Privacy Policy | Fast Thinking (original) (raw)

Last updated: January 2026

Plain English Summary

Fast Thinking Limited respects your privacy. This policy explains how we handle data:

• When you visit our website
• When you use our platform (the Evolve Marketing Platform)
• When we provide marketing services to clients

We only collect what we need, we never sell data, and we follow UK GDPR and CCPA laws. In most cases, we act as a data processor, which means we process data on behalf of marketers who use our tools or services. We only act as a data controller when it's about our own website or platform users.

You can contact us any time at privacy@fast-thinking.co.uk.

1. Who We Are

Fast Thinking Limited (company number: 05198978) is a marketing technology and services company registered in the UK. Our registered office is at:

1 Mill View, Mill Road, Cobham, Surrey, KT11 3AL, UK

This Privacy Policy explains how we collect, use, and protect your information when:

• You visit our website: https://fast-thinking.co.uk
• You use the Evolve Marketing Platform (our software platform)
• We provide marketing services to you or your company

2. When We Are a Data Controller

We are a data controller when we collect and use personal information to:

• Provide and maintain your access to the platform
• Authenticate and secure your account
• Communicate with you regarding your account and platform updates
• Improve our services and user experience

This includes:

a. Website Visitors

When you visit our website, we may collect:

• IP address and browser/device info (via cookies and analytics tools)
• Pages visited and links clicked
• Consent preferences via our cookie banner

We use a number of analytics, performance, and marketing tools to help improve our website and understand how it's used. These may include tag managers, analytics platforms, A/B testing tools, and advertising pixels. A full list of third-party tools and subprocessors is maintained here. Your consent preferences are managed through our cookie banner.

b. Contact and Marketing Forms

If you:

• Fill in a contact form
• Sign up for our newsletter
• Download gated content

We may collect:

• Name
• Email address
• Company name

We use this information to reply to your enquiry or send marketing updates (if you opt in).

c. Platform Users (Marketers)

When you create an account on the Evolve Marketing Platform, we collect:

• Name
• Email address
• Avatar
• Company name and details
• Login credentials (securely stored and encrypted)

We use this information to provide secure access to the platform and improve your experience.

3. When We Are a Data Processor

We are a data processor when customers use our platform or services to collect and process end-user data (e.g. people who see ads or visit their websites).

This includes:

a. Tracking on Marketer Websites

Customers place our tracking tags on their websites. We:

• Do set cookies and/or local storage on behalf of our advertisers
• Do collect anonymised event data such as ad impressions, clicks, and on-site activity
• Do not use cookies or fingerprinting to collect personal data, whether pseudonymous or otherwise
• Do not collect IP addresses or personal identifiers
• Store anonymised event logs for up to 6 months, and retain aggregated, non-identifiable data indefinitely

Consent management is the responsibility of the customer. Our tags should only be activated after end users have given consent via the customer's own cookie banner or consent management platform.

b. Use of Data

We only process this data to:

• Provide analytics to the marketer
• Improve ad or creative performance
• Monitor and improve platform effectiveness

We never sell end-user data to third parties. We may use anonymised, aggregated data to improve our services. This data cannot be linked back to any individual.

4. Legal Bases for Processing

We rely on the following legal bases:

• Consent (e.g. marketing emails, cookie tracking)
• Legitimate interest (e.g. service analytics, platform improvement)
• Contract (e.g. fulfilling our services to marketers)
• Legal obligation (e.g. fraud prevention, regulatory compliance)

5. International Data Transfers

All data is hosted on Amazon Web Services (AWS) in London. We use AWS CloudFront for content distribution, but personal data is not transferred internationally. Where sub-processors are outside the UK or EU, we ensure they have adequate safeguards such as Standard Contractual Clauses.

We store raw access logs from Amazon CloudFront in the W3C Extended Log File Format. These logs include metadata such as IP address, timestamp, URL path, HTTP method, user-agent, and referrer. Logs are retained securely for up to 6 months for operational diagnostics and security monitoring, after which they are deleted or anonymised.

6. Data Retention

• Log data (platform tracking): stored for up to 6 months
• Aggregated data: stored indefinitely
• Contact/enquiry info: stored up to 2 years or until unsubscribed
• Platform user data: stored as long as the account is active

7. Your Rights (UK GDPR)

You have the right to:

• Access the personal data we hold about you
• Request correction or deletion of your data
• Object to processing or withdraw consent
• Lodge a complaint with the Information Commissioner's Office (ICO)

To exercise these rights, contact us at: privacy@fast-thinking.co.uk

8. Subprocessors & Tools We Use

Fast Thinking works with selected third-party service providers ("subprocessors") to support the delivery and performance of our website, platform, and services.

Our full and up-to-date list of subprocessors is available here:

https://fast-thinking.co.uk/subprocessors

This list applies to both our role as a data controller (for our own website and platform users) and as a data processor (on behalf of marketers using our services).

All subprocessors are contractually required to process data only on our documented instructions, maintain confidentiality, and implement appropriate technical and organisational security measures in accordance with applicable data protection laws (such as the UK GDPR and CCPA). We assess all subprocessors for security and compliance before engagement and monitor their performance on an ongoing basis. In the event of any material changes to our subprocessors, we will update our published list and, where required, notify affected customers in accordance with our Data Processing Agreement (DPA).

9. Contact Us

For privacy-related questions or to make a request:

Email: privacy@fast-thinking.co.uk

Address: Fast Thinking Limited, 1 Mill View, Mill Road, Cobham, Surrey, KT11 3AL, UK

10. Related Policies & Terms

• Data Processing Agreement (DPA)
• Platform Terms of Use

We may update this policy from time to time. Please check back here for the latest version.