Privacy Policy
Your privacy is important to us. This page explains how we handle and protect your personal information, so you can feel confident using our website.
Your privacy matters to us. This policy explains, in plain terms, what personal information we collect when you use our website and services, how we use it, who we share it with, how long we keep it, and the rights you have. Please read it alongside our Terms and Conditions.
This policy applies to Utterly Printable (www.utterlyprintable.com) and to our companion RSVP and event-page service, RSVP.studio (www.rsvp.studio), which is operated by us. Where we say “we”, “us” or “our”, we mean SP Print Consultancy Ltd, trading as Utterly Printable.
Who we are
Utterly Printable is a trading name of SP Print Consultancy Ltd, a company registered in England and Wales (company number 09113859), with its registered office at 3rd Floor, 207 Regent Street, London, W1B 3HH. For anything to do with your personal information or this policy, you can reach us at [email protected].
For data protection purposes, we are the “data controller” — which means we decide why and how your personal information is used. We are responsible for looking after it.
The information we collect
Depending on how you use our website and services, we may collect:
- Details you give us — your name, email address, phone number, billing and delivery addresses, and your account login details.
- Your order and design content — the text, photos, names, dates and other details you add to your personalised products, and the artwork you create or upload. For some products (such as funeral order of service, christening invitations or birth announcements) this content can include sensitive details about you or other people, including children.
- Payment information — taken securely by our payment provider. We do not store your full card details on our own systems.
- RSVP and event information — if you use RSVP.studio, the event details you set up and the responses your guests provide.
- Information we collect automatically — your IP address, device and browser type, operating system, and how you move around and use our website. This is collected through cookies and similar technologies (see Cookies and tracking below).
Some of the information we hold relates to other people rather than you directly — for example, the guests named on an invitation, the people pictured in a photo, or guests who respond through RSVP.studio. When you give us information about other people, you confirm you’re entitled to do so, and we handle that information under this policy.
How we use your information, and our legal grounds
Data protection law requires us to have a valid “lawful basis” for each way we use your information. Here’s how that maps to what we actually do:
- To process and deliver your order — including printing, fulfilment and delivery, managing your account, and providing customer support. Lawful basis: performance of our contract with you.
- To take payment securely through our payment provider. Lawful basis: performance of our contract with you.
- To run our AI design-checking features (see How we use AI below). Lawful basis: your consent for the optional check; our legitimate interests in print quality and order accuracy for the standard pre-print check.
- To keep proper business and accounting records, including for tax and audit. Lawful basis: compliance with our legal obligations, and our legitimate interests in running the business.
- To understand and improve our website and products, including analytics and testing. Lawful basis: our legitimate interests in improving what we offer (and your consent where this involves non-essential cookies).
- To send you marketing you’ve asked for, or about similar products where you’re an existing customer and haven’t opted out. Lawful basis: your consent, or our legitimate interests via “soft opt-in”. You can unsubscribe at any time.
- To protect against fraud, and to establish, exercise or defend legal claims. Lawful basis: our legitimate interests and compliance with legal obligations.
Where we rely on legitimate interests, we’ve considered the impact on your privacy and are satisfied our reasons don’t override your rights. You can ask us about this at any time.
How we use AI
We use artificial intelligence (AI) to help check personalised designs. There are two ways this happens:
- An optional design check you can choose to run while you’re designing. It reviews your design for things like spelling, photo quality and content. Because it’s optional, we only run it with your consent.
- A standard pre-print check that runs after you’ve placed your order, before printing. This helps us catch problems and maintain print quality across every order, so it forms part of our normal production process rather than something you opt into.
In both cases, the design content — which may include the text, photos and personal details on your product — is sent to a third-party AI provider to perform the check. We currently use OpenAI’s API for this, and may use other established AI providers in future. We choose providers that process this content under contract on our instructions, do not use it to train their own AI models, and keep it only briefly before deleting it. These providers may process data outside the UK, including in the United States; where they do, we rely on appropriate safeguards recognised under UK data protection law (see Sending data outside the UK).
Who we share your information with
We only share your information with the suppliers and partners who need it to provide our service to you, and we require each of them to keep it secure, use it only for the purposes we’ve agreed, and treat it as confidential. They include:
- Our print partners — to produce your printed order. We work with more than one print partner and may use others where circumstances require.
- Delivery couriers — such as DPD and Royal Mail, who receive your name and delivery address to deliver your order.
- Our payment provider — Worldpay, which processes your payment securely.
- Our email and marketing provider — Klaviyo, which we use to manage newsletters and order-related emails.
- Analytics and advertising providers — such as Google, Meta (Facebook and Instagram), Microsoft and Pinterest, where you’ve consented to the relevant cookies (see Cookies and tracking).
- Our AI provider — to run the design checks described above.
- Trusted freelancers and contractors — for example, people who help with customer support or design work and may need access to order details to do so, under confidentiality obligations.
