data when you interact with our website, emails, and digital products.

This policy complies with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

1. Who we are (Data Controller)

Controller: The Curated Brief
Legal status: [Jonathan Bauer t/a The Curated Brief]
Address: [12 New Look, Carterton, OX18 3RR]
Email: editor@thecuratedbrief.co.uk

For data protection purposes, The Curated Brief is the data controller.

If you have any questions about this policy or how we handle your data, you can contact us using the details above.

2. Personal data we collect

We only collect personal data that is necessary and proportionate.

a) Information you provide directly

  • Email address (newsletter subscriptions)
  • Name (optional)
  • Billing details (for purchases)
  • Messages sent via contact forms or email

b) Automatically collected data

When you visit our website, we may collect:

  • IP address
  • Device and browser type
  • Pages visited and referral source
  • Date/time of visit

This data is collected via Webador’s hosting infrastructure and essential cookies.

c) Email interaction data (via Brevo)

When you subscribe to our emails, Brevo may record:

  • Subscription status (opt-in/opt-out)
  • Email opens and link clicks
  • Bounce and delivery information

3. How we collect your data

We collect data when you:

  • Subscribe to our newsletter
  • Purchase or download a digital product
  • Contact us by email or form
  • Browse our website

We do not buy mailing lists or collect data from third-party brokers.

4. Lawful bases for processing (UK GDPR)

We process personal data only where we have a lawful basis:

Purpose

Lawful basis

Sending newsletters & briefings

Consent

Managing subscriptions

Consent / Legitimate interests

Delivering paid digital products

Contract

Payment records & accounting

Legal obligation

Website security & performance

Legitimate interests

Responding to enquiries

Legitimate interests

You can withdraw consent at any time.

5. Email marketing (Brevo & PECR compliance)

We send emails using Brevo, an EU-based email service provider compliant with UK GDPR.

  • You will only receive marketing emails if you explicitly opt in
  • Every email includes an unsubscribe link
  • Unsubscribing immediately stops marketing emails
  • Transactional or service emails (e.g. purchase confirmations) may still be sent where necessary

We do not use pre-ticked boxes or soft opt-ins for marketing.

6. Cookies and website analytics

Our website is hosted on Webador.

We use:

  • Essential cookies required for site functionality
  • Basic analytics provided by Webador (non-intrusive, aggregate data)

We do not currently use behavioural advertising cookies or third-party ad networks.

Where required, cookie consent is managed via our website banner.

7. Who we share your data with

We only share personal data with trusted service providers where necessary:

a) Brevo (email marketing)

Used for managing subscriptions and sending emails.
Data stored: email address, subscription status, interaction metrics.

b) Webador (website hosting)

Used to host the website and process form submissions.

c) Payment providers (if applicable)

Used to process transactions securely. We do not store full card details.

d) Legal or regulatory authorities

Only where required by law.

All providers are required to protect your data and process it only on our instructions.

8. International data transfers

Brevo is headquartered in the EU and complies with GDPR standards.
Where any data is transferred outside the UK, appropriate safeguards (such as standard contractual clauses) are in place.

9. Data retention

We keep personal data only as long as necessary:

  • Newsletter subscribers: until you unsubscribe
  • Suppression records: retained to ensure we do not re-email you after opt-out
  • Purchase records: up to 6 years (UK accounting requirements)
  • Contact enquiries: typically up to 24 months

Data is securely deleted when no longer required.

10. Your rights under UK GDPR

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion (where applicable)
  • Restrict or object to processing
  • Withdraw consent at any time
  • Request data portability (where applicable)

To exercise your rights, email: privacy@thecuratedbrief.co.uk

You also have the right to complain to the UK regulator:
Information Commissioner’s Office

11. Data security

We take appropriate technical and organisational measures to protect personal data, including secure platforms, access controls, and supplier due diligence.

No online system is completely secure, but we take data protection seriously and act promptly in the unlikely event of a breach.

12. Children’s data

The Curated Brief is aimed at adults.
We do not knowingly collect data from children under 16.

13. Affiliate links

Some content may include affiliate links.
If you click a link and make a purchase, we may earn a commission.

Affiliate partners may use cookies for tracking, which are covered by our cookie notice.

14. Changes to this policy

We may update this Privacy Policy from time to time.
The latest version will always be published on our website.