ServicesAboutContactGet My Free Growth Plan
Legal

Privacy Policy

Last updated: 1 May 2026

This Privacy Policy explains how DREVO LTD ("we", "us", "our") — a company registered in Scotland under company number SC887578 with its registered office at Scotland, United Kingdom — collects, uses, and protects personal data when you visit drevoservices.com or interact with our services.

We are the "controller" of personal data we collect about you under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. If you have questions, contact us at services@drevo.co.uk.

1. What information we collect

We collect personal data that you give us directly, including:

  • Contact details — name, email address, phone number (if provided), company name.
  • Project details — the brief you share via our contact form or by email.
  • Lead-magnet captures — your email address when you request our 2026 AI Opportunity Checklist or similar resources.
  • Booking information — when you book a Growth Plan call via Cal.com or Calendly, we receive your name, email, and time-zone from that platform.

We also automatically collect technical data when you visit our website: IP address (in truncated form), browser type, device type, and pages visited. We use a privacy-friendly, cookieless analytics provider (Plausible) that does not track you across sites or build advertising profiles.

2. How we use your information

We use your personal data to:

  • Reply to your enquiry and deliver the services you request.
  • Send you the lead magnet you signed up for.
  • Schedule and conduct Growth Plan calls.
  • Send service-related communications (project updates, invoices).
  • Improve our website and services using aggregated, non-identifying analytics.
  • Comply with legal and regulatory obligations.

3. Legal basis

Under UK GDPR, we rely on the following lawful bases:

  • Consent — when you submit a form, opt-in to a lead magnet, or book a call. You can withdraw consent at any time.
  • Contract — when processing is necessary to take steps at your request before entering into a contract, or to perform a contract.
  • Legitimate interests — for website analytics, fraud prevention, and direct communication with prospective clients, balanced against your rights.
  • Legal obligation — for accounting, tax, and other statutory record-keeping.

4. Sharing your information

We do not sell your personal data. We share it only with:

  • Service providers — companies we use to run our business (e.g. email delivery via Resend, scheduling via Cal.com, hosting via Vercel). These providers process data on our behalf under written agreements.
  • Professional advisers — accountants and legal advisers, where required.
  • Authorities — where required by law or to protect our legal rights.

5. International transfers

Some of our service providers are based outside the UK (for example, in the EEA or the United States). Where data is transferred outside the UK, we rely on UK-approved transfer mechanisms such as the UK International Data Transfer Agreement, the EU Standard Contractual Clauses with the UK Addendum, or transfers to countries with UK adequacy decisions.

6. How long we keep your data

  • Contact-form enquiries: up to 24 months from last contact.
  • Lead-magnet sign-ups: until you unsubscribe, plus a short technical retention period.
  • Client records: 7 years after the end of our engagement, to meet UK accounting and tax record-keeping obligations.
  • Website analytics: aggregated only; no individual records retained.

7. Your rights

Under UK GDPR, you have the right to:

  • Request access to your personal data.
  • Request correction of inaccurate data.
  • Request deletion of your data (the "right to be forgotten").
  • Restrict or object to certain processing.
  • Request data portability.
  • Withdraw consent at any time, where consent is the legal basis.

To exercise any of these rights, email services@drevo.co.uk. We will respond within 30 days. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ico.org.uk).

8. Cookies

We use a minimal, cookieless analytics solution by default. If we add additional analytics or marketing tools that use cookies in future, we will display a cookie consent banner and update this Policy. Strictly necessary cookies (e.g. session tokens) may be used to operate the website.

9. Security

We use appropriate technical and organisational measures to protect your data, including TLS encryption in transit, access controls, and regular security review of our service providers. No system is completely secure; please do not include sensitive information (such as financial account details) in contact-form messages.

10. Changes to this Policy

We may update this Policy from time to time. The "Last updated" date at the top of this page reflects the latest revision. Material changes will be communicated by email where appropriate.

11. Contact

Questions, requests, or complaints? Email services@drevo.co.uk.

Notice: This template is a starting point and is not legal advice. Have a UK solicitor (or a service like SeedLegals or Rocket Lawyer) review and customise this Policy before relying on it for production use. Items marked with a placeholder style need to be filled in.

Drevo AI
Online · replies instantly
👋 Hi! I'm Drevo's AI assistant. Want help finding the right solution?
Get My Free Growth Plan

Wait — grab the free 2026 AI Opportunity Checklist before you go.

30 questions that reveal where AI can save your business £10,000+ this year. Used by 200+ UK founders.

One email. No spam. Unsubscribe with one click.