Privacy Policy
This notice explains what we do with personal data when you visit digitalsignet.com or any of the websites in our publisher network. We are an independent publisher of pricing and decision-support content. We do not sell products or services to readers and we do not run a newsletter, user accounts, or paid memberships.
Who we are
Digital Signet Limited (company number 16414164) is the controller of personal data processed across our publisher network. We are registered in England and Wales. Our operating address is 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ.
For any privacy question, contact privacy@digitalsignet.com. We respond within one month under UK GDPR.
What this notice covers
This notice applies to digitalsignet.com and to every site in our publisher network. Examples of properties in the network:
- digitalsignet.com
- egresscost.com
- vehiclewrapcost.com
- benchmarkingagents.com
- saasvaluationmultiple.com
- propanecostpergallon.com
The full list of properties is available on request from privacy@digitalsignet.com.
Some sites may publish a per-site notice if their data flow differs (for example, a site that adds a contact form). Where that exists, the per-site notice supplements this one. Where it does not, this notice is the controlling notice.
What personal data we process and why
We process the data below. Anything not listed here, we do not process.
| Data | Source | Purpose | Lawful basis | Retention |
|---|---|---|---|---|
Analytics cookies (_ga, _ga_*, _gid where present) | Your browser, set when you load a page | Understanding which pages are useful so we keep updating the right ones. Aggregate, anonymised stats only. IP anonymisation is enabled. | Consent (UK and EU/EEA visitors, under PECR and GDPR). Legitimate interest in basic site analytics, where consent is not legally required (most US visitors). | User-level data: 14 months. Event-level data: 2 months. Aggregated reporting data: indefinitely. (GA4 property settings.) |
| IP address | Your network, transient when you load a page | Routing the request, applying basic security rules, geolocation in the cookie banner so we show the right consent options. | Legitimate interest (security, routing, regulatory geolocation). | Not stored beyond the request. Edge logs (Cloudflare) processed transiently and not persisted by us. |
| Affiliate tracking cookies (selected sites only) | Your click on an affiliate link | Attributing your referral to the publisher when you make a purchase, so the affiliate network pays the correct site. | Consent (UK and EU/EEA). Legitimate interest with clear disclosure (US and other non-EU jurisdictions). | Per affiliate network policy. Typically 30 to 90 days. |
| Server access logs | HTTP requests to our edge or origin | Security monitoring, abuse detection, basic uptime visibility. | Legitimate interest (security and operations). | 30 days at our hosting providers. We do not retain a separate copy. |
| Contact-form submissions on digitalsignet.com (name, email, message text) | You, when you submit the contact form on digitalsignet.com | Responding to your enquiry. We do not add submitters to a marketing list and we do not run a newsletter. | Legitimate interest in responding to a direct enquiry; consent in the act of voluntary submission. | Active enquiries: until the conversation is concluded. Closed enquiries: up to 24 months in our email records, then deleted. |
| Discovery-call bookings via Calendly (name, email, scheduled time, optional message) | You, when you book a call through a Calendly link on digitalsignet.com | Scheduling the call, sending you a calendar invite, and following up afterwards. | Consent (the act of booking). | Held in Calendly and our calendar for the lifetime of the relationship; deleted on request. |
We do not have user accounts. We do not run a newsletter. We do not collect payment information. We do not process special-category data (health, biometric, political, religious) and we do not knowingly process data from children under 16. The contact form and Calendly booking flow on digitalsignet.com itself are the only places where readers voluntarily provide identifying information; the broader publisher network does not collect personal data beyond cookies and server logs.
Cookies and similar technologies
Cookies are explained in detail in our Cookie Policy. The short version: we use Google Analytics 4 cookies for traffic analytics, and on a small number of sites we use affiliate-network cookies for referral attribution. We do not use cookies for advertising or behavioural retargeting.
Who we share data with
We share data with the providers below, each acting as a processor on our behalf or as an independent service necessary to operate the sites.
- Google LLC (Google Analytics 4) — analytics processing. Receives your IP (anonymised) and event data when you load an analytics-tracked page and have consented (where consent is required).
- Cloudflare, Inc. — DNS resolution and edge / CDN. Processes your IP and request metadata to route traffic and apply security rules.
- Microsoft Corporation (Azure Static Web Apps) — static site hosting for digitalsignet.com itself. Processes HTTP request data when serving pages.
- GitHub, Inc. (GitHub Pages) — static site hosting for parts of the publisher network. Processes HTTP request data when serving pages.
- Cloudflare Pages — static site hosting for other parts of the publisher network. Same role as GitHub Pages on those sites.
- Calendly, LLC — discovery-call booking on digitalsignet.com. Processes your name, email, and chosen meeting time when you book through a Calendly link.
- Impact.com — affiliate network on selected sites. Processes click and conversion data to attribute referrals.
We do not sell or rent personal data. We do not share data for advertising or marketing.
International transfers
Several of our processors are based in the United States: Google LLC (Analytics), Cloudflare, Inc. (CDN and Pages), Microsoft Corporation (Azure Static Web Apps), GitHub, Inc., Calendly, LLC, and Impact.com. Where personal data is transferred to those processors, we rely on the European Commission's Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum issued by the Information Commissioner's Office.
Technical measures (IP anonymisation in Analytics, no identified user-level data leaving the EU/UK by default) and contractual measures (SCCs, UK Addendum) together support these transfers under UK GDPR and the GDPR.
Your rights under UK GDPR and GDPR
If you are in the UK, EU, or EEA, you have the right to:
- Access a copy of any personal data we hold about you.
- Rectify data that is inaccurate or incomplete.
- Erase your data ("right to be forgotten") where the legal basis no longer applies.
- Restrict processing while we resolve a question.
- Object to processing based on legitimate interest.
- Data portability in a machine-readable format, where the basis is consent or contract.
- Withdraw consent at any time, where consent is the basis. Withdrawal does not affect processing already carried out.
- Complain to a supervisory authority. In the UK that is the Information Commissioner's Office at ico.org.uk. In the EU you can find your local supervisory authority via the European Data Protection Board at edpb.europa.eu.
To exercise any of these rights, email privacy@digitalsignet.com. We will verify your identity (so we do not disclose data to the wrong person) and respond within one month. Where the request is complex we may extend by up to two further months and we will tell you why.
California and other US state rights
Under the California Consumer Privacy Act (CCPA) as amended by the CPRA, you have the right to know what we collect, to delete, to correct, to opt out of "sale" or "sharing" of personal information, and to non-discrimination for exercising your rights. We do not sell personal information in the CCPA sense and we do not "share" it for cross-context behavioural advertising.
Similar rights apply under the Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), Utah Consumer Privacy Act (UCPA), and equivalent state laws as they come into force. To exercise any state-law right, email privacy@digitalsignet.com.
We do not respond to "Do Not Track" browser signals at present, because there is no industry consensus on what to do with them. We do honour Global Privacy Control (GPC) where it applies to opt-out signals under CCPA and analogous state laws.
Children's data
Our sites are not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided personal data to one of our sites, contact privacy@digitalsignet.com and we will delete it.
Changes to this notice
We update this notice when our processing changes (for example, when we add a new affiliate partner or change a vendor). The "Last updated" date at the top reflects the most recent change. Material changes are noted in the changelog below. We do not separately email or notify visitors of changes; please check this page when relying on it.
Changelog
- 2026-04-30 - Initial publication of the consolidated network privacy notice.