Privacy Notice

Privacy Notice

Privacy Notice

Maskew Ltd (trading as Maskew Media)

Last updated: 1 June 2026

This notice covers all personal data we process across our website, services and products, including Maskew Studio, the Video Revenue Blueprint, Maskew Flow and The Business Engine podcast. It supersedes any earlier privacy notice published by Maskew Media.

Plain English summary

Maskew Ltd produces video, photography and audio content for businesses, runs the Maskew Studio and Maskew Flow software products, sells the Video Revenue Blueprint, and publishes The Business Engine podcast. This notice explains what personal data we collect across those activities, why we collect it, how long we keep it and who we share it with. You can contact hello@maskew.media to access, correct or delete your data, and to raise any privacy concerns

1. Who we are

Maskew Ltd (trading as Maskew Media) is the data controller for personal information collected through our website, services and products, except where we act as a processor for our clients (see Section 3a). We are registered in England and Wales, company number 15121754.

Registered address: 38 Kilbride Way, Orton Northgate, Peterborough, PE2 6SX
Contact email: hello@maskew.media
ICO registration number: ZC153254

Arthur Jones, our founder and director, is the point of contact for data protection queries. Maskew Ltd is not required to appoint a Data Protection Officer and has not done so. We respond to data protection enquiries within one month.

Maskew Ltd (trading as Maskew Media) is the data controller for personal information collected through our website, services and products, except where we act as a processor for our clients (see Section 3a). We are registered in England and Wales, company number 15121754.

Registered address: 38 Kilbride Way, Orton Northgate, Peterborough, PE2 6SX
Contact email: hello@maskew.media
ICO registration number: ZC153254

Arthur Jones, our founder and director, is the point of contact for data protection queries. Maskew Ltd is not required to appoint a Data Protection Officer and has not done so. We respond to data protection enquiries within one month.

2. What this notice covers

This notice applies to personal data processed in connection with:

  • Maskew Media videography, photography and audio production services

  • The Video Revenue Blueprint, our content strategy product

  • The Video Revenue Diagnostic, our interactive scorecard hosted on ScoreApp

  • Maskew Studio, our web-based content strategy and brief generation tool

  • Maskew Flow, our client portal for project review and approval

  • The Business Engine podcast

  • Our website at maskew.media

3. Information we collect and why

3a. Videography, photography and audio production services

When you engage us for video, photography or audio production work we collect:

  • Your name, email, phone number and business address

  • Invoice records, payment history and transaction references

  • Brand assets you supply, including logos, staff photographs, scripts and storyboards

  • Video footage, photographic images and audio recordings produced or supplied during the project

  • Records of meetings, approvals and project decisions

  • Discovery call recordings, with consent (see Section 4)

  • Job titles and employment details where relevant to the project

Recordings of identifiable people. Our production work routinely captures the likenesses of identifiable individuals. For commissioned client work, we act as a data processor on behalf of our contracting client. The client is the data controller for participant footage and is responsible for ensuring that participants (employees, performers, audience members) have been notified and that the appropriate lawful basis (consent, contract, legitimate interests or notification via ticket terms and signage) is in place.

We act as an independent controller for content used in our own portfolio, on our website, in The Business Engine podcast, or in our own marketing. Where we act as the controller, we obtain signed release forms from on-camera contributors covering image, audio, name, role and the intended use. Our agreements with clients specify when and how downstream use of project footage is permitted.

3b. Video Revenue Blueprint

When you purchase or enquire about the Video Revenue Blueprint we collect:

  • Your name and email

  • Information about your business, audience, objectives and existing content that you provide during the strategy process

  • Payment information processed via Stripe. We do not see or store your full card details

3c. Video Revenue Diagnostic (ScoreApp)

When you complete our interactive scorecard we collect:

  • Your name and email

  • Your business name and your responses to the scorecard questions

  • Your calculated Authority Score and associated results

We use this information to send you your personalised results. We do not currently run automated follow-up sequences. If this changes we will update this notice before doing so. You can opt out of any future communications at any time using the unsubscribe link in any email or by contacting hello@maskew.media.

3d. Maskew Studio

When you use Maskew Studio we collect:

  • The email address you use to log in

  • Your Google account email address if you sign in via Google OAuth

  • Your display name and company name if you choose to provide them

  • Inputs you provide, including website URLs, self-uploaded transcripts and business context

  • Outputs generated by the tool that you save, including objection analyses, hooks, calls to action, evidence and video plans

  • Authentication events, feature interactions and timestamps necessary to operate the service

What is stored and what is not. Self-uploaded transcripts are processed in real time to generate outputs and are not retained in our database. Website URLs you submit are processed via Jina AI to extract content for analysis. The generated outputs (objection analyses, hooks, CTAs, evidence and video plans) are stored against your account so you can return to them. Maskew Ltd staff may access account data for support, troubleshooting and product improvement, including reviewing aggregated usage patterns and individual support cases when invited. We rely on legitimate interests for this access.

