top of page
marketing  bureau

Privacy Policy

Last updated: 14 August 2025
Who we are: Queen’s Key (“we”, “us”, “our”) — an AI-powered marketing bureau based in Luxembourg.
Contact: hello@queenskey.eu · [Peachy Group SARL-S, 6 rue des Artisans, Foetz, Luxembourg]

 

TL;DR 

  • We only collect what we need to respond, deliver services, and improve the site.

  • Data: contact details, form submissions, analytics and ad performance data.

  • Legal bases: consent, contract, legitimate interests, legal obligations.

  • We don’t sell your data. We share it with trusted processors (e.g., hosting, analytics, ad platforms) under GDPR safeguards.

  • You control your data: access, correct, delete, restrict, object, or export it.

  • Cookies are optional (except strictly necessary). Manage them any time in “Cookie Settings.”

  • Questions? Emails us hello@queenskey.eu

 

1) Who is the Controller?

Queen’s Key, [Peachy Group SARL-S, 6 rue des Artisans, Foetz, Luxembourg],
Email: hello@queenskey.eu
We have not appointed a Data Protection Officer. For any privacy questions, contact us via email.

 

2) What Personal Data We Collect

Depending on how you interact with us, we may process:

  • Website & Forms: name, email, phone, company, role, message, budget range, website URL, preferences.

  • Bookings/Calls: your contact details, meeting metadata (date/time, notes).

  • Emails/Support: the content of your emails and our replies.

  • Analytics (pseudonymous): device/OS/browser info, pages viewed, session duration, rough location (city/country), events (clicks, conversions).

  • Advertising Signals: Meta/Google pixel events (e.g., page views, lead form submits), campaign UTM parameters.

  • Files you upload/send: any data you voluntarily provide (e.g., briefs, brand assets).

  • Vendors we use for operations: may receive limited personal data as processors (see §5).

We do not intentionally collect special category data. Please don’t include sensitive data in free-text fields.

 

3) Why We Process Your Data (Purposes) & Legal Bases

  • Respond to inquiries / provide quotes / perform a contract — Contract or Legitimate interests.

  • Bookings and consultations — Contract or Legitimate interests.

  • Marketing communications (opt-in newsletters, event invites) — Consent. You can withdraw at any time.

  • Analytics & site improvement — Consent (for non-essential cookies).

  • Advertising & retargeting — Consent.

  • Security, fraud prevention, legal compliance — Legitimate interests / Legal obligation.

 

4) Cookies & Tracking

We use cookies and similar technologies:

  • Strictly necessary (always on): security, load balancing, basic site functions.

  • Analytics (optional): aggregated performance and usage (e.g., GA4).

  • Functional (optional): remembering preferences.

  • Advertising (optional): Meta/Google tags for measurement and audiences.

On your first visit, you’ll see our cookie banner. You can accept/reject categories and change your mind anytime in Cookie Settings (link in footer). Analytics retention is typically 14 months (or less if configured).

 

5) Who We Share Data With (Processors)

We work with vetted service providers, who process data under our instructions:

  • Hosting & CDN (e.g., WIX + CDN)

  • Analytics (e.g., Google Analytics 4)

  • Advertising (e.g., Meta Ads, Google Ads)

  • Booking (e.g., Calendly)

  • Email & CRM (e.g., Google Workspace, Notion/HubSpot/other CRM)

  • File storage & collaboration (e.g., Google Drive)

We sign Data Processing Agreements where required. We don’t sell personal data.

 

6) International Transfers

Some processors are outside the EEA (e.g., in the US). We use GDPR safeguards such as:

  • EU–US Data Privacy Framework participation (where applicable), and/or

  • Standard Contractual Clauses (SCCs) with supplementary measures.

Details are available on request.

 

7) AI Use

We use AI tools to accelerate research, summarise insights, draft variations, and support reporting. AI outputs are human-reviewed. We do not make automated decisions producing legal or similarly significant effects about you. We avoid sending personal data to AI tools unless necessary and covered by processor terms.

 

8) Data Retention

We keep data only as long as needed:

  • Contact & enquiry data: up to 24 months after last interaction (unless a contract follows).

  • Client/contract data: for the contract term + 10 years (Luxembourg accounting rules).

  • Analytics: up to 14 months (GA4 default or less).

  • Ad audiences: per platform settings or until you withdraw consent.

We will delete or anonymise data after these periods unless the law requires longer retention.

 

9) Your Rights (EU/EEA)

You can:

  • Access your data

  • Rectify inaccuracies

  • Erase (right to be forgotten)

  • Restrict processing

  • Object