Privacy Policy
C Square Digital (“C Square Digital,” “we,” “us,” or “our“) respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains what we collect, how we use it, who we share it with, and the choices you have when you visit csquaredigital.com (the “Site”) or engage us for digital marketing services (the “Services”).
By using the Site or Services, you agree to the practices described below. If you do not agree, please do not use the Site or Services.
1. Who we are
C Square Digital is a full-stack digital marketing agency providing web design and development, SEO, paid media (Google, Meta, TikTok, LinkedIn), social media management, branding, content marketing, and automation/CRM services to businesses worldwide.
Contact for privacy matters:
- Email: [insert privacy contact email, e.g. privacy@csquaredigital.com]
- Mailing address: [insert registered business address]
2. Information we collect
a. Information you give us directly
- Booking and contact details — when you book a strategy call, fill in a contact form, or email us: your name, business name, email address, phone number, website URL, and anything you choose to include in the message field.
- Account and onboarding information — if you become a client, we collect business details, billing contact information, access credentials you choose to share (e.g. ad account access, CMS logins), and project requirements.
- Newsletter and resource downloads — if you subscribe to our blog or download a resource (audit checklist, playbooks, etc.), we collect your email address and any other fields you submit.
- Payment information — invoice and billing details. Card payments are processed by third-party payment processors; we do not store full card numbers on our servers.
- Job applications — if you apply for a role, we collect your CV, contact details, and any information you share during interviews.
b. Information collected automatically
When you visit the Site, we and our service providers may automatically collect:
- Device and browser data — IP address, browser type and version, operating system, device identifiers, screen size, and language.
- Usage data — pages viewed, referring URLs, links clicked, time on page, scroll depth, and the date and time of your visit.
- Cookies and similar technologies — see Section 6 below.
c. Information from third parties
We may receive information about you from:
- Analytics and advertising platforms (e.g. Google Analytics, Google Ads, Meta Ads, LinkedIn Ads, TikTok Ads) that report on how users interact with our marketing.
- CRM and automation tools (e.g. GoHighLevel) used to manage leads, appointments, and client communications.
- Public sources such as LinkedIn or your company website, when researching prospective clients or partners.
d. Client end-user data
When we deliver Services to a client (for example, running ads or building a website for them), we may incidentally process personal data about that client’s own customers or website visitors. In that context, our client is the data controller and we act as a data processor on their behalf, in line with the contract between us.
3. How we use your information
We use personal information to:
- Respond to enquiries, schedule strategy calls, and provide quotes;
- Deliver, manage, and improve the Services you or your organization have engaged us for;
- Process payments and send invoices;
- Send service updates, project reports, and transactional emails;
- Send marketing emails about our services, case studies, or resources — only where permitted by law or where you have opted in;
- Run, measure, and optimize our own marketing campaigns, including remarketing and lookalike audience targeting;
- Operate and secure the Site, prevent fraud, and troubleshoot technical issues;
- Comply with legal obligations (tax, accounting, regulatory) and enforce our agreements;
- Recruit and evaluate candidates for open positions.
4. Legal bases for processing (GDPR / UK GDPR)
If you are in the European Economic Area, the United Kingdom, or another jurisdiction with similar laws, we rely on the following legal bases:
- Contract — to provide the Services you have requested and take steps before entering into a contract.
- Legitimate interests — to run and grow our business, market to other businesses (B2B), secure the Site, and improve our offering, balanced against your rights.
- Consent — for non-essential cookies, marketing emails to consumers where required, and any sensitive processing. You can withdraw consent at any time.
- Legal obligation — to meet tax, accounting, and other statutory duties.
5. How we share your information
We do not sell your personal information. We share it only in the following circumstances:
- Service providers and sub-processors that help us operate, including hosting providers, email delivery services, CRM platforms (e.g. GoHighLevel), analytics providers (e.g. Google), payment processors, scheduling tools, project management tools, and cloud storage providers.
- Advertising and analytics partners such as Google, Meta, LinkedIn, and TikTok, which receive limited information (including via pixels and conversion APIs) to measure and serve ads. See Section 6.
- Professional advisers such as lawyers, accountants, and insurers, where reasonably necessary.
- Legal and regulatory authorities when required by law, court order, or to protect our rights, property, or safety, or those of our clients or others.
