Privacy Policy

Last Updated: 25 February 2026

1. Introduction

Welcome to Our Journi ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website [ourjourni.co.uk] (the "Site"), sign up for our newsletter, or otherwise interact with us.

We are a data controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This means we are responsible for deciding how we hold and use personal information about you.

Providing privacy information lets people know what you're doing with their data and gives them reassurance that you've thought about how you'll keep it safe. This will help you build trust with your customers and show the Information Commissioner's Office (ICO) that you take your data protection responsibilities seriously.

If you have any questions or concerns, please contact us at:

Email: info@ourjourni.co.uk
Website: ourjourni.co.uk

2. What Data We Collect

We collect only the information necessary to provide our services and communicate with you.

We may collect the following types of information:

Email address – Collected when you sign up for our newsletter.

Name – Optional. Collected only if you choose to provide it.

Usage data – Anonymous information about how you interact with our Site (via Squarespace analytics).

Cookie data – Information collected through cookies (see our Cookie Policy for details).

Communication information – Any emails or messages you send us, including customer support inquiries.

We follow the principle of data minimisation – we only collect the personal data necessary for our intended purpose.

We do not collect payment information (we don't process payments yet), sensitive personal data (health, political opinions, religious beliefs, etc.), or location data beyond what is necessary for analytics.

3. How We Collect Your Information

We obtain information about you from various sources:

Directly from you – When you sign up for our newsletter, or contact us via email or web forms.

Automatically – When you use our Site, we may automatically collect technical data about your equipment, browsing actions, and patterns using cookies and similar technologies.

From third parties – If you interact with us on social media (Instagram, TikTok), we may receive limited information subject to those platforms' privacy policies.

4. How We Use Your Information

We use your personal information only for the following purposes:

To deliver our newsletter and weekly reflections – We use your email address for this purpose, based on your consent (you subscribed).

To respond to your enquiries – We use your email address and name (if provided) for this purpose, based on our legitimate interest in providing good customer service.

To improve our website and user experience – We use anonymous usage data for this purpose, based on our legitimate interest in understanding how people use our Site.

To comply with legal obligations – As required by law.

Your choices: You have the right at any time to request a copy of the personal information we hold on you, or to be removed from our database. You can unsubscribe from receiving marketing emails by clicking the "unsubscribe" link at the bottom of any email.

We do not sell or rent your personal information to third parties, use your data for automated decision-making or profiling, or share your data for third-party marketing purposes.

5. Cookies and Similar Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and understand how visitors interact with our Site.

What Are Cookies? Cookies are small files saved to your computer's hard drive that track, save and store information about your interactions and usage of our website. This allows a website to provide you with a tailored experience.

Types of Cookies We Use:

Essential cookies – Required for basic site functionality (Squarespace platform cookies). These are session or persistent cookies.

Analytics cookies – Help us understand how visitors use our site (page views, traffic sources). These last up to 2 years.

Squarespace, our website hosting platform, sets essential cookies for site functionality and analytics cookies to help us understand traffic patterns.

Managing Cookies:

Visitors to your website need to be told that cookies are being used, and what they do. If the cookies aren't strictly necessary to the running of your website, you'll also need the user's agreement to use them.

When you first visit our Site, you will see a cookie banner asking for your consent. You can manage your cookie preferences through our cookie banner, your browser settings, or the "Privacy Settings" link in our website footer.

If you wish to deny the use and saving of cookies from this website, you should take necessary steps within your web browser's security settings to block all cookies from this website and its external serving vendors.

For more detailed information, please see our separate [Cookie Policy].

6. Email Marketing and Your Rights

Under the Privacy and Electronic Communications Regulations (PECR), we are required to obtain your consent before sending you marketing communications.

What This Means for You:

Explicit opt-in consent – When you sign up, you take an active step (entering your email and clicking subscribe). Pre-ticked boxes are never used.

Clear unsubscribe option – Every email we send includes a visible, one-click unsubscribe link.

Consent withdrawal – You may withdraw your consent at any time by clicking the unsubscribe link in any email or by contacting us directly.

You will be required to explicitly opt-in if you wish to receive marketing from Our Journi.

If your app or website uses cookies or tracks users, obtaining consent in line with regulations is essential.

7. Data Storage and Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

Where Your Data Is Stored:

Squarespace – Our website is hosted on Squarespace servers, which may be located outside the UK. Squarespace is certified under the EU-US Data Privacy Framework and complies with UK data protection standards.

