Effective date: 1 January 2024

25 Above Limited (“us”, “we”,“our” or “25 Above”) operates the https://www.25above.com website (the “Service”). This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service, and any data that a client may give during the course of an agreed project with 25 Above, and the choices you have associated with that data.

25 Above is committed to ensuring that client privacy is protected. Should 25 Above ask you to provide data by which you can be personally identified during the stages of an agreed project, then you can be assured that it will only be used in accordance with this Privacy Policy and only for the required stages during the course of the agreed project.

We use your data to provide and improve the Service. By using the Service, or providing data during the course of an agreed project, you agree to the collection and use of data in accordance with this policy.

If you want to know what Personal Data we collect and hold about you, or to exercise any of your rights as set out below, please email us at info@25above.com.



Personal Data
Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).

Usage Data
Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

Cookies are small pieces of data stored on a User’s device.

Data Controller
Data Controller means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.

For the purpose of this Privacy Policy, we are a Data Controller of your data.

Data Processor (or Service Providers)
Data Processor (or Service Provider) means any person (other than an employee of the Data Controller) who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.

Data Subject
Data Subject is any living individual who is the subject of Personal Data.

The User is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.

Information Collection and Use
We collect several different types of information for various purposes to provide and improve our Service to you and during the course of an agreed project.


Types of Data Collected

Personal Data
While using our Service, and during the course of an agreed project, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you and / or your business (“Personal Data”). Personally identifiable information may include, but is not limited to:

  • First name and last name
  • Company name
  • Job title
  • Email address (personal and business)
  • Phone number (personal and business)
  • Address, city, county, postcode (personal and business)
  • Other information relevant to any stages during an agreed project (such as business contact information for the design of client business cards)
  • Supplier bank details, in order to process payments and invoices
  • Cookies and Usage Data.

You may provide us with information in a number of ways:

  • By information we may collect during the course of an agreed project
  • By corresponding with us by email and verbal meetings/phone calls during the course of an agreed project, in which case we may retain the content of your email messages together with your email address and our responses
  • By corresponding with us by email through this Service, in which case we may retain the content of your email messages together with your email address and our responses
  • By Information provided when you use our mobile optimised website from your portable hand-held device including details of your physical location, where you have agreed to it being used
  • Usage Data.

We may also collect information on how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Tracking Cookies Data
We use cookies and similar tracking technologies to track the activity on our Service and hold certain information. Cookies are files with small amounts of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyse our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

  • Session Cookies. We use Session Cookies to operate our Service
  • Security Cookies. We use Security Cookies for security purposes.


Use of Data
25 Above Limited uses the collected data for various purposes:

  • To provide and maintain our Service
  • To gather analysis or valuable information so that we can improve our Service
  • To monitor the usage of our Service
  • To detect, prevent and address technical issues
  • To complete stages during the course of an agreed project.

During the course of an agreed project we may require additional information to understand your needs and provide you with the agreed project or service, and in some other cases for the following non project based reasons:

  • Internal record keeping
  • To process accounts, supplier payments and invoices
  • To respond to enquiries about current or past projects
  • To improve services to you as a client
  • To customise the 25 Above website according to client interests
  • To feature a client project on the 25 Above website.

Retention of Data
25 Above Limited will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. 25 Above Limited will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods. In certain circumstances, once we have deleted or anonymised your data, we may need to retain parts of it (for example, your email address), in order to comply with legal obligations or other legislation, or for fraud detection purposes.

Transfer of Data
Your information, including Personal Data, may be transferred to, and maintained on, computers located outside of your country where the data protection laws may differ than those within your area. If you are located outside the United Kingdom and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United Kingdom and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. 25 Above Limited will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your data and other personal information.


Disclosure of Data

Disclosure for law enforcement
Under certain circumstances, 25 Above Limited may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Legal requirements
25 Above Limited may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of 25 Above Limited
  • To prevent or investigate possible wrongdoing in connection with the Service
  • To protect against legal liability

The legal basis for processing your information
Under GDPR, the main grounds that we rely upon in order to process your Personal Data are the following:

  • Necessary for compliance with a legal obligation where we are subject to certain legal requirements which may require us to process your Personal Data. We may also be obliged by law to disclose your Information to a regulatory body or law enforcement agency;
  • Necessary for the purposes of legitimate interests – either we, or a third party, will need to process your Personal Data for the purposes of our (or a third party’s) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your Information protected. Our legitimate interests include responding to requests and enquiries from you or a third party, notifying of changes to our Service, optimising our website and user experience;
  • Consent – in some circumstances, we may ask for your consent to process your Personal Data in a particular way.

Security of data
The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to protect your Personal Data, we cannot guarantee its absolute security.

Your rights
25 Above Limited aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. If at the end of an agreed project you would prefer any project information to be deleted, you can contact 25 Above by email to info@25above.com (or any such direct email address disclosed during the course of an agreed project).

Service providers
We may employ third party companies and individuals to facilitate our Service (“Service Providers” or “Data Processors”), to provide the Service on our behalf, to perform Service-related services or to assist us in analysing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

We may use third-party Service Providers to monitor and analyse the use of our Service. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network. You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page.

Trusted third-parties
In order to provide certain services, we may share your Personal Data with third party service providers such as IT infrastructure companies and email logistics / marketing automation providers. We will not share your Personal Data with any third party where it is not necessary to do so to provide a service to you.

Website development
We may need to provide website FTP access to our trusted development parties. The FTP access is restricted to their IP address and only provided during the course of the development process.

New business owners
If we or our business merges with or is acquired by another business or company, we will share your Personal Data with the new owners of the business or company and their advisors. If this happens, you will be sent notice of such an event.

Children’s privacy
Our Service does not address anyone under the age of 13 (“Children”). We do not knowingly collect personally identifiable information from anyone under the age of 13. If we become aware that we have collected Personal Data from children without verification of parental consent, we will take steps to remove that information from our servers.

Changes to this Privacy Policy
We may update our Privacy Policy from time to time. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Making a complaint
If you are unhappy about our use of your Information, you can contact us by visiting our contact page on our website.

Contact us
If you have any questions about this Privacy Policy, please contact us by visiting our contact page on our website.

25 Above details
This website is owned and operated by 25 Above Limited.

25 Above Limited is registered in England and Wales under company number 7933040, and has its Registered Office at 45 Sea Road, East Preston, West Sussex BN16 1JN.

25 Above is VAT registered. VAT Registration Number: 132 4427 42