- Business transfers — if we are involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction.
All service providers are required, by contract, to keep your information confidential and use it only for the purposes for which we share it.
6. Cookies and tracking technologies
The Site uses cookies, pixels, tags, and similar technologies for the following purposes:
- Strictly necessary — to operate the Site, remember your preferences, and keep it secure.
- Analytics — Google Analytics (via Google Site Kit) and similar tools to understand how visitors use the Site.
- Advertising and conversion tracking — Google Tag Manager, Google Ads, the Meta Pixel (Facebook), LinkedIn Insight Tag, and TikTok Pixel to measure campaign performance and serve relevant ads. We may also use server-side conversion tracking (Meta CAPI, Google Enhanced Conversions, GA4) which sends hashed event data to these platforms.
You can control cookies through your browser settings, our cookie banner (where shown), or platform-specific opt-outs:
- Google Analytics opt-out: https://tools.google.com/dlpage/gaoptout
- Your Ad Choices (US): https://optout.aboutads.info
- EDAA (EU): https://www.youronlinechoices.eu
- Meta ad preferences: in your Facebook/Instagram account settings
Blocking some cookies may affect how the Site works.
7. International data transfers
We are based in [insert country] and our service providers may be located in countries outside your own, including the United States. Where personal data is transferred internationally, we rely on appropriate safeguards such as the Standard Contractual Clauses approved by the European Commission, the UK International Data Transfer Addendum, or other lawful transfer mechanisms.
8. How long we keep your information
We retain personal information only for as long as needed to fulfill the purposes described in this Policy, including:
- Enquiry data — typically up to 24 months after last contact, unless you become a client.
- Client records — for the duration of the engagement and for up to 7 years afterward, to meet legal, tax, and accounting obligations.
- Marketing lists — until you unsubscribe or we determine the data is no longer relevant.
- Analytics data — in line with the retention settings of the underlying platform (e.g. Google Analytics default retention).
When data is no longer needed, we delete or anonymize it.
9. Your rights
Depending on where you live, you may have the right to:
- Access the personal information we hold about you;
- Correct inaccurate or incomplete information;
- Delete your information (“right to be forgotten”);
- Restrict or object to certain processing, including direct marketing;
- Withdraw consent at any time, where processing is based on consent;
- Data portability — receive your data in a structured, machine-readable format;
- Lodge a complaint with your local data protection authority.
California residents have additional rights under the CCPA/CPRA, including the right to know what categories of personal information we collect, the right to delete, the right to correct, and the right to opt out of “sharing” for cross-context behavioral advertising. We do not sell personal information for money.
To exercise any right, email us at [insert privacy contact email]. We will respond within the timeframes required by applicable law. We may need to verify your identity before acting on your request.
10. Marketing communications
If you have given us your contact details (for example, by booking a call or downloading a resource), we may send you occasional emails about our services, case studies, or insights. You can unsubscribe at any time by clicking the link in any marketing email or by emailing us. Transactional messages relating to your account or active projects are not affected by unsubscribing.
11. Security
We use reasonable administrative, technical, and physical safeguards designed to protect personal information against loss, misuse, and unauthorized access. No method of transmission over the internet is 100% secure, so we cannot guarantee absolute security. If we become aware of a personal data breach affecting you, we will notify you as required by applicable law.
12. Children’s privacy
The Site and Services are intended for businesses and adults. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child, please contact us and we will delete it.
13. Third-party links
The Site may contain links to third-party websites, tools, or platforms (such as our scheduling tool, social profiles, or client case study links). We are not responsible for the privacy practices of those third parties. We encourage you to read their privacy policies before sharing information with them.
14. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page. If the changes are material, we will provide a more prominent notice (for example, on the Site or by email). Your continued use of the Site or Services after the changes take effect means you accept the updated Policy.
15. Contact us
If you have questions, concerns, or requests about this Privacy Policy or your personal information, please contact us at:
C Square Digital Email: info@csquaredigital.com Website: https://csquaredigital.com
This policy is provided as a starting template and should be reviewed by qualified legal counsel before publishing, especially to confirm compliance with the laws of every jurisdiction your business and clients operate in (GDPR, UK GDPR, CCPA/CPRA, PECR, ePrivacy, PIPEDA, Pakistan’s PDPA, etc.).