Privacy Policy

Last updated: 18 August 2025

Privacy Policy

Last updated: 18 August 2025

Who we are

Blue Ocean Social Ltd
Company number: 15021733
Registered office: Office 5589, 182-184 High Street North, East Ham, London, England, E6 2JA
Email: privacy@blueoceansocial.co.uk

Controller: Blue Ocean Social Ltd. We do not have a Data Protection Officer.
EU representative: Arne Habbestad, Øvre Korskirkeallmenningen 3, 5017 Bergen, Norway. Contact: privacy@blueoceansocial.co.uk

Scope

This policy covers marcuskingwolff.com and its subpages. Privacy terms for paid services, including Marcus AI, are set out in the terms for each paid service and sit alongside this policy.

What we collect

We aim to keep data collection minimal.

  • Free site use and the quiz
    We do not track or save quiz answers server side. We do not run marketing cookies.
  • Security and performance
    Our hosting and security tools keep server and security logs that may include IP address and user agent. These logs help us detect abuse and keep the site safe.
  • Analytics
    We use Independent Analytics. It is cookie free and runs on our server. It records visit data without setting browser cookies.
  • Email newsletter
    If you subscribe, we collect your email and first name. We use Kit (previously ConvertKit) to send emails and manage the list.
  • Payments and accounts for paid services
    If you buy a paid service, we collect your name and email to provide access and receipts. Payments are handled by SureCart with Stripe. Card details are processed by Stripe and are not stored by us.
  • Contact
    If you email us, we receive the personal data you include in your message.

We do not sell personal data. We do not use third party embeds on the site. Social icons link out to our profiles.

Why we use your data and legal bases

  • Security and site operation, including essential cookies and logs – legitimate interests.
  • Cookie free analytics that helps us understand site usage – legitimate interests.
  • Email newsletters – consent. You can withdraw at any time by unsubscribing.
  • Providing paid services, support, and account access – contract.
  • Invoices, tax, and compliance – legal obligation.
  • Law enforcement requests where we are required to respond – legal obligation.

Cookies

Only essential WordPress cookies are used to run the site and keep it secure. We do not set marketing or advertising cookies. Because we only use essential cookies and cookie free analytics, we do not display a cookie banner.

Sharing and processors

We use trusted providers to run the service:

  • Kit for email newsletters.
  • SureCart and Stripe for payments.
  • Hosting and security providers for running and protecting the site.

These providers act as processors and only use personal data under our instructions. We may share information if required by law.

International transfers

Some providers may process data outside the UK and EEA, including the United States. Where this happens, we rely on approved safeguards, such as the EU Standard Contractual Clauses with the UK Addendum, the UK IDTA, and, where applicable, an adequacy decision or participation in the EU or UK Data Privacy Framework. You can contact us for more details.

Retention

  • Security and server logs: kept for up to 30 days, extended only to investigate active incidents.
  • Newsletter data: deleted on unsubscribe, with provider backups purged within about 15 days.
  • Customer, invoicing, and tax records: kept for up to 6 years to meet UK accounting rules.
  • General correspondence: kept as long as needed to handle your request, then deleted or archived.

Your rights

Under UK GDPR and EU GDPR you can request:

  • access to your data
  • correction
  • deletion
  • restriction
  • objection to processing based on legitimate interests
  • withdrawal of consent at any time
  • portability of data you gave us

To use your rights, email privacy@blueoceansocial.co.uk. We respond within one month. We may ask you to confirm your identity. You can also complain to the UK Information Commissioner’s Office, or to your local EU data protection authority.

We do not offer services to children. Minimum age is 18. We do not carry out automated decision making that produces legal or similar effects.

California residents

We do not sell or share personal information for cross context behavioural advertising.
Categories collected in the past 12 months: identifiers such as name and email, internet activity from essential logs and cookie free analytics, and transaction information handled by SureCart and Stripe.
You have the right to know, delete, correct, and to be free from discrimination for exercising your rights. To make a request, email privacy@blueoceansocial.co.uk. We will verify your identity using your email and any information you provide.

Free and paid services

  • Free services: we do not save quiz answers server side.
  • Paid services: privacy details, including any model or chat retention, are set in the terms for each paid service. Those terms take priority for that service.

Security

We use standard safeguards, including encryption in transit, access controls, regular updates, and a security plugin to detect abuse. No internet service is perfectly secure, but we work to protect your data.

Changes

If we change this policy, we will post the new version here and update the date at the top.

Contact

Questions or requests: privacy@blueoceansocial.co.uk
EU representative: Arne Habbestad, Øvre Korskirkeallmenningen 3, 5017 Bergen, Norway. Use the same email address above.

Made with Blue Ocean Social

Back to Home Page