PRIVACY POLICY
Version 1.0 — Effective: 25 August 2025
THE REAL DEAL PROVIDERS LTD (“we”, “us”, “our”) is the controller of your personal data when you use visual-foundry.com (the “Site”).
Company number: 16108011 (England & Wales)
Registered office: Dept 6152, 43 Owston Road, Carcroft, Doncaster, United Kingdom, DN6 8DA
Contact: info@visual-foundry.com
This Policy explains how we collect, use, disclose, and safeguard personal data of visitors, account holders, and customers of the Site, including buyers of digital content and purchasers/redeemers of Credits/Tokens.
We collect the following categories of data (depending on your interaction with the Site):
Category | Examples | Source |
Account & Identity | Name, account handle, email, password (hashed); business name and VAT (Business Users) | You |
Contact | Email address; country; support messages | You |
Transaction | Order ID, purchase amounts/currency (USD/EUR/AUD/CAD), tax/VAT details, fulfilment status | You; PSP |
Credits/Tokens | Balance, purchase history, redemption logs, expiry | You; Site systems |
Technical & Usage | IP address, device/OS/browser, language, referral URL, session IDs, access timestamps, feature usage | Your device; analytics; security tools |
Prompts/Inputs (UGC) | Text prompts, parameters, and uploaded reference files you submit to generate content | You |
Support & Comms | Tickets, email threads, feedback, complaint records | You |
Anti‑Fraud & Security | Signals from fraud‑prevention tools, risk scores, velocity checks, chargeback flags | Anti‑fraud vendors; PSP |
We process personal data for the purposes and on the legal bases listed below:
|
Purpose |
Legal Basis (UK GDPR) |
Notes |
|
Provide and operate the Site; fulfil orders; deliver digital content; manage Credits/Tokens |
Contract (Art. 6(1)(b)) |
Includes account creation, order confirmation, delivery, and customer support |
|
Fraud prevention, abuse detection, security |
Legitimate Interests (Art. 6(1)(f)); Legal Obligation where applicable |
We protect users and our service; minimal and proportionate use of signals |
|
Analytics and service improvement |
Legitimate Interests; Consent for non‑essential cookies |
Aggregated statistics to improve performance and UX |
|
Marketing communications |
Consent (Art. 6(1)(a)); Legitimate Interests for existing customers (soft opt‑in) where permitted |
You can opt out at any time |
|
|
We use cookies and similar technologies as described in our Cookie Policy. Non‑essential cookies are set only with your consent under PECR and UK GDPR. You can change your preferences at any time in the cookie banner/settings.
We may use automated checks (e.g., fraud‑prevention risk scoring) to help prevent abuse and secure transactions. These checks can affect your ability to complete a purchase or access certain features.
Where required by law, you have the right to obtain human intervention, to express your point of view, and to contest the decision. Contact: info@visual-foundry.com.
We share personal data with:
International Transfers: Where personal data is transferred outside the UK (e.g., to the EEA or other countries), we use appropriate safeguards such as the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or other lawful transfer mechanisms. Where applicable, we verify vendor participation in recognised transfer frameworks.
We retain personal data only as long as necessary for the purposes set out in this Policy, and to comply with legal, tax, and accounting requirements.
Data Category | Typical Retention | Rationale |
Account data | Active account + 24 months after closure | Service continuity; dispute window |
Orders & transaction records | 6 years after the end of the tax year | Legal/tax record‑keeping |
Credits/Tokens logs | 6 years after the end of the tax year | Financial records; audit trail |
Support tickets | 3 years from last activity | Quality, disputes |
Technical logs (security) | 12 months | Security monitoring and incident response |
Analytics (aggregated) | Up to 26 months | Trend analysis |
Prompts/UGC (non‑reportable) | Up to 24 months, unless you delete sooner | Service improvement and reproducibility |
Under UK GDPR, you have the right to request:
Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.
To exercise rights, email: info@visual-foundry.com. We may need to verify your identity.
The Site is not intended for individuals under 18. We do not knowingly collect personal data from children. If you believe a child has provided data, contact us to delete it.
We employ technical and organisational measures appropriate to risk, including encryption in transit, access controls, least‑privilege principles, logging/monitoring, and vendor due diligence. No system is perfectly secure; we continuously improve our safeguards.
If we are legally required to notify you or authorities of a personal data breach, we will do so without undue delay.
Questions or requests: info@visual-foundry.com
You also have the right to complain to the UK Information Commissioner’s Office (ICO). See ico.org.uk for contact details.
We may update this Policy from time to time to reflect legal, technical, or business developments. We will post the updated version with a new effective date. For material changes, we will provide reasonable notice (e.g., email or in‑product notice).
1) Receive request at info@visual-foundry.com → 2) Verify identity → 3) Triage scope (access/erasure/rectification/etc.) → 4) Retrieve data from core systems and processors → 5) Respond within one month (extend by two months for complexity) → 6) Log request for audit.
We maintain vendor assessments and appropriate data protection safeguards. A current list of categories is available on request.
Data subjects: visitors, account holders, customers (consumers and business users).
Recipients: processors and sub‑processors as described above; competent authorities where required.
Transfers: outside UK subject to appropriate safeguards (see Clause 7).
Security: described in Clause 11.
Data Type | Examples | Retention | Notes |
Order & Billing | Invoices, VAT details, currency, amounts | 6 years post tax year | Statutory requirement |
Credits/Tokens | Purchases, balance, redemptions, expiry | 6 years post tax year | Financial audit trail |
Support & Complaints | Emails, tickets, resolutions | 3 years | Defence of claims; quality |
Security Logs | Access logs, IPs, events | 12 months | Security incident management |
Account Data | Profile, settings | Account life + 24 months | Reactivation window |
Analytics (aggregated) | Usage metrics | Up to 26 months | Trend analysis; minimisation |
Prompts/UGC | Text prompts, refs | Up to 24 months | Service reproducibility; you can delete sooner |
