Privacy Policy

Last updated: 8th January 2024

This is Ruffle’s Privacy Policy. Ruffle London Ltd. (“Ruffle”, “we” or “us”) is the data controller of your personal data. Our registered office is at The Nest, 2-4 Sampson Street, London, United Kingdom, E1W 1NA.

We are committed to protecting and respecting your personal data. This policy sets out the basis on which we process any personal data we collect from you, or that you provide to us and tells you about your privacy rights and how the law protects you. If you do not agree with this policy, you should not engage with us.

This privacy policy applies to individuals who visit our site at (the “Site”) or engage with us via our social media accounts (“SM Accounts”). It also applies to all our business contacts, including customers, creators, influencers, producers, film makers and script writers. Please note that separate policies may apply to our other services, applications, products and content which we will make available to you.

If you have any questions about how we use your personal data, please contact

1. The types of personal data we collect

We collect and use the following information about you:

Your Identity Data including your job title, first name, surname, social media account information and photos.

Your Contact Data including your phone number, email address and social media handle(s).

Your Transactional Data including information about our business dealings, transactions and interactions with you.

Your Technical Data including your IP address when you visit or engage with our Site or SM Accounts.

We will indicate where any personal information we have requested is mandatory. We will also explain the consequences should you decide not to provide information which we have indicated is mandatory. In some circumstances this may mean we are unable to provide you with a certain service or product.

2. How we use your personal data

We will only process your personal data where we have a legal basis to do so. The legal basis will depend on the purposes for which we have collected and use your personal information. In almost every case the legal basis will be one of the following:

  • Our legitimate business interests: Where it is necessary for us to carry out social media campaigns, provided in each case that this is done in a legitimate way which does not unduly affect your privacy and other rights. Also, where it is necessary for system administration purposes and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes, security and fraud prevention and to ensure that our website and digital properties are safe and secure;
  • Performance of a contract with you (or in order to take steps prior to entering into a contract with you): For example:
  • where you have provided your information to be a part of a marketing campaign;
  • where you are a social influencer delivering a social media campaign, or a content creator, producer, film maker or script writer developing campaign content;
  • Compliance with law: Where we are subject to a legal obligation and need to use your personal information in order to comply with that obligation.


3. How we share your personal data

We may share your personal information within our group of companies for the purposes set out in this privacy policy.

We may share your personal information with our suppliers, business partners and service providers, where they are helping us to market, advertise or supply our services, for them to use for the purposes set out in this privacy policy.

We may disclose your personal information to other third parties in the following cases:

• for the purposes of research, evaluation, and analysis of our products and services;

• in the event that we sell any business or assets, in which case we may disclose your personal information to the prospective buyer of such business or assets;

• if we or substantially all of our assets are acquired by a third party, in which case personal information held by us about our customers, suppliers and visitors to our websites will be one of the transferred assets;

• if we are under a duty to disclose or share your personal information in order to comply with any legal or regulatory obligation or request; or

• to protect the rights, property or safety of us or our users, or others, and in order to enforce or apply our terms and conditions (this includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction).

4. Where we store your personal data

The personal data that we collect from you will be transferred to, and stored within, the United Kingdom and European Economic Area (“EEA”).

Whenever we transfer your information as described in the paragraph above, we will take steps which are reasonably necessary to ensure that adequate safeguards are in place to protect your personal information and to make sure it is treated securely and in accordance with this privacy policy. In these cases, we rely on approved data transfer mechanisms (such as the EU and UK “Standard Contractual Clauses”) to ensure your information is subject to adequate safeguards in the recipient country. If you are located in the UK or EEA, you may contact us for a copy of the safeguards which we have put in place to protect your personal information and privacy rights in these circumstances.

5. Your Rights

You have the following rights:

• The right to request (i) confirmation of whether we process your personal data and (ii) access to a copy of the personal data retained;

• The right to request proper rectification or removal of your personal data or restriction of the processing of your personal data;

• Where processing of your personal data is either based on your consent or necessary for the performance of a contract with you and processing is carried out by automated means, the right to receive the personal data concerning you in a structured, commonly used and machine-readable format or to have your personal data transmitted directly to another company, where technically feasible (data portability);

• Where the processing of your personal data is based on your consent, the right to withdraw your consent at any time without impact to data processing activities that have taken place before such withdrawal;

• The right not to be subject to any automatic individual decisions, including profiling, which produces legal effects on you or similarly significantly affects you unless we have your consent, this is authorised by law or this is necessary for the performance of a contract;

• The right to object to processing if we are processing your personal data on the basis of our legitimate interest unless we can demonstrate compelling legitimate grounds which may override your right. If you object to such processing, we ask you to state the grounds of your objection in order for us to examine the processing of your personal data and to balance our legitimate interest in processing and your objection to this processing;

• The right to object to processing your personal data for direct marketing purposes; and

• The right to lodge complaints before the competent data protection regulator, the UK Information Commissioner’s Office.

Before we can respond to a request to exercise one or more of the rights listed above, you may be required to verify your identity or your account details. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Please send us an email at if you would like to exercise any of your rights.

6. The security of your personal data

We take steps to ensure that your information is treated securely and in accordance with this policy. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, for example, by encryption, we cannot guarantee the security of your information transmitted via the internet; any transmission is at your own risk.

We have appropriate technical and organizational measures to ensure a level of security appropriate to the risk of varying likelihood and severity for the rights and freedoms of you and other individuals. We maintain these technical and organizational measures and will amend them from time to time to improve the overall security of our systems.

We will, from time to time, include links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any information to these websites.

7. How long we keep your personal data

We retain your information for as long as it is necessary to provide you with the service we supply to you or to fulfil our obligations to you. Where we do not need your information in order to provide the service or to fulfil our obligations to you, we retain it only for so long as we have a legitimate business purpose in keeping such data. However, there are occasions where we are likely to keep this data for longer in accordance with our legal obligations or where it is necessary for the establishment, exercise or defense of legal claims.

After our agreement with you expires or terminates, or our relationship with you has otherwise ended, we may store your information in an aggregated and anonymised format.

8. Information relating to children

The services provided by Ruffle are not directed at children under the age of 18. If you believe that we have personal data about or collected from a child under the relevant age, please contact us at

9. Complaints

In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at and we will endeavour to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with the relevant data protection authority.

10. Changes

We will generally notify you of any material changes to this policy, through a notice provided via the Site or otherwise supplied to you. However, you should look at this policy regularly to check for any changes. We will also update the “Last Updated” date at the top of this policy, which reflects the effective date of such policy. Your continued engagement with us after the date of the updated policy constitutes your acceptance of the updated policy. If you do not agree to the updated policy, you must stop your engagement with us.

11. Contact

Questions, comments and requests regarding this policy should be addressed to