Privacy Policy

1) Who we are and how to contact us

The website available at capitalbridge.co.uk is operated by CapitalBridge Publishing Ltd, a UK-based publishing and research company focused on educational content about investing and economics. For the purposes of the UK GDPR and the Data Protection Act 2018, CapitalBridge Publishing Ltd is the data controller for personal data processed through this site.

• Legal name: CapitalBridge Publishing Ltd
• Registered address: 12 Baker Street, London, W1U 3BH, United Kingdom
• General contact: [email protected] | +44 20 3936 1920
• Privacy contact (preferred): [email protected]

We publish educational materials and tools. We do not provide personalised investment advice. If you have questions about this policy or wish to exercise your data rights, contact us using the details above and include “Privacy Request” in your subject line for faster handling.

2) What data we collect

We collect only the data necessary to operate our site, respond to enquiries, measure performance, and—if you choose—send you updates. The categories of personal and technical data we may process include:

• Identity and contact data: full name, email address, and optionally phone number if you include it in a message.
• Communication content: information you provide in contact forms or emails, including your questions and feedback.
• Subscription preferences: whether you subscribed to the CapitalBridge Briefing and your opt-in status.
• Technical and usage data: IP address, device identifiers, browser type and version, operating system, language settings, pages visited, time on page, referring pages, and interaction events.
• Cookie and similar data: small files stored on your device to remember preferences, maintain session choices (such as cookie consent), and measure aggregated analytics where you have provided consent.
• Server logs and security data: timestamps, error logs, and event information used to keep the site reliable and secure.

3) How we collect data

We obtain data through several methods that you control. You may provide data directly, for example when you submit a contact form or subscribe to our newsletter. Some data is collected automatically when you browse the site, subject to your cookie choices. Specifically, we collect data via:

• Web forms: the “Contact CapitalBridge” form on our home page and any future forms requesting your name and email.
• Email: when you write to us, we process the sender address, message content, and metadata necessary to deliver replies.
• Newsletter sign-up: the subscription box in our site footer, which records your email and consent status.
• Cookies and local storage: for preference management (e.g., cookie consent) and, with your consent, for analytics and marketing measurement.
• Analytics tools: Google Analytics 4 (GA4) may be used to understand aggregated behaviour; data is collected via first-party cookies and event pings. We only enable GA4 if you accept analytics cookies in our banner.
• Advertising pixels: the Meta Pixel may be deployed to measure the effectiveness of our ads; it is loaded only if you accept marketing cookies in our banner.
• Server logs: our hosting platform automatically records requests to diagnose errors and mitigate abuse.

4) Legal bases for processing (GDPR Article 6)

We rely on the following legal grounds to process data, depending on the context and the type of personal data involved:

• Consent (Art. 6(1)(a)): for newsletter subscriptions, marketing measurement (e.g., Meta Pixel), and analytics cookies (GA4). You can withdraw consent at any time via the unsubscribe link in emails, through our cookie banner, or by contacting us.
• Legitimate interests (Art. 6(1)(f)): to maintain website security, prevent fraud, measure essential site performance in an aggregated manner, improve content quality, and respond to messages you send. We balance these interests against your rights and expectations.
• Contract (Art. 6(1)(b)): if we provide requested content or resources by email after you ask us to, we process your contact details to deliver them.
• Legal obligation (Art. 6(1)(c)): to comply with statutory recordkeeping, respond to lawful requests, or enforce our terms.

5) Purposes of processing

We process personal data for clearly defined purposes that align with what you expect from an educational website:

• Service delivery: operate the website, provide access to guides and tools, and ensure accessibility and performance.
• Customer support: answer enquiries and provide follow-up on your requests.
• Communications: send the CapitalBridge Briefing and occasional product updates when you have opted in.
• Analytics and improvement: understand aggregated engagement to refine articles, case studies, and calculator features.
• Security and fraud prevention: detect misuse, defend against attacks, and maintain the integrity of our systems.
• Compliance: maintain records of consent and handle rights requests as required by applicable law.

6) Data retention

We keep personal data only as long as it is needed for the purposes described above, followed by secure deletion or anonymisation. Our typical retention periods are:

• Form submissions and customer support emails: 2 years from last interaction, unless legal requirements justify longer retention.
• Newsletter subscriber list: until you unsubscribe, then deleted within 30 days from our mailing system backups.
• Cookie consent preferences (local storage): up to 180 days, after which you may be asked to choose again.
• Analytics data (GA4): 14 months when enabled with your consent.
• Server and security logs: 90 days unless extended to investigate incidents.

If a fixed retention period cannot be set in advance, we apply criteria such as the sensitivity of the data, potential risks, and whether we need the information to answer your queries or comply with obligations.