When you generate briefs or run analysis in Studio, the content you have entered is sent to third-party AI providers for processing. See Section 9.

3e. Maskew Flow (client portal)

Maskew Flow is our internal operations platform with a client-facing portal where active clients can review and approve project work. When you use Maskew Flow we collect:

  • The email address you use to log in

  • Project information, including briefs, timelines, deliverables and review comments

  • Approval and decision records

  • In future, signed quote acceptances and digital signatures, once that feature launches

Maskew Flow is hosted via Cloudflare and our database is on Supabase (see Section 7).

3f. The Business Engine podcast

When you appear as a guest on, or correspond with us about, The Business Engine podcast we collect:

  • Your name, professional role and contact details

  • Biographical and business information you provide for episode preparation

  • Video and audio recordings of the episode

  • Any release form, image consent or marketing usage permissions you sign

Episodes are published on YouTube, Spotify and associated social platforms with your consent. We retain raw recordings and edit assets for archive purposes.

3g. Website and contact forms

When you contact us via our website we collect your name, email and the content of your message. We use this solely to respond to your enquiry.

3a. Videography, photography and audio production services

When you engage us for video, photography or audio production work we collect:

  • Your name, email, phone number and business address

  • Invoice records, payment history and transaction references

  • Brand assets you supply, including logos, staff photographs, scripts and storyboards

  • Video footage, photographic images and audio recordings produced or supplied during the project

  • Records of meetings, approvals and project decisions

  • Discovery call recordings, with consent (see Section 4)

  • Job titles and employment details where relevant to the project

Recordings of identifiable people. Our production work routinely captures the likenesses of identifiable individuals. For commissioned client work, we act as a data processor on behalf of our contracting client. The client is the data controller for participant footage and is responsible for ensuring that participants (employees, performers, audience members) have been notified and that the appropriate lawful basis (consent, contract, legitimate interests or notification via ticket terms and signage) is in place.

We act as an independent controller for content used in our own portfolio, on our website, in The Business Engine podcast, or in our own marketing. Where we act as the controller, we obtain signed release forms from on-camera contributors covering image, audio, name, role and the intended use. Our agreements with clients specify when and how downstream use of project footage is permitted.

3b. Video Revenue Blueprint

When you purchase or enquire about the Video Revenue Blueprint we collect:

  • Your name and email

  • Information about your business, audience, objectives and existing content that you provide during the strategy process

  • Payment information processed via Stripe. We do not see or store your full card details

3c. Video Revenue Diagnostic (ScoreApp)

When you complete our interactive scorecard we collect:

  • Your name and email

  • Your business name and your responses to the scorecard questions

  • Your calculated Authority Score and associated results

We use this information to send you your personalised results. We do not currently run automated follow-up sequences. If this changes we will update this notice before doing so. You can opt out of any future communications at any time using the unsubscribe link in any email or by contacting hello@maskew.media.

3d. Maskew Studio

When you use Maskew Studio we collect:

  • The email address you use to log in

  • Your Google account email address if you sign in via Google OAuth

  • Your display name and company name if you choose to provide them

  • Inputs you provide, including website URLs, self-uploaded transcripts and business context

  • Outputs generated by the tool that you save, including objection analyses, hooks, calls to action, evidence and video plans

  • Authentication events, feature interactions and timestamps necessary to operate the service

What is stored and what is not. Self-uploaded transcripts are processed in real time to generate outputs and are not retained in our database. Website URLs you submit are processed via Jina AI to extract content for analysis. The generated outputs (objection analyses, hooks, CTAs, evidence and video plans) are stored against your account so you can return to them. Maskew Ltd staff may access account data for support, troubleshooting and product improvement, including reviewing aggregated usage patterns and individual support cases when invited. We rely on legitimate interests for this access.

When you generate briefs or run analysis in Studio, the content you have entered is sent to third-party AI providers for processing. See Section 9.

3e. Maskew Flow (client portal)

Maskew Flow is our internal operations platform with a client-facing portal where active clients can review and approve project work. When you use Maskew Flow we collect:

  • The email address you use to log in

  • Project information, including briefs, timelines, deliverables and review comments

  • Approval and decision records

  • In future, signed quote acceptances and digital signatures, once that feature launches

Maskew Flow is hosted via Cloudflare and our database is on Supabase (see Section 7).