Email Service Provider – We use [ConvertKit / MailerLite] to manage our email list and deliver newsletters. This provider acts as a data processor on our behalf and is contractually required to protect your data.

Security Measures:

We use SSL encryption on all website pages, password-protected access to any personal data, regular security reviews of our systems, and restricted access to personal data on a need-to-know basis.

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Cyberattacks often target small businesses with less security, so taking protective steps to limit data collection, secure personal data, and follow compliance best practices is essential.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected.

Email address (active subscriber) – Retained until you unsubscribe.

Email address (unsubscribed) – Removed from active list immediately; may be kept on suppression list to honor your opt-out preference.

Consent records – Retained as long as necessary to demonstrate compliance (typically up to 6 years after last interaction).

Website analytics data – Retained for 26 months (Squarespace standard).

Sophisticated Cloud Limited will not retain your personal information longer than necessary. If legally required or if it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms and Conditions, we may also retain some of your information for a limited period of time as required.

When you unsubscribe, we remove you from all active mailing lists immediately, add your email to a suppression list (to ensure we don't accidentally re-add you), and delete all other personal data unless required for legal purposes.

9. Your Rights Under UK GDPR

Under UK data protection law, you have the following rights:

Right to be informed – You have the right to be told how your data is used (this Privacy Policy fulfills that).

Right of access – You can request a copy of the personal data we hold about you.

Right to rectification – You can ask us to correct inaccurate or incomplete data.

Right to erasure – You can ask us to delete your personal data ("right to be forgotten").

Right to restrict processing – You can ask us to limit how we use your data.

Right to data portability – You can request your data in a machine-readable format.

Right to object – You can object to processing based on legitimate interests or direct marketing.

Rights related to automated decision-making – You have rights regarding automated decisions (we don't use these).

How to Exercise Your Rights:

To exercise any of these rights, please contact us at info@ourjourni.com with the subject line "Data Protection Request."

We will respond to your request within one month (30 days). This may be extended by two months for complex requests, but we will inform you if this applies.

Our security procedures mean that we may request proof of identity before we reveal information, including your e-mail address.

You will not have to pay a fee to access your personal data unless your request is clearly unfounded, repetitive, or excessive.

10. Sharing Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

Squarespace – For website hosting and analytics. We have a data processing agreement in place, and Squarespace is certified under UK adequacy framework.

Email service provider – For newsletter delivery. We have a data processing agreement in place, and our provider is GDPR-compliant.

Legal authorities – When required by law. Only as necessary to comply with legal obligations.

All third-party service providers are contractually obligated to protect your data and may only process it in accordance with our instructions.

If you send personal data outside the UK or European Union, you need to ensure you have appropriate safeguards in place, such as standard contractual clauses.

11. International Data Transfers

Some of our service providers may be located outside the UK. When we transfer your personal data internationally, we ensure appropriate safeguards are in place:

Adequacy decisions – We may transfer data to countries that the UK has deemed to have adequate data protection standards.

Standard Contractual Clauses – We use UK-approved standard contractual clauses for transfers to countries without adequacy decisions.

Data Privacy Framework – For transfers to the US, we may rely on the UK-US Data Bridge / EU-US Data Privacy Framework certification.

If you would like more information about these safeguards, please contact us.

12. Children's Privacy

Our website and services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from a child without verification of parental consent, we will take steps to delete that information.

13. Third-Party Links

Our website may contain links to third-party websites (such as Instagram, TikTok, or other social platforms). This Privacy Policy does not apply to those websites. We are not responsible for the content or privacy practices of these external sites. We encourage you to read the privacy policies of any website you visit.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons.

For minor changes, we will update this page with a revised "Last Updated" date. For significant changes, we will notify you by email (if we have your email address) or through a prominent notice on our website.

We are constantly reviewing how we process and protect data, so changes to our policy may occur at any time. We will endeavour to publicise any changes.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

15. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal information, please contact us:

Email: info@ourjourni.co.uk
Website: www.ourjourni.co.uk

Response time: We aim to respond to all enquiries within 2-3 business days.

16. Squarespace Platform Notice

Our website is built on the Squarespace platform. As noted in Squarespace's Terms of Service, you're solely responsible for compliance with any laws or regulations related to your site and your end users. If applicable laws require it, you must have a Privacy Policy.

For more information about how Squarespace processes data, you can review Squarespace's Privacy Policy at: https://www.squarespace.com/privacy