Blue Donut Studios

Privacy Policy

This Privacy Policy explains how Blue Donut Studios Limited collects, uses, stores and protects personal information when people use this website, contact us, request a quote, book a call or commission our services.

Last updated: May 2026

1. Who we are

Blue Donut Studios Limited is a company registered in England and Wales. We provide games, software, immersive technology, eBusiness, website support and business consulting services.

Registered office8 Spur Road, Cosham, Portsmouth, England, PO6 3EB
Company number09592070
UK VAT numberGB354610022
EU VAT identification numberNL828007408B01
ICO registrationZA218782
Privacy contactinfo [at] bluedonutstudios [dot] com

2. What information we collect

Depending on how you use the website or work with us, we may collect:

  • Contact details, such as your name, business name, email address, telephone number and website.
  • Enquiry and RFQ information, such as your project description, budget range, service interests, timescales, files or links you choose to provide.
  • Booking information, such as meeting details, availability, notes and contact information provided through TidyCal or similar booking tools.
  • Customer and supplier information, such as billing contact details, project contacts, company records, purchase order references and correspondence.
  • Support information, such as website access details, technical information, issue reports, system configuration, hosting details or diagnostic information that you provide to us so we can deliver support.
  • Payment and transaction information, such as payment status, invoice details and purchase records. Card details are handled by payment providers such as Stripe and are not stored by us on this website.
  • Technical website information, such as IP address, browser type, device information, referral source, pages visited and server logs.
  • Consent and preference information, including cookie preferences and marketing preferences where applicable.

3. How we collect information

We collect information when you:

  • submit an enquiry, contact form or request-for-quote form;
  • book a call using our booking tools;
  • email, telephone or message us;
  • buy a support block or commission work from us;
  • provide access, documentation or files for a project;
  • use the website, including pages that use cookies or embedded services;
  • interact with our related services or brands, such as GameCrowd, Imersar or Blue Donut Games, where relevant to your enquiry or project.

4. Why we use personal information

We use personal information for the following purposes:

  • to respond to enquiries and RFQs;
  • to assess whether we can help with a project or service request;
  • to arrange calls, meetings and bookings;
  • to provide consulting, games, software, immersive, website support or business services;
  • to create proposals, quotes, invoices, statements of work and project plans;
  • to manage customer relationships, suppliers, support requests and project communication;
  • to process payments, maintain accounts and meet tax, VAT and company record obligations;
  • to operate, secure, improve and troubleshoot the website and our systems;
  • to protect our business, customers, intellectual property and legal rights;
  • to send service-related communications and, where appropriate, limited business updates that are relevant to an existing relationship or where you have agreed to receive them.

5. Lawful bases for processing

Under UK data protection law, we need a lawful basis for using personal information. The lawful bases we may rely on include:

PurposeLikely lawful basis
Responding to enquiries, preparing quotes and taking steps before a contractContract or legitimate interests
Delivering commissioned services, support and project workContract
Billing, accounting, tax, VAT and statutory recordsLegal obligation and legitimate interests
Website security, server logs, fraud prevention and service protectionLegitimate interests
Optional cookies, analytics or embedded third-party servicesConsent where required
Business-to-business updates to relevant contactsLegitimate interests, or consent where required

6. Special category data

We do not normally ask for special category data, such as health information, religious beliefs, political opinions or similar sensitive data. Please do not send this type of information unless it is genuinely necessary for the service you are requesting. If a project requires sensitive information, we will agree appropriate safeguards and documentation before processing it.

7. Who we share information with

We only share personal information where it is necessary and proportionate. This may include:

  • trusted service providers who help us operate the website, email, hosting, booking tools, payment processing, file storage, project management and security;
  • professional advisers such as accountants, insurers, legal advisers or tax advisers;
  • project partners, developers, designers, manufacturers, fulfilment providers or distributors where you ask us to involve them or where they are needed to deliver the work;
  • payment providers such as Stripe, when you make a payment;
  • booking providers such as TidyCal, when you use the booking system;
  • law enforcement, regulators, courts, government bodies or public authorities where required by law.

We do not sell personal data to third parties.

8. International transfers

Some suppliers may process data outside the UK. Where this happens, we aim to use appropriate safeguards, such as adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or equivalent safeguards required by law.

9. How long we keep information

We keep personal information only for as long as needed for the purpose it was collected, including legal, accounting, tax, contractual and dispute-resolution purposes. In general:

  • enquiry and RFQ records may be kept for up to 24 months where no work is commissioned;
  • customer, project and support records may be kept for the duration of the relationship and for up to 7 years afterwards where needed for tax, contract or legal reasons;
  • financial records are usually kept for at least 6 years;
  • server logs and security records are usually kept for shorter operational periods unless needed to investigate a problem or protect the business;
  • cookie preference records may be kept so we can remember your choices.

10. How we protect information

We use practical administrative, technical and organisational measures to protect personal information. These may include access controls, secure hosting, HTTPS, backups, password protection, limited access to project materials, supplier checks and appropriate confidentiality measures. No online system can be guaranteed completely secure, but we take reasonable steps to reduce risk.

11. Your rights

You may have rights under data protection law, including the right to:

  • ask for access to your personal information;
  • ask us to correct inaccurate information;
  • ask us to delete information in certain circumstances;
  • ask us to restrict processing in certain circumstances;
  • object to processing based on legitimate interests;
  • ask for data portability where applicable;
  • withdraw consent where we rely on consent.

Your right to object: where we process your personal information based on legitimate interests, you have the right to object. We will consider your objection and stop processing unless we have compelling legitimate grounds or need to continue for legal claims.

To exercise your rights, contact us at info [at] bluedonutstudios [dot] com. We may need to verify your identity before responding.

12. Marketing

We may send occasional business-to-business updates to relevant contacts where we believe the information is useful and proportionate, or where you have asked to receive updates. You can ask us to stop sending marketing or business updates at any time.

13. Cookies and embedded services

Our website uses essential cookies and may use third-party services such as TidyCal booking tools, YouTube video embeds, Stripe payment services and social links. Some of these services may use cookies or similar technologies. See our Cookie Policy for more detail.

14. Complaints

If you have concerns about how we use your personal information, please contact us first so we can try to resolve the issue. You also have the right to complain to the UK Information Commissioner’s Office at ico.org.uk/make-a-complaint.

15. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will be published on this website.