- Professional advisers and authorities — such as our accountants, or a court or regulator, where we’re required to share information by law or to protect our legitimate interests.
If our business is ever sold or transferred, your information may be passed to the new owner as part of that sale, and we’ll take steps to keep it protected. We do not sell your personal information.
Sending data outside the UK
Some of our providers — including our AI, analytics, advertising and email providers — are based in or process data in countries outside the UK, including the United States. Where your information is transferred outside the UK, we make sure it’s protected by an appropriate safeguard recognised under UK data protection law, such as the UK’s “International Data Transfer Agreement” or the UK extension to the EU–US Data Privacy Framework. You can contact us for more detail on the safeguards we use.
How long we keep your information
We keep your information only for as long as we need it, and we apply these guidelines:
- Your designs and uploaded files — kept for a minimum of two months so you can reorder or edit, unless you close your account sooner. They may remain on our system for longer, up to a maximum of six years.
- RSVP.studio event and guest data — kept for a minimum of 18 months after your event, unless you close your account or delete the event sooner. It may remain on our system for longer, up to a maximum of six years.
- Order and financial records — basic order details (such as amounts paid, billing and delivery addresses, and contact details) are kept for at least six years to meet our legal, tax and accounting obligations, after which they’re deleted or anonymised unless there’s a specific ongoing reason to keep them (such as an unresolved dispute).
- Marketing preferences — kept until you opt out.
When we no longer need your information, we delete it or anonymise it so it can no longer be linked to you.
Keeping your information secure
We use technical and organisational measures to protect your information — for example, your account is protected by your own username and password, and we store data on secure servers. No system is completely secure, but we take care to guard against unauthorised access, loss or misuse, and we have measures in place to respond to any suspected data breach.
Very occasionally, despite our checks, a printed order may be dispatched in error. If you ever receive an order that isn’t yours, or believe your order has gone to the wrong address, please contact us straight away at [email protected] and we’ll put it right and take steps to prevent it happening again. If you suspect any misuse, loss or unauthorised access to your information, please let us know immediately at the same address.
Cookies and tracking
Like most websites, we use cookies and similar technologies — small files placed on your device — to make the site work, understand how it’s used, and (with your consent) support our advertising.
The cookies we use fall into these categories:
- Strictly necessary — needed for the site to function, such as logging in and using your basket. These don’t require consent.
- Analytics and performance — help us see how visitors use the site so we can improve it. We use Google Analytics.
- Advertising and targeting — used to measure and improve our advertising and to show you relevant ads on other platforms. These include tools from Google Ads, Meta (Facebook and Instagram), Microsoft Advertising (Bing) and Pinterest, along with onsite tracking from Klaviyo.
Non-essential cookies — analytics and advertising — are only used where you’ve given your consent, and you can change your mind at any time through our cookie settings or your browser. Turning off advertising cookies means you’ll still see ads, but they’ll be less tailored to you. For more general information on cookies, including how to manage them in your browser, see aboutcookies.org.
RSVP.studio
RSVP.studio is our online RSVP and event-page service, operated by us and covered by this policy. If you’re a host, you create an event page and we process the details you provide and the responses you collect. If you’re a guest, the host has invited you to respond, and we process your response on their behalf so they can manage their event — including for sensitive occasions such as funerals, which we handle with appropriate care. Hosts can view and download responses through their account, and can pause, close or delete their event. Guest information is kept in line with the retention periods set out above.
Your rights
You have rights over your personal information, including the right to:
- ask for a copy of the information we hold about you;
- have inaccurate or incomplete information corrected;
- ask us to delete your information in certain circumstances;
- ask us to restrict or object to how we use it in certain circumstances;
- ask us to transfer your information to another provider where this applies; and
- withdraw your consent at any time where we rely on consent.
To exercise any of these, email us at [email protected]. We won’t normally charge, and we’ll respond within the time the law allows. You can close your account at any time from your account settings or by contacting us.
If you’re unhappy with how we’ve handled your information, please tell us first so we can try to put it right. You also have the right to complain to the UK’s data protection regulator, the Information Commissioner’s Office (ICO), at ico.org.uk.
Children
Our website and services are intended for adults, and we don’t knowingly collect personal information directly from children. However, many of our products — such as christening invitations, birth announcements and baby thank you cards — involve adults uploading photos of and details about children as part of a design. We process that content only to fulfil the order and run the design checks described above, and we handle it with appropriate care.
Other websites
Our website may link to other websites we don’t control. This policy doesn’t cover those sites, so we’d encourage you to read their own privacy policies before using them.
Changes to this policy
We may update this policy from time to time, for example as our services or the law change. Any updates will be posted on this page, and the “last updated” date below will tell you when we last made changes. We’ll let you know about significant changes where appropriate.
Last updated: June 2026.