Privacy
Policy
Last Update: January 2026
Introduction
This privacy notice provides details on how SquaresCircles (referred to as “we”, “us” or “our”) collects and processes your personal data through your use of our site and services. This includes information provided when you engage us for consulting, purchase digital systems, subscribe to our research, or commission creative projects.
By providing us with your data, you warrant to us that you are over 13 years of age. SquaresCircles is the data controller and responsible for your personal data.
Contact Details: If you have questions, please contact us at: hello@squarescircles.co
Information We Collect
Personal data means any information capable of identifying an individual. We may process the following categories:
Identity Data: Name, username, title, and gender.
Contact Data: Billing address, email address, and telephone numbers.
Financial Data: Bank account and payment card details (processed via secure third-party gateways).
Transaction Data: Details about payments and services/products purchased from us.
Technical Data: IP addresses, login data, browser type/version, time zone, and location data gathered during site use.
Profile Data: Your interests, preferences, feedback, and research survey responses.
Usage Data: Information about how you use our website, products, and services.
Marketing Data: Your preferences in receiving communications from us and our third parties.
Sensitive Data: We do not collect "Sensitive Data" (race, ethnicity, religious beliefs, sexual orientation, health data, etc.), nor do we collect information about criminal convictions.
We use different methods to collect data from and about you:
Direct Interactions: Information you provide by filling in forms or communicating with us via Slack, WhatsApp, email, or phone.
Automated Technologies: As you interact with our site, we may automatically collect Technical Data about your equipment and browsing patterns via cookies and server logs.
Third Parties: We may receive data from:
Analytics Providers: (e.g., Google, Facebook, Hotjar).
Advertising Networks: (e.g., Meta, Google Ads, LinkedIn).
Technical/Payment Providers: (e.g., Stripe, PayPal, GoHighLevel).
How We Use Your Information
We will only use your personal data when legally permitted. We most commonly use your data in the following circumstances:
Lawful Basis for Processing
Performance of Contract: This means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract (e.g., delivering our consulting or digital services).
Legitimate Interests: We use your data for our business interests in conducting and managing our business to enable us to give you the best service and the most secure experience. We ensure we consider and balance any potential impact on you and your rights before we process your data for our legitimate interests.
Comply with a Legal or Regulatory Obligation: This means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
Purposes and Activities
We may process your personal data for the following specific purposes:
Client Registration: To register you as a new client or user.
Type of data: Identity and Contact.
Lawful basis: Performance of a contract with you.
Service Delivery & Payments: To process and deliver your orders, manage payments, fees, and charges, and collect money owed to us.
Type of data: Identity, Contact, Financial, Transaction, Marketing, and Communications.
Lawful basis: Performance of a contract with you and necessary for our legitimate interests (to recover debts).
Relationship Management: To notify you about changes to our terms or privacy policy, or to ask you to leave a review or take a research survey.
Type of data: Identity, Contact, Profile, Marketing, and Communications.
Lawful basis: Performance of a contract, legal obligation, and necessary for our legitimate interests (to keep records updated and study how clients use our services).
Business Protection: To administer and protect our business and this site (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data).
Type of data: Identity, Contact, and Technical.
Lawful basis: Necessary for our legitimate interests (running our business, provision of IT services, network security, and fraud prevention) and legal obligation.
Marketing & Advertising: To deliver relevant website content and advertisements to you and measure the effectiveness of the advertising we serve.
Type of data: Identity, Contact, Profile, Usage, Marketing, Communications, and Technical.
Lawful basis: Necessary for our legitimate interests (to study how clients use our products/services, to develop them, and to grow our business).
Data Analytics: To use data analytics to improve our website, services, research, and customer experiences.
Type of data: Technical and Usage.
Lawful basis: Necessary for our legitimate interests (to define types of customers, to keep our site updated, and to inform our marketing strategy).
International Transfers
Some of our service providers (e.g., Google, Meta) are based outside the European Economic Area (EEA). Their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection by ensuring at least one of the following safeguards:
Transferring only to countries deemed to have an adequate level of protection by the European Commission.
Using specific contracts (Standard Contractual Clauses) approved by the European Commission.
Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. We limit access to your data to employees and contractors who have a business "need to know." They are subject to a duty of confidentiality. We utilise industry-leading, HIPAA-compliant server architecture and encryption protocols (via our proprietary digital systems) to ensure that all sensitive data is handled with the highest level of security and regulatory oversight.
Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including legal, accounting, or reporting requirements. By law, for tax purposes, we must keep basic information about our customers for six years after they cease being customers.
Legal Rights
Under data protection laws, you have the right to:
Request access to your personal data.
Request correction or erasure.
Object to or restrict processing.
Request transfer of your data.
Withdraw consent.
To exercise these rights, please contact us at hello@squarescircles.co
Third-Party Links & Cookies
Our site may include links to third-party websites. Clicking those links may allow third parties to collect data about you. We do not control these websites.
Cookies: We use cookies (session and persistent) to track usage and improve performance.
Strictly Necessary: Essential for site function (e.g., billing).
Performance/Functionality: (e.g., Google Analytics, Facebook Pixels) to understand how you use the site and to show you relevant research and services.
You can set your browser to refuse cookies, but some parts of the site may become inaccessible.