Privacy Policy

Privacy Policy

Brandcore LTD
Last updated: 18 May 2026

1. Who We Are

Brandcore LTD (“Brandcore”, “we”, “us”, or “our”) is a brand operating company registered in England and Wales. Our registered address is 45 Albemarle Street, 3rd Floor, Mayfair, London, England, W1S 4JL. We license consumer brands and scale them across Amazon, TikTok Shop, Shopify, and international marketplaces. We also work directly with brand owners and investors.

For the purposes of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018, Brandcore LTD is the data controller in respect of any personal data we collect through this website or in the course of our business activities.

If you have any questions about this policy or how we handle your personal data, you may contact us at privacy@brandc.co.uk or by writing to us at the address above.

2. What Data We Collect

The personal data we collect depends on how you interact with us. For general website visitors, we may collect certain technical information automatically, including your IP address, browser type, device type, operating system, the pages you visit on our site, and the date and time of your visit. This data does not typically identify you directly but may constitute personal data where it can be linked to you.

For individuals who submit a contact form, brand owner enquiry, or investor enquiry through our website, we collect the information you provide directly. This ordinarily includes your name, email address, telephone number, company name, and the content of your message or enquiry.

Where you correspond with us directly by email or telephone outside of the website, we may also retain records of that correspondence, including any personal data contained within it.

We do not intentionally collect sensitive personal data (also known as special category data) through this website. Please do not submit sensitive personal data to us through our contact forms or general correspondence unless we have specifically requested it.

3. How We Collect Your Data

We collect personal data through several means. First, through the contact and enquiry forms published on this website, which you complete and submit voluntarily. Second, through automated technologies such as cookies, web server logs, and analytics tools that record certain information about your visit to our site. Third, through direct correspondence you initiate with us by email, telephone, or post. Fourth, in the course of business discussions or negotiations with brand owners, investors, or commercial partners who approach us or whom we approach in our ordinary course of business.

4. Why We Collect It and Our Lawful Basis

We process personal data only where we have a lawful basis to do so under UK GDPR. The lawful bases we rely upon are as follows.

Legitimate interests. For website analytics and the improvement of our site, and for the purpose of responding to general enquiries, we rely on our legitimate interests in operating an effective business and website. We have assessed that our use of data for these purposes is proportionate, has a minimal impact on your privacy, and would be reasonably expected by you. You have the right to object to processing based on legitimate interests, as described in Section 8 below.

Contractual necessity. Where you enter into a commercial relationship with Brandcore, or take steps to do so, we process personal data to the extent necessary to perform or prepare for that contract. This applies to brand owners and investors who engage with us formally.

Consent. Where we rely on your consent, for example in relation to non-essential cookies or marketing communications, we will make this clear at the point of collection and provide you with a mechanism to withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

Compliance with a legal obligation. We may process personal data where necessary to comply with a legal obligation to which we are subject, including obligations under tax law, company law, or requirements imposed by regulatory authorities.

5. How Long We Keep Your Data

We retain personal data only for as long as is necessary for the purposes for which it was collected, or as required or permitted by law.

General website enquiries and contact form submissions that do not result in a business relationship are typically retained for up to twelve months from the date of receipt, after which they are securely deleted or anonymised.

Where an enquiry leads to an ongoing business relationship, we retain relevant correspondence and personal data for the duration of that relationship and for a period of six years thereafter, in accordance with our obligations under contract law and applicable tax and accounting legislation.

Records we are required to retain for legal or regulatory compliance purposes are kept for the period required by the relevant law or regulation, and no longer.

6. Who We Share Your Data With

Brandcore does not sell, rent, or trade personal data with third parties for their own marketing purposes. We share personal data only in the following limited circumstances.

We may share data with operational service providers who assist us in running our business and website, including hosting and infrastructure providers, email service providers, and analytics providers. These parties process data on our behalf and are bound by contractual obligations to process personal data only on our instructions and in accordance with applicable data protection law.

We may share data with legal advisors, accountants, and auditors where necessary in connection with the provision of professional services to Brandcore.

We may disclose personal data to HM Revenue and Customs, regulators, courts, or other governmental authorities where we are required to do so by law or by a binding legal process.

Where we share data with third parties outside the United Kingdom, we ensure that appropriate safeguards are in place to protect your personal data in accordance with UK GDPR, including the use of standard contractual clauses or transfers to countries covered by UK adequacy regulations.

7. Cookies and Analytics

Our website uses cookies and similar technologies. Cookies are small text files placed on your device when you visit a website. We use essential cookies that are necessary for the website to function, and we may use analytics cookies to understand how visitors use our site and to improve our content and user experience.

We use Google Analytics, or a comparable analytics service, to collect aggregated, anonymised data about website traffic and usage patterns. This data helps us understand which pages are most visited, how long visitors spend on the site, and how they navigate between pages. Where this involves the processing of personal data, we have ensured that appropriate configurations and data processing agreements are in place.

You may control or disable cookies through your browser settings at any time. Please note that disabling certain cookies may affect the functionality of parts of this website. Where we rely on your consent for non-essential cookies, a consent mechanism will be presented to you on your first visit to the site.

8. Your Rights Under UK GDPR

Under the UK GDPR and the Data Protection Act 2018, you have a number of rights in relation to your personal data. These rights are summarised below.

Right of access. You have the right to request a copy of the personal data we hold about you, together with information about how we process it.

Right to rectification. You have the right to ask us to correct personal data that is inaccurate or to complete data that is incomplete.

Right to erasure. You have the right to request that we delete your personal data in certain circumstances, for example where the data is no longer necessary for the purposes for which it was collected.

Right to restriction. You have the right to ask us to restrict the processing of your personal data in certain circumstances, for example while a dispute about the accuracy of the data is resolved.

Right to data portability. Where we process your personal data on the basis of consent or contractual necessity, and the processing is carried out by automated means, you have the right to receive that data in a structured, commonly used, and machine-readable format.

Right to object. You have the right to object to our processing of your personal data where that processing is based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or unless the processing is necessary for the establishment, exercise, or defence of legal claims.

Rights related to automated decision-making. We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals.

These rights are not absolute and are subject to certain conditions and exemptions under applicable law. We will respond to all valid requests within one month, although we may extend this period by a further two months where a request is particularly complex or where we receive a number of requests simultaneously.

9. How to Exercise Your Rights

To exercise any of the rights described in Section 8, or if you have any questions or concerns about how we handle your personal data, please contact us in writing at privacy@brandc.co.uk or by post to:

Data Controller
Brandcore LTD
45 Albemarle Street, 3rd Floor
Mayfair, London
England, W1S 4JL

We may ask you to verify your identity before we process your request. We will not charge a fee for handling a request unless the request is manifestly unfounded or excessive, in which case we reserve the right to charge a reasonable administrative fee or to decline the request.

10. How to Complain to the ICO

If you believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the Information Commissioner’s Office (“ICO”), which is the supervisory authority for data protection in the United Kingdom.

The ICO can be contacted at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 0303 123 1113
Website: ico.org.uk

We would, however, welcome the opportunity to address any concerns you have directly before you approach the ICO. Please contact us first and we will do our best to resolve the matter promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we provide. When we make material changes, we will update the “Last updated” date at the top of this page. We encourage you to review this policy periodically to remain informed about how we protect your personal data.

Your continued use of our website following the publication of an updated policy constitutes your acknowledgement of the changes. Where changes are significant or require your consent, we will notify you through appropriate means.