Last updated 12.12.2024

Privacy Policy

This Privacy Policy outlines how Human Future Agency ("we", "our", "us") collects, uses, and protects the personal data of our clients, collaborators, and visitors to our website.

We are committed to designing experiences and services that centre people, and that includes how we handle your data. As a UK-based company, we comply with the General Data Protection Regulation (GDPR) and other relevant data protection laws.

What information do we collect?

When you visit our website

We gather basic data in two ways:

  • Automatically via server logs – This helps us keep the website stable and secure. Information includes your IP address, browser type, and which pages you visit. We currently use Papertrail by Solarwinds to manage logs, which we may keep for up to a year. Papertrail Privacy Policy
  • Cookies and analytics – If you consent, we use Google Analytics to understand how people interact with our site. This may include your IP address, browser type, and device information. We don’t use analytics for demographic profiling. Google Privacy Policy

We also use Sentry for error tracking, which may collect similar technical data to help us identify and fix issues quickly. Sentry Privacy Policy

Our website is managed by our partners at Fieldwork and hosted by DigitalOcean and Amazon Web Services. Other than the specific data above, we do not store additional personal data with those providers.

When you join our newsletter

We collect your name and email address so we can send you curated insights and agency updates. We also track open rates and link clicks to improve content relevance.

We manage newsletters using Mailchimp. Mailchimp Privacy Policy

When you contact us or collaborate with us

If you reach out through the site, by email, or meet us in a professional context, we may collect:

  • Your name and contact info
  • The organisation you represent
  • Details relevant to your enquiry or project

If we continue conversations, we may store your data securely using HubSpot CRM for communication and project management. HubSpot Privacy Policy

When you're a client

For our work together, we may need to collect and store:

  • Contact and professional details (email, phone, address, job title, etc.)
  • Information about your organisation and team
  • Personal data you share with us for the delivery of services (e.g. internal project documents, employee insights)

This information is used strictly to fulfil the contract, co-design with you, and deliver value through our work.

Why we collect your data

We only collect personal data when we need it to:

  • Operate and protect our website
  • Respond to enquiries and develop relationships
  • Manage our project collaborations and contracts
  • Improve our content and services
  • Send newsletters, event invites, or follow-ups (only with your consent)

Our legal basis for processing your data

We use different lawful bases under GDPR, depending on the context:

  • Consent – when you opt into our newsletter or events
  • Contract – for client services and enquiries that relate to potential or actual agreements
  • Legitimate interest – to run the agency, manage relationships, and improve what we do
  • Legal obligation – where required by law (e.g., responding to law enforcement)

Who we share your data with

We never sell your data. We only share it with trusted service providers who help us deliver our website, communications, or client work, including:

  • Google Analytics
  • Mailchimp
  • HubSpot
  • Sentry
  • AWS

In cases where we collaborate with external consultants or network partners to deliver your project, they will only have access to what's necessary, and always under a strict confidentiality agreement.

International data transfers

Some of our tools or partners operate outside the European Economic Area (EEA). Where this occurs, we ensure your data is protected through mechanisms such as Standard Contractual Clauses (SCCs) or equivalent safeguards.

How long we keep your data

We only keep your data as long as it's necessary for the purpose it was collected. When it's no longer needed, we securely delete or anonymise it.

We maintain a data retention policy to guide this, and we periodically audit our systems to ensure we’re not holding more than we should.

How we protect your data

Data protection is embedded in how we design our systems and services.

We use secure platforms, strong access controls, and best practices for digital hygiene. Everyone on our team is trained in data privacy, and any third-party processors we work with are contractually bound to protect your data.

If there is ever a suspected data breach, we act quickly and transparently, following the requirements set out under GDPR.

Your rights

You have the following rights under data protection law:

  • Access – Know what data we hold about you
  • Rectification – Correct inaccurate data
  • Erasure – Ask us to delete your data
  • Portability – Request a copy in a machine-readable format
  • Restriction – Limit how we process your data
  • Objection – Object to processing in certain situations (like marketing)

You can exercise any of these rights by contacting us directly.

Contact us

For questions about how we handle your data, or to make a rights request:

📧 info@humanfuture.agency

If you’re not satisfied with how we’ve handled your request, you can contact the UK Information Commissioner's Office (ICO):
ico.org.uk

Updates to this policy

We may update this privacy notice from time to time to reflect changes in how we operate. When we do, we’ll update the “Last Updated” date below.

If the changes significantly impact how your data is used, we’ll let you know wherever possible.

Last updated: 17 March 2025

Info@humanfuture.agency