3f. The Business Engine podcast

When you appear as a guest on, or correspond with us about, The Business Engine podcast we collect:

  • Your name, professional role and contact details

  • Biographical and business information you provide for episode preparation

  • Video and audio recordings of the episode

  • Any release form, image consent or marketing usage permissions you sign

Episodes are published on YouTube, Spotify and associated social platforms with your consent. We retain raw recordings and edit assets for archive purposes.

3g. Website and contact forms

When you contact us via our website we collect your name, email and the content of your message. We use this solely to respond to your enquiry.

4. Our lawful bases under UK GDPR

We process personal data under the following lawful bases:

Contract. For production services, the Video Revenue Blueprint, Maskew Studio accounts and Maskew Flow access, we process the personal data of our contracting client to enter into or perform a contract with them. For the personal data of participants in commissioned production work (employees, performers, audience members), we act as a processor on behalf of the contracting client and rely on the client's lawful basis. See Section 3a.

Legitimate interests. We rely on legitimate interests for:

  • Sending you the results of any scorecard you complete

  • Direct marketing emails to existing clients about similar services, under the PECR soft opt-in basis, with an unsubscribe link in every email

  • Direct marketing emails to business contacts at corporate subscribers (limited companies, LLPs and similar entities). PECR's individual-subscriber marketing rules do not apply to corporate subscribers, but we rely on legitimate interests under UK GDPR for processing the personal data of named contacts at those businesses. Every email includes an unsubscribe link

  • Retaining project records for legal, insurance and operational purposes

  • Maskew staff access to Studio and Flow account data for support, troubleshooting and product improvement

  • Analysing aggregated and anonymised usage patterns in Maskew Studio and Maskew Flow to improve the products

You can object to legitimate-interests processing at any time at hello@maskew.media.

Legal obligation. We retain certain financial and contractual records as required by HMRC and the Companies Act 2006.

Consent. We rely on consent for:

  • Marketing emails to sole traders, partnerships and individuals who are not existing clients

  • Recording on-camera contributors for our own portfolio, podcast or marketing use, evidenced by signed release forms

  • Publishing testimonials, case studies, podcast episodes and portfolio content featuring your name, role, image or video content

  • Recording discovery calls. We notify you at the start of every call (both verbally and via the Krisp on-screen prompt) and confirm you are content to continue. You can decline or leave the call at any point

  • Filming or recording under-18s for our own controller-led use (see Section 11)

You can withdraw consent at any time. Withdrawing consent for podcast publication removes the episode from our channels and stops future distribution by us, but cannot reverse downloads, listens or copies already made by third parties.

5. Your data protection rights

You have the following rights under UK GDPR. Email hello@maskew.media to exercise any of them and we will respond within one month.

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restriction of processing

  • Right to object to processing, including direct marketing

  • Right to data portability

  • Right to withdraw consent where we rely on it

  • Right not to be subject to solely automated decisions that produce legal or similarly significant effects (see Section 13)

To protect your data, we may ask you to verify your identity before responding to a subject access or deletion request. We accept a copy of photo ID, or confirmation from an email address already on file, as appropriate to the request.

Some rights are subject to exemptions. We will explain if an exemption applies when you make a request.

6. How long we keep your information

Invoices, receipts and payment records. Six years plus the current tax year, as required by HMRC.

  • Signed contracts, statements of work and release forms. Six years after project completion.

  • Discovery call recordings. Up to 12 months, then deleted.

  • Marketing email list. Until you unsubscribe, or 24 months without you opening or clicking any of our emails, after which we delete you from the list.

  • Scorecard responses and contact details. Up to 24 months from completion.

  • Maskew Studio account data. Retained while your account is active. We delete account data within 12 months of account closure or final activity (defined as no login for 12 consecutive months), and earlier on request.

  • Maskew Flow client portal data. Retained while you remain an active or recent client. Deleted within 12 months of the end of our engagement, except where retained under another category above.

Raw footage, photographs and audio recordings. Up to six years after project completion for legal and insurance purposes, longer with your written consent for portfolio, podcast archive or marketing use.

7. Who we share your information with

We share data with the following processors under data processing agreements:

Stripe Payments Europe Ltd (Ireland), with onward processing by Stripe Inc (United States). Payment processing. We never see or store your full card details. Transfers to the United States are covered by Standard Contractual Clauses with the UK Addendum.

