Privacy Policy

Privacy Notice 

Flipside Thinking LTD
Effective Date: 01 Feb 2026
Last Updated: 20 Feb 2026 

1. Introduction 

Flipside Thinking LTD (“we”, “us”, “our”) is a market research and insight consultancy based in London, United Kingdom. 

We are committed to protecting your personal data and respecting your privacy. This Privacy Notice explains how we collect, use, and protect personal information when you: 

  • Visit our website 
  • Contact us 
  • Engage us for services 
  • Participate in research activities 
  • Subscribe to communications 

We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and applicable international data protection laws where relevant. 

2. Who We Are 

Flipside Thinking LTD
Private Limited Company registered in England & Wales
Registered Office: 72 Galloway Road, London, W12 0PJ
Email: bob@firefish.ltd.uk  

For the purposes of data protection law, Flipside Thinking LTD is the Data Controller unless otherwise stated. 

3. What Personal Data We Collect 

Depending on how you interact with us, we may collect: 

3.1 Information You Provide Directly 

  • Name 
  • Job title 
  • Company name 
  • Email address 
  • Telephone number 
  • Project-related information 
  • Billing information 

3.2 Research Participant Data (where applicable) 

  • Contact details 
  • Demographic information 
  • Research responses and opinions 
  • Audio/video recordings (with consent where required) 

Research data is always collected for specific, defined purposes and handled confidentially. 

3.3 Website Data 

When you visit our website, we may automatically collect: 

  • IP address 
  • Browser type 
  • Device information 
  • Pages visited 
  • Usage data 

This information is collected through cookies or analytics tools (see Section 8). 

4. How We Use Your Information 

We process personal data for the following purposes: 

  • Responding to enquiries 
  • Delivering consultancy services 
  • Managing client relationships 
  • Conducting research projects 
  • Administering contracts and billing 
  • Improving our website 
  • Complying with legal obligations 

We only use personal data where we have a lawful basis to do so. 

5. Lawful Bases for Processing 

Under UK GDPR, we rely on: 

  • Contract – where processing is necessary to deliver agreed services 
  • Legitimate Interests – for business operations and relationship management 
  • Consent – for research participation or marketing communications 
  • Legal Obligation – for financial, tax, or regulatory compliance 

Where consent is required, it can be withdrawn at any time. 

6. Sharing Your Information 

We do not sell personal data. 

We may share personal data with: 

  • Professional advisers (e.g., accountants, legal advisers) 
  • Secure cloud service providers 
  • Approved research partners (where relevant and contractually protected) 
  • Regulatory authorities if legally required 

All third-party providers are required to implement appropriate security measures. 

7. International Transfers 

As we work globally, personal data may occasionally be transferred outside the UK. 

Where this occurs, we ensure appropriate safeguards are in place, such as: 

  • UK International Data Transfer Agreements (IDTAs) 
  • Standard Contractual Clauses (SCCs) 
  • Transfers to countries with adequacy decisions 

8. Cookies and Website Analytics 

Our website may use cookies and analytics tools to: 

  • Understand website usage 
  • Improve performance 
  • Enhance user experience 

You can manage or disable cookies via your browser settings. 

[If using Google Analytics or similar, insert specific wording here.] 

9. Data Retention 

We retain personal data only for as long as necessary: 

  • Client data – retained in line with contractual and legal requirements 
  • Research data – retained according to project agreements 
  • Financial records – retained in accordance with UK tax law 
  • Marketing data – until consent is withdrawn 

Data is securely deleted when no longer required. 

10. Data Security 

We implement appropriate technical and organisational measures to protect personal data, including: 

  • Password-protected systems 
  • Encryption 
  • Secure cloud storage 
  • Access controls 
  • Regular software updates 

Despite these measures, no system can guarantee absolute security. 

11. Your Rights 

Under UK GDPR, you have the right to: 

  • Access your personal data 
  • Request correction of inaccurate data 
  • Request erasure (where applicable) 
  • Restrict processing 
  • Object to processing 
  • Request data portability 
  • Withdraw consent 
  • Lodge a complaint with the UK Information Commissioner’s Office (ICO) 

ICO website: https://ico.org.uk 

12. Third-Party Links 

Our website may contain links to third-party websites. We are not responsible for their privacy practices. 

13. Updates to This Notice 

We may update this Privacy Notice from time to time. The latest version will always be available on our website. 

14. Contact Us 

If you have any questions about this Privacy Notice or how your data is handled, please contact: 

Flipside Thinking LTD
London, United Kingdom
Email: bob@flipsidethinking.co.uk 

Copyright © 2026 Flipside Thinking - All Rights Reserved.

Powered by

  • Privacy Policy

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept