Privacy Policy

Last updated: 5 March 2026

Blenheim Global Limited (“we”, “us”, or “our”) is committed to protecting your personal data and respecting your privacy. This policy sets out how we collect, use, store, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller
‍
Blenheim Global Limited is the data controller responsible for your personal data. This means we determine the purposes and means by which your personal information is processed.

Registered address:
First Floor Office, 3 Hornton Place, London, UK, W8 4LZ
Privacy enquiries: contact@blenheimmartlet.com

2. What Information We Collect

When you submit an enquiry through our contact form, we collect the personal information you provide. This may include your name, email address, phone number, and the content of your message.

In addition, as our website is hosted on Webflow and delivered via Cloudflare, certain technical data may be processed automatically when you visit our site. This may include your IP address, browser type, device information, and pages visited. This data is processed by Webflow and Cloudflare as our data processors and is used solely for hosting, security, and content delivery purposes.

3. Lawful Basis for Processing
‍
We rely on the following lawful bases under UK GDPR Article 6 to process your personal data:

Legitimate interests (Article 6(1)(f)) — to respond to your enquiry and manage our relationship with you. Our legitimate interest is in operating our business effectively and responding to business enquiries. We have assessed that this processing does not override your rights and freedoms.

Legal obligation (Article 6(1)(c)) — where we are required to retain or disclose data to comply with a legal obligation.

4. How We Use Your Information
‍
We use your personal data solely to:
‍
• Respond to your enquiry
• Assist with the request you have made
• Maintain a record of our correspondence for a reasonable period

We do not use your data for marketing purposes and we do not add you to any mailing list.

5. How Long We Keep Your Information
‍
Enquiry messages and associated personal data are retained for up to one year from the date of receipt, after which they are securely deleted. We will not retain your data for longer than is necessary for the purpose for which it was collected.

6. How We Store Your Information
‍
Enquiry messages are stored in our contact inbox and accessed via Microsoft Outlook. Access is restricted to the company’s co-founders and the operations manager. We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction.

7. Website Hosting and Infrastructure
‍
Our website is hosted and delivered via the following third-party services, each of which acts as a data processor on our behalf:

Webflow, Inc. — our website is built and hosted on the Webflow platform. Webflow may process technical data (such as IP addresses and server logs) as part of delivering our website. Webflow is based in the United States and relies on Standard Contractual Clauses (SCCs) for the transfer of personal data from the UK. For more information, see webflow.com/legal/privacy.

Cloudflare, Inc. — our website is routed through the Cloudflare content delivery network (CDN), which provides performance optimisation, DDoS protection, and SSL/TLS encryption. Cloudflare may process technical data including IP addresses as part of this service. Cloudflare is based in the United States and relies on Standard Contractual Clauses for UK data transfers. For more information, see cloudflare.com/privacypolicy.

Microsoft Corporation — enquiry messages submitted through our contact form are received and stored using Microsoft Outlook as part of the Microsoft 365 suite. Microsoft processes your personal data (including name, email address, phone number, and message content) as our data processor. Microsoft is based in the United States and relies on Standard Contractual Clauses and the EU-U.S. Data Privacy Framework for UK data transfers. For more information, see microsoft.com/en-us/privacy.

Webflow, Cloudflare and Microsoft are contractually bound to process data only on our instructions and in accordance with applicable data protection law, including the UK GDPR.

8. International Data Transfers
‍
Your personal data may be transferred to or processed in countries outside the UK, including the United States, via our use of Webflow, Cloudflare, and Microsoft Outlook. Where such transfers occur, we ensure that appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) or UK International Data Transfer Agreements (IDTAs) as applicable, in accordance with UK GDPR Chapter V.

We also serve clients globally, including in the EU, UAE, and the United States. Where we communicate with clients in these regions, the same transfer safeguards apply.

9. Sharing Your Information
‍
We do not sell, rent, or share your personal data with third parties for their own purposes. We only disclose your data to our data processors (as described in section 7) or where we are legally required to do so by applicable law or a court order.

10. Your Rights Under UK GDPR
‍
Under UK GDPR, you have the following rights in relation to your personal data:

Right of access — you may request a copy of the personal data we hold about you (a Subject Access Request).
‍
Right to rectification — you may ask us to correct inaccurate or incomplete data.

Right to erasure — you may ask us to delete your personal data where there is no longer a lawful basis for us to retain it.
‍
Right to restriction — you may ask us to restrict processing of your data in certain circumstances.
‍
Right to object — you may object to processing based on our legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.
‍
Right to data portability — where processing is based on consent or contract and carried out by automated means, you may request your data in a structured, commonly used, machine-readable format.

To exercise any of these rights, please contact us at contact@blenheimmartlet.com. We will respond within one calendar month as required by UK GDPR Article 12.

11. Right to Lodge a Complaint
‍
If you believe we have not handled your personal data in accordance with UK data protection law, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection.

ICO website: ico.org.uk
ICO helpline: 0303 123 1113

We would welcome the opportunity to address your concerns directly before you contact the ICO.

Please reach out to us first at contact@blenheimmartlet.com.

12. Cookies
‍
This policy covers personal data collected through our contact form and website infrastructure. Our website uses only essential cookies necessary for the functioning of the site (such as those required by Webflow and Cloudflare for hosting, security, and content delivery). We do not use cookies for marketing, analytics, or tracking purposes. If our use of cookies changes in the future, this will be addressed in a separate Cookie Policy.

13. Changes to This Policy
‍
We may update this privacy policy from time to time to reflect changes in our practices or applicable data protection law. The most current version will always be published on our website, with the date of the last update shown at the top of this page. Where changes are material, we will take reasonable steps to bring them to your attention.

14. Contact Us
‍
For any questions about this privacy policy or how we handle your personal data, please contact us:

Blenheim Global Limited
First Floor Office, 3 Hornton Place, London, UK, W8 4LZ
contact@blenheimmartlet.com