Supabase Inc (EU region, Ireland). Database hosting and authentication for Maskew Studio and Maskew Flow. Covered by the UK's adequacy decision for the EEA.

Cloudflare Inc (United States). Frontend hosting and content delivery for Maskew Studio and Maskew Flow. Covered by Standard Contractual Clauses with the UK Addendum.

Framer B.V. (Netherlands). Hosting for our main website at maskew.media. Covered by the UK's adequacy decision for the EEA.

ScoreApp Limited (United Kingdom). Hosting and processing for the Video Revenue Diagnostic. Subject to UK data protection law and our data processing agreement.

Xero (UK) Limited (United Kingdom), with onward processing by Xero Limited (Australia). Accounting, invoicing and contact management. Australian transfers are covered by Standard Contractual Clauses with the UK Addendum.

Calendly LLC (United States). Scheduling and booking. Calendly collects your name, email and meeting preferences when you book a call with us. Covered by Standard Contractual Clauses with the UK Addendum.

Frame.io Inc, part of Adobe Inc (United States). Client review and approval of video assets. Covered by Standard Contractual Clauses with the UK Addendum.

Google LLC, Google Workspace (United States). Business email, cloud storage (Google Drive) and internal team communications (Google Chat). Covered by Standard Contractual Clauses with the UK Addendum.

Google LLC, Google OAuth (United States). Optional sign-in to Maskew Studio. Covered by Standard Contractual Clauses with the UK Addendum.

Google LLC, Gemini API (United States). AI processing within Maskew Studio. See Section 9. Covered by Standard Contractual Clauses with the UK Addendum.

Anthropic PBC, Claude API (United States). AI processing within Maskew Studio. See Section 9. Covered by Standard Contractual Clauses with the UK Addendum.

Jina AI GmbH (Germany). Reading web content from URLs you submit to Maskew Studio. Covered by the UK's adequacy decision for the EEA.

Resend Inc (United States). Transactional email delivery, including account emails, magic links and scorecard results. Covered by Standard Contractual Clauses with the UK Addendum.

Krisp Technologies Inc (United States). Cloud-based call recording and noise cancellation for discovery calls. Covered by Standard Contractual Clauses with the UK Addendum.

YouTube (Google LLC, United States) and Spotify AB (Sweden). Publication of The Business Engine podcast. Episodes are published with the guest's consent. Covered by Standard Contractual Clauses with the UK Addendum where applicable.

Freelance editors, photographers and designers (UK and EU). Editing, post-production and design. They operate under non-disclosure agreements and a written data processing agreement where they act as a processor on our behalf. We are progressively rolling these agreements out across our freelance pool during 2026. They may incidentally access personal data within project assets such as footage or photographs.

We may also share data with:

  • Insurance companies if we need to notify a claim

  • Professional or legal advisors under obligations of confidentiality

  • Regulatory authorities where required by law

  • Publicly on our website, podcast or social media, but only with your explicit written consent

8. International data transfers

Where data is transferred outside the UK we rely on:

  • The UK's adequacy decision for the EEA, covering transfers to Ireland, Germany, the Netherlands and Sweden

  • Standard Contractual Clauses with the UK Addendum, covering transfers to the United States and Australia

To request a copy of the safeguard for any specific transfer, email hello@maskew.media.

9. AI processing in Maskew Studio

Maskew Studio uses third-party AI providers to generate briefs, analyse content and read web pages. The providers we use are Anthropic (Claude), Google (Gemini) and Jina AI.

When you use these features, the inputs you have entered are sent to the relevant provider for processing. We do not deliberately bundle your account identifiers (name, email or login details) into these requests. However, anything you type into Studio inputs (transcripts, business context, objections) is processed by the relevant AI provider as part of the request. If you include personal data in those inputs, that personal data is sent to the provider.

Under our agreements with Anthropic and Google, your inputs are not used to train their underlying models. Jina AI processes only the URLs you submit and does not use your submissions for training.

Data is processed in the United States by Anthropic and Google, and in Germany by Jina AI, under the safeguards described in Section 8.

If you do not want your content sent to AI providers, do not use the AI-powered features in Maskew Studio.

