PRIVACY POLICY

Last updated: 22 Oct 2025

Important Information

This Privacy Policy explains how RedBird Media & PR Ltd (“RedBird”, “we”, “us”, “our”) collects, uses, and protects personal data across our website, forms, communications, and services — including speaker representation and coaching.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

It applies to:

Speakers (represented, coaching clients, or prospective)
Corporate partners (brands, event organisers, PR firms)
Website visitors and form respondents
Freelancers and contractors working with RedBird

By using our website, submitting a form, or engaging with RedBird, you acknowledge this Policy.

Questions or requests: hello@redbird-media.co.uk

1. WHO WE ARE

RedBird Media & PR Ltd is a UK-based communications and talent management agency helping executives, founders, and thought leaders develop their personal brands, secure speaking engagements, and grow their influence through strategic content.

Trading name: RedBird Media & PR Ltd (“RedBird”, “we”, “us”, “our”).

Registered in England and Wales.

Email: hello@redbird-media.co.uk

2. DATA WE COLLECT

We collect and process personal data depending on your relationship with RedBird.

a) Speakers We Represent

Contact details (name, email, phone, LinkedIn URL, company)
Professional data (speaking topics, fees, testimonials, PR history, awards, event experience)
Speaker marketing materials (bios, videos, headshots, event clips)
Account credentials (LinkedIn, YouTube — where management is required)
Payment details (bank information for speaker fees, travel reimbursements, or vendor payments)
Signed contracts, statements of work, and speaker agreements
Analytics and performance metrics (LinkedIn engagement, audience data, etc.)

b) Coaching Clients

We collect and store:

Contact details (name, email, LinkedIn profile).
Coaching session notes, worksheets, and feedback forms.
Session recordings and transcripts (via Fathom or Google Meet).
Materials you share with us — such as bios, speaker decks, presentations, or videos — which we store securely in Google Drive for reference or feedback purposes.
Payment details (processed securely via Stripe).
Scheduling information (via Calendly).

c) Prospective Clients

Contact information and LinkedIn profiles (from Typeform, Squarespace, or direct email)
Partial form responses (we may receive contact details even if you don’t complete the form)
Professional experience, speaking history, and service preferences

d) Event Organisers, Brands & PR Firms

Business contact details and role titles
Event or campaign details and correspondence
Shared materials (briefs, decks, contracts, or proposals)

e) General Website Visitors

Technical data (device, browser, location, IP address) collected via Squarespace Analytics.
Interaction data with embedded Typeform forms or linked third-party tools.

3. HOW WE COLLECT DATA

We collect data through:

Website forms (Typeform, Google Forms, Squarespace)
Email, WhatsApp, or LinkedIn communications
Recorded video calls (via Google Meet and Fathom)
File and asset uploads (Google Drive, Adobe Creative Cloud, Canva, Descript, OpusClips)
Accounting and invoicing systems (Xero, Stripe)
Email analytics (Mailsuite)
Outreach tools (RocketReach, LinkedIn Sales Navigator)
Client-provided information and direct submissions

4. How We Use Your Data

We use your data for specific and legitimate business purposes. Below is a full breakdown of how and why we process it.

Delivering coaching and representation services:

We use your contact information, session notes, and shared materials to provide tailored guidance, strategy, and delivery support.

Lawful basis: contractual necessity.
Retention: up to five years after your last engagement with RedBird.

Managing outreach and pitching:

We use your professional data (such as topics, bio, and media assets) to identify and contact relevant event organisers, brands, and partners on your behalf.

Lawful basis: legitimate interest and contractual necessity.
Retention: up to five years or until your representation agreement ends.

Creating and distributing marketing materials:

We may create, edit, and publish videos, images, and posts using tools such as Canva, Adobe, Descript, OpusClips, YouTube, and LinkedIn to promote your professional profile.

Lawful basis: contractual necessity or consent (where materials are used for promotion).
Retention: until you withdraw consent or your representation period ends.

Tracking and improving communications:

We use Mailsuite to monitor when emails are opened and which links are clicked to improve the timing and relevance of our communications.

Lawful basis: legitimate interest.
Retention: reviewed every twelve months.

Administering payments and invoices:

We use Stripe and Xero to process payments, send invoices, and maintain accurate financial records.