7) Data sharing and processors

We do not sell personal data. We share data only with trusted processors who perform services on our behalf under data processing agreements that include appropriate safeguards. Typical categories of third parties include:

• Hosting and infrastructure providers that store our website and server logs.
• Email delivery and newsletter services used to send transactional and subscription messages.
• Analytics providers such as Google LLC (GA4) to measure aggregated traffic when you consent.
• Advertising measurement providers such as Meta Platforms Ireland Limited (Meta Pixel) when you consent to marketing cookies.
• Professional advisers and auditors where necessary for compliance and legal defence.

If we are legally compelled to disclose information to a public authority, we will evaluate the request and disclose only what is required. Should we reorganise or transfer our operations, user information may be transferred as part of that process in accordance with applicable law and this policy.

8) International data transfers

Our primary operations are in the United Kingdom. Some providers may process data in the European Economic Area (EEA), the United States, or other jurisdictions. Where a transfer outside the UK or EEA occurs and the destination country has not been deemed to provide an adequate level of protection, we rely on appropriate safeguards such as the EU Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum, along with supplementary technical and organisational measures.

You can request details about the specific safeguards in place for your data by contacting [email protected].

9) Your rights

Under the UK GDPR (and, where applicable, the EU GDPR), you have the following rights regarding your personal data:

• Access: obtain a copy of your personal data and information about how it is processed.
• Rectification: request correction of inaccurate or incomplete data.
• Erasure: ask us to delete your data when it is no longer necessary or if you withdraw consent where consent is the legal basis.
• Restriction: request that we limit processing in specific circumstances.
• Portability: receive the data you provided to us in a structured, commonly used, machine-readable format and transmit it to another controller where legally required.
• Object: object to processing based on legitimate interests, and to direct marketing at any time.
• Withdraw consent: where processing relies on consent (e.g., newsletters, analytics, marketing pixels), you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

To exercise any right, email [email protected]. We may need to verify your identity before fulfilling a request. We aim to respond within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner’s Office (ICO). Contact details are available on the ICO website. If you are in the EEA, you may also contact your local data protection authority.

10) Cookies and similar technologies

Cookies are small text files placed on your device. We also use local storage for certain preferences. You can manage your choices using our cookie banner, which allows you to accept or reject non-essential categories, and you can change your browser settings to block or delete cookies at any time. We group cookies into the following categories:

• Strictly necessary: required for basic site functionality and security, such as storing your cookie consent (key: cb_cookie_consent_v1, typical duration up to 180 days). Disabling these may break core features.
• Analytics (consent-based): help us understand website performance and usage patterns. Examples include GA4 cookies that may persist up to 14 months if enabled.
• Marketing (consent-based): measure ad performance and reduce irrelevant ads. The Meta Pixel may set cookies or use similar technologies when you opt in.

You will not be denied access to our content if you reject optional cookies. Some features may be less tailored, and we will not load analytics or marketing scripts without your consent. For additional details on how these technologies are used, contact us at [email protected].

11) Children’s privacy

Our website and communications are directed at adults and are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided information to us, please contact [email protected] so we can take appropriate steps to delete the data.

12) Security measures

We implement technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include access controls, encryption in transit, least-privilege principles for staff, and regular review of vendor practices. No method of transmission or storage is completely secure, so we cannot guarantee absolute security; however, we continually work to improve our safeguards and promptly investigate potential incidents.

13) Links to other sites

Our site may reference third-party websites for additional reading or tools. Those websites are governed by their own privacy notices. We are not responsible for their content, policies, or practices. We recommend reviewing privacy information on each external site you visit.

14) Marketing communications

You will receive the CapitalBridge Briefing or other marketing emails only if you have explicitly opted in. Every message includes an unsubscribe link. Unsubscribing will stop further messages, and we will remove your email from active mailing lists immediately and from all backups within 30 days. We do not use sensitive categories of data for marketing and we do not purchase third-party contact lists.

15) Automated decision-making

We do not engage in automated decision-making that produces legal or similarly significant effects on you. Any analytics or personalisation is aggregated and non-essential, and it occurs only if you have provided consent for those cookies or technologies.

16) Changes to this policy

We may update this Privacy Policy to reflect changes in our services, technologies, or legal requirements. When we make material changes, we will update the date at the top of this page and, where appropriate, notify you via a site banner or email if you are subscribed. We encourage you to review this page periodically to stay informed about our data practices.

Last Updated: January 15, 2026

17) Contact and data protection lead

CapitalBridge Publishing Ltd has appointed an internal Data Protection Lead responsible for overseeing questions related to this policy. If you have any queries, requests, or complaints, please contact: Data Protection Lead, CapitalBridge Publishing Ltd, 12 Baker Street, London, W1U 3BH, United Kingdom, or email [email protected]. We will do our best to resolve your concern. You also have the right to raise concerns with the Information Commissioner’s Office (ICO) in the UK.