10. Cookies

Our websites use only strictly necessary cookies. These are required for the site to function and do not require your consent under UK law. They include:

  • Session cookies that keep you signed in to Maskew Studio and Maskew Flow

  • Security cookies that protect against cross-site request forgery and similar attacks

  • Cookies set by our hosting platforms (Framer for maskew.media, Cloudflare for maskew.studio and Maskew Flow) for site delivery and basic performance

We do not use:

  • Advertising or marketing cookies

  • Cross-site tracking cookies

  • Social media tracking pixels

  • Analytics tools that profile individual visitors

Authentication events and feature usage are logged server-side for security, troubleshooting and aggregate product improvement. These logs are linked to your account where you are signed in but are not used to build a behavioural profile and are not shared with third parties for advertising.

Because we use only strictly necessary cookies, we do not display a cookie consent banner. You can clear cookies through your browser settings at any time.

11. Children's data

Maskew Studio, Maskew Flow, the Video Revenue Blueprint and the Video Revenue Diagnostic are intended for businesses and adult professionals. We do not knowingly collect personal data from anyone under 18 in connection with these products. If you believe we hold such data, contact hello@maskew.media and we will delete it promptly.

Production services involving under-18s. Our videography and photography work occasionally involves children, particularly in performing arts contexts such as dance schools and school productions. Where we record under-18s as part of commissioned client work, the contracting client (school, performing arts organisation or event organiser) is the controller and is responsible for obtaining and verifying parental consent for participants. Where we act as the controller (for example, footage used in our own portfolio or marketing), we obtain written parental or guardian consent in addition to any consent obtained by the client.

We require DBS clearance for staff and contractors who work directly with children, and verify this before any production involving under-18s. We follow recognised safeguarding standards and any specific safeguarding policy provided by the client.

If you have any concerns about footage involving a child, contact hello@maskew.media immediately.

12. Special category data

We do not routinely process special category data (Article 9 UK GDPR), such as data revealing racial or ethnic origin, religious beliefs, health or biometric data. Where such data is incidentally captured in production work (for example, a religious service or a charity event focused on a health condition), we rely on the client's lawful basis and any consent obtained from participants. Maskew Studio and Maskew Flow are not designed to process special category data.

13. Automated decision-making

We do not make decisions about you that are based solely on automated processing and that produce legal or similarly significant effects. The Authority Score generated by our Video Revenue Diagnostic is intended only as a guide and does not constitute a decision about you in the sense of Article 22 UK GDPR.

14. How we protect your data

Maskew Studio uses email-based magic link authentication and optional Google OAuth. No passwords are stored.

  • Studio applies row-level security so each user can only access their own data.

  • Studio and Maskew Flow data is encrypted at rest and in transit in EU-region cloud infrastructure (Supabase).

  • We use multi-factor authentication on our administrative accounts where the platform supports it.

  • Project files, footage and recordings are stored in encrypted cloud drives with access restricted to authorised staff and vetted subcontractors.

  • We review subprocessor security periodically.

If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware and, where the risk is high, notify affected individuals directly without undue delay.

No system is completely secure. If you have concerns about the security of your data, contact us immediately at hello@maskew.media.

15. Changes to this notice

We may update this notice from time to time. The "last updated" date at the top reflects the most recent change. For material changes, such as new categories of data, new subprocessors or changes to retention periods, we will give at least 14 days' notice before the change takes effect. Notice will be provided to registered Maskew Studio and Maskew Flow users by email, and to other data subjects (production clients, scorecard completers, podcast guests) via a banner on maskew.media and an update to the dated notice on this page.

16. How to complain

Contact us first at hello@maskew.media. We respond within one month.

If you remain unhappy after raising a complaint with us, you can complain to the Information Commissioner's Office.

Website: ico.org.uk/make-a-complaint Helpline: 0303 123 1113 Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

© Maskew Ltd (trading as Maskew Media) · June 2026

We turn your buyers' objections into lead-generating videos

Pages

Home

About Us

Work

Contact Us

Maskew Studio

Video Revenue Diagnostic

Video Revenue Blueprint

Questions

Socials

Linkedin

Instagram

YouTube

Spotify

Apple Podcasts

Terms of Sale

Privacy Policy

MASKEW MEDIA

We turn your buyers' objections into lead-generating videos

Pages

Home

About Us

Work

Contact Us

Maskew Studio

Video Revenue Diagnostic

Video Revenue Blueprint

Questions

Socials

Linkedin

Instagram

YouTube

Spotify

Apple Podcasts

Terms of Sale

Privacy Policy

MASKEW MEDIA

We turn your buyers' objections into lead-generating videos

Pages

Home

About Us

Work

Contact Us

Maskew Studio

Video Revenue Diagnostic

Video Revenue Blueprint

Questions

Socials

Linkedin

Instagram

YouTube

Spotify

Apple Podcasts

Terms of Sale

Privacy Policy

MASKEW