LT-PRV-26 Privacy policy
Privacy policy
Who we are, what data we handle, why, and your rights. Written to be read, not skimmed past.
Last updated 12 July 2026
1. Who we are
Link Think Ltd, company number 16226636, registered in England and Wales, Sevenoaks, Kent. We are registered with the Information Commissioner's Office (ICO) and we are the data controller for the processing described here, except where this policy says otherwise. Contact: nathanpelc@linkthink.co.uk or +44 7584 325093.
2. This website
This site sets no cookies, runs no trackers and makes no external requests. If you submit a form (for example the bulletin or a report request), we store the details you give us to provide the thing you asked for, and nothing else.
3. The Link Think Portal
Our client portal at sign.linkthink.co.uk handles proposals, agreements, payments and onboarding for our clients. A plain description of the app is on the portal overview page. For clients we process: contact details, company details, the agreement and its electronic signatures (including signing time, document fingerprint, IP address and device details, kept as evidence of signing), payment records (card payments are processed by Revolut; we never see or store full card numbers), onboarding answers, uploaded brand assets, and optional voice notes.
Voice notes are transcribed by Google's Gemini API to pre-fill onboarding answers, then reviewed by the client before submission. Audio is processed for transcription and not used to train models.
4. Google user data
Clients can connect their Google account to the portal. When they do, we request two permissions: send email (gmail.send) and view calendar availability (calendar.readonly).
We use gmail.send solely to send emails from the client's own address, at the client's standing instruction, to people who have requested contact from that client. We use calendar.readonly solely to check availability when coordinating meetings booked on the client's behalf. We do not read email content. We do not use Google user data for advertising. No humans read this data except with the client's explicit permission, where required for security, or where required by law.
Link Think's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
A client can disconnect at any time from their Google account permissions page, and we delete the stored tokens on request or when the engagement ends.
5. LinkedIn
Clients can connect their LinkedIn account so that we can publish posts they have approved, on their behalf, within agreed limits. We store the access token, the member identifier and the account name. We do not read messages or connections. Clients can disconnect at any time from their LinkedIn settings, and we delete stored tokens on request or when the engagement ends.
6. Business development data
To deliver our service we research UK companies that appear to be hiring, using public sources such as job boards and the Companies House register. We process the business contact details of people at those companies (name, role, employer, business email, business phone, LinkedIn profile) under the lawful basis of legitimate interests, limited to corporate subscribers as defined by PECR. Every outreach message identifies the sender and carries a working opt-out. Opt-outs are honoured across all channels and retained on a suppression list so we do not contact you again. Phone numbers are screened against the TPS and CTPS registers before any call.
7. Retention
Client records are kept for the engagement plus the period required for legal, tax and insurance purposes. Prospect records are reviewed at most every 24 months. Suppression records are kept indefinitely because they exist to protect you. Signed agreements and their audit trails are kept as long as either party could need to rely on them.
8. Sharing and processors
We do not sell personal data. We share it only with the service providers who run our infrastructure: Supabase (database and storage), Vercel (hosting), Google (email, calendar and transcription, as above), Revolut (payments) and LinkedIn (as above). Each acts under its own terms and appropriate safeguards. Where we work in a client's name, the client and Link Think act as joint controllers of the prospect data for that campaign, and our contract allocates the responsibilities.
9. Your rights
You have the rights of access, rectification, erasure, restriction, portability and objection. Email nathanpelc@linkthink.co.uk and you will get a substantive reply within one month. If you are unhappy with how we handle your data, you can complain to the ICO at ico.org.uk.