Privacy Poilcy

Last updated: Friday 13 March 2026

Sonoloom Ltd is committed to protecting and respecting your privacy. This notice explains how we collect, use and share your personal data when you visit our website, interact with us or use our services.

We are Sonoloom Ltd, a company registered in England and Wales, operating as a podcast and audio creative business. We are the data controller for the purposes of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.

Our contact details are: Sonoloom Ltd 86–90 Paul St London EC2A 4NE United Kingdom

Email: info@sonoloom.com Company number: 16902152

1. Personal data we collect

We may collect and use the following categories of personal data:

• Identity data: name, job title, organisation, and similar identifiers.
  

• Contact data: email address, postal address, telephone number, social media handles.
  

• Technical data: IP address, browser type and version, device identifiers, time zone setting, operating system and platform, and other technology on the devices you use to access our website.
  

• Usage data: information about how you use our website, podcasts and other content (for example, pages viewed, links clicked, time spent on pages, referring website).
  

• Marketing and communications data: your preferences in receiving marketing from us and your communication preferences.
  

• Content you submit: information you provide when you contact us, sign up to a mailing list, send an enquiry, submit feedback, or take part in surveys or audience research.
  

We do not intentionally collect special category data (such as health information) or information about criminal convictions through our website. If you choose to provide such information, you do so at your own discretion and we will handle it in line with this policy.

2. How we collect your personal data

We collect personal data in the following ways:

• Direct interactions: when you fill in forms on our website, sign up for newsletters or updates, request information, take part in audience research, or contact us by email, telephone or social media.
  

• Automated technologies: as you interact with our website, we automatically collect technical and usage data using cookies and similar technologies (see the “Cookies and similar technologies” section below).
  

• Third parties: we may receive personal data about you from:
  

  • Analytics providers;
    

  • Email and marketing platforms;
    

  • Podcast hosting and distribution platforms;
    

  • Payment and e‑commerce providers, if you purchase products or services from us.
    

3. Purposes and legal bases for processing

We will only use your personal data where we have a lawful basis to do so. We use your personal data for the following purposes:

• To operate and maintain our website and digital platforms Legal basis: legitimate interests (to run our business, provide administration and IT services, maintain network security and present our content effectively).
  

• To provide our podcasts, audio content and related services Legal basis: contract (to perform a contract with you or take steps at your request before entering into a contract), and legitimate interests (to operate and grow a creative business).
  

• To respond to enquiries and manage our relationship with you Legal basis: contract (where we are dealing with you as a client or collaborator) and legitimate interests (to respond to queries, maintain relationships and improve our services).
  

• To send newsletters and marketing communications Legal basis: consent (where required for email or SMS marketing) and/or legitimate interests (to promote our podcasts, events and services where the law allows). You can opt out at any time.
  

• To understand our audience and improve our content and services Legal basis: legitimate interests (to analyse how audiences find, access and engage with our content, and to develop new programming, formats and services).
  

• To comply with legal and regulatory obligations and to protect our rights Legal basis: legal obligation and legitimate interests (to protect our business, our audience and others, and to establish, exercise or defend legal claims).
  

Where we rely on your consent, you have the right to withdraw that consent at any time.

4. Marketing

We may use your identity, contact, usage and marketing data to:

• Send you newsletters and updates about Sonoloom Ltd, our podcasts and audio projects, events or opportunities to take part in audience research.
  

• Inform you about products, services or collaborations that we think may interest you.
  

We will only send you electronic marketing communications where we have your consent or are otherwise permitted to do so under UK law. You can opt out of marketing at any time by:

• Clicking the “unsubscribe” link in any marketing email; or
  

• Contacting us using the contact details above.
  

If you opt out of marketing, we may still send you non‑marketing messages, such as information about changes to this policy or essential service communications.

5. Cookies and similar technologies

Our website uses cookies and similar technologies to distinguish you from other users, enable core functionality, understand how the site is used and improve your experience.

Cookies we may use include:

• Strictly necessary cookies: required for the operation of our website (for example, to remember your cookie preferences or to provide secure log‑in areas where applicable).
  

• Performance and analytics cookies: to collect information about how visitors use our site and our embedded players or media, so that we can improve layout, navigation and content.
  

• Functionality cookies: to remember your preferences, such as language or region, and to help personalise your experience.
  