Lawful basis: contractual necessity and legal obligation.
Retention: six years in line with HMRC record-keeping requirements.

Recording and transcribing sessions:

We record Google Meet sessions via Fathom or Google to provide accurate transcripts and recordings, which are shared only with the client(s) involved.

Lawful basis: contractual necessity and legitimate interest.
Retention: until the client downloads or requests deletion of their copy.

Client onboarding, waitlists, bookings & feedback (all forms):

We collect and review information submitted via our Squarespace contact form, the Typeform waitlist form (speaker representation), the Typeform coaching booking form (coaching clients), and Google Forms (speaker onboarding and post-engagement feedback). This may include contact details, LinkedIn URLs, speaker topics, fees, speaking history, PR, testimonials, awards, and preferences. We use this to assess fit, triage enquiries, deliver services, and improve our offering; we do not share form responses externally without explicit consent.

Lawful basis: legitimate interest and/or contractual necessity (as applicable).
Retention: up to 24 months for prospects/waitlists; for active clients, retained in line with service records (generally up to 5 years after last engagement) unless you withdraw or request deletion sooner.

Content ideation and analysis using AI tools:

We occasionally use AI tools such as ChatGPT or Perplexity for brainstorming, writing, and analysis. We never input personal or sensitive data.

Lawful basis: legitimate interest.
Retention: no personal data retained.

Outreach research:

We use RocketReach and LinkedIn Sales Navigator to identify relevant business contacts and opportunities.

Lawful basis: legitimate interest.
Retention: data is reviewed regularly and deleted when inactive or no longer relevant.

Event coordination and logistics:

We may share necessary contact and travel details with event organisers or agencies to coordinate speaking engagements.

Lawful basis: contractual necessity or consent.
Retention: until the event and related obligations are complete.

Security, backups, and administration:

We store files securely on Google Drive and G Suite with restricted access, ensuring backups and continuity of service.

Lawful basis: legitimate interest and legal obligation.
Retention: up to five years.

Legal, accounting, and compliance:

We retain records required by law, including financial and contractual documents, for auditing and compliance purposes.

Lawful basis: legal obligation.
Retention: six years (HMRC requirement).

5. Use of AI & Automation Tools

We may use ChatGPT, Perplexity, or other large language models (LLMs) to assist with ideation, research, and drafting.

We never input sensitive information (e.g., bank details, private contact data).

These systems are used only for non-identifiable, creative, or analytical purposes.

6. Data Storage, Access & Security

All files and materials — including those shared by coaching clients (such as bios, presentations, videos, or other assets) — are stored securely in Google Drive under RedBird’s account.

Access is restricted to authorised RedBird team members and approved contractors working under confidentiality and data protection agreements.

LinkedIn, YouTube, and other account credentials are stored in a private, access-controlled Google Sheet.

We use encryption and secure access protocols across all systems.

We never sell, trade, or disclose your data beyond what’s required to deliver our services.

Clients will always receive at least 14 days’ notice before any planned data deletion to allow time to download or transfer their files.

7. Data Sharing

We may share limited data with:

Event organisers, bureaus, or PR partners (with client consent).
Contractors or freelancers assisting with marketing, design, or administration.
Technology vendors listed above (Google, Stripe, Typeform, Fathom, Xero, etc.).

We ensure all partners comply with UK GDPR or equivalent data protection standards.

8. International Transfers

Some third-party tools process data outside the UK (e.g., Google, Stripe, OpenAI).

When this occurs, we rely on Standard Contractual Clauses (SCCs) or adequacy decisions approved by the UK government.

9. Retention

We retain data only for as long as necessary for service delivery, compliance, or legal recordkeeping.

Client files and correspondence: up to 5 years after final engagement
Invoices and tax records: 6 years (HMRC requirement)
Recordings and transcripts: retained until downloaded or deleted upon request
Outreach and prospecting data: reviewed and purged regularly

10. Your Rights

Under UK GDPR, you have the right to:

Access a copy of your personal data
Request correction or deletion
Restrict or object to processing
Withdraw consent at any time
Request transfer of your data (data portability)
Lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data rights have been infringed

11. UPDATES

This Privacy Policy may be updated periodically to reflect changes in systems, services, or law.

The latest version will always be posted here with an updated “Last Updated” date.