• Advertising and social media cookies: where used, to deliver relevant adverts, measure their effectiveness and enable you to share content via social media platforms.
  

Where required by law, we will ask for your consent before setting non‑essential cookies (such as analytics or advertising cookies). You can withdraw your consent or change your cookie settings at any time via our cookie banner or your browser settings. Please note that blocking some types of cookies may affect the performance or availability of certain features on the site.

For more detailed information about the cookies we use, please see our separate Cookie Policy, which is available on our website.

6. Disclosure of your personal data

We may share your personal data with:

• Service providers who process data on our behalf, including:
  

  • Website hosting and maintenance providers (including Bluehost, which hosts our website);
    

  • Podcast hosting, streaming and analytics platforms;
    

  • Email and marketing platforms;
    

  • Cloud storage and project management tools;
    

  • Payment and e‑commerce providers.
    

• Professional advisers including lawyers, bankers, auditors and insurers.
  

• Regulators, law enforcement agencies and other authorities where required by law or to protect the rights, property or safety of our business, our audience or others.
  

• Third parties to whom we may choose to sell, transfer or merge parts of our business or assets. If a change happens, the new owner may use your personal data in the same way as set out in this policy.
  

We require third parties that process personal data on our behalf to keep it secure, use it only for specified purposes and process it in accordance with our instructions and applicable law.

We do not sell your personal data.

7. International transfers

Some of our service providers and partners may be based outside the United Kingdom, or may process data in countries that do not have the same data protection laws as the UK.

Where we transfer your personal data outside the UK, we will ensure that appropriate safeguards are in place, such as:

• An adequacy regulation from the UK Government confirming that the country provides an adequate level of protection; or
  

• Standard contractual clauses or other legally recognised safeguards.
  

You can contact us if you would like more information about the safeguards we use when transferring personal data outside the UK.

8. Data security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction or damage. These measures include:

• Limiting access to personal data to those employees, contractors and service providers who have a genuine business need to know it.
  

• Using secure systems, passwords and access controls.
  

• Keeping our systems and policies under regular review.
  

However, no method of transmission or storage is completely secure. While we do our best to protect your personal data, we cannot guarantee its absolute security.

9. How long we keep your data

We will keep your personal data only for as long as reasonably necessary to fulfil the purposes we collected it for, including to satisfy any legal, regulatory, tax, accounting or reporting requirements.

When deciding how long to keep data, we consider:

• The amount, nature and sensitivity of the personal data.
  

• The potential risk of harm from unauthorised use or disclosure.
  

• The purposes for which we process it and whether we can achieve those purposes in other ways.
  

• Applicable legal and regulatory requirements and industry practices.
  

At the end of the relevant retention period, we will delete or anonymise your personal data. If we anonymise it, we may use the resulting information indefinitely without further notice to you.

10. Your data protection rights

Under UK data protection law, you have the following rights in relation to your personal data, subject to certain conditions and exemptions:

• Right of access: to obtain a copy of your personal data and information about how we process it.
  

• Right to rectification: to have inaccurate or incomplete personal data corrected.
  

• Right to erasure: to request that we delete your personal data in certain circumstances.
  

• Right to restriction of processing: to ask us to suspend the processing of your personal data in certain circumstances.
  

• Right to data portability: to receive your personal data in a structured, commonly used and machine‑readable format and to ask us to transmit that data to another controller where technically feasible.
  

• Right to object: to object to our processing of your personal data where we are relying on legitimate interests, and to object at any time to processing for direct marketing.
  

• Rights in relation to automated decision‑making: to not be subject to a decision based solely on automated processing, including profiling, which has legal or similarly significant effects, and to request human intervention where such processing occurs.
  

If you wish to exercise any of these rights, please contact us using the details at the top of this policy.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). We aim to respond to all legitimate requests within one month. If your request is particularly complex or you have made multiple requests, it may take us longer; we will keep you informed.

11. Complaints

If you have any concerns about how we use your personal data, please contact us in the first instance so that we can try to resolve the issue.

You also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection:

Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF Website:www.ico.org.uk Helpline: 0303 123 1113

12. Changes to this privacy policy

We may update this privacy policy from time to time, for example to reflect changes in our practices, technology or legal requirements. We will post any updates on this page and change the “Last updated” date at the top. We encourage you to review this policy periodically to stay informed about how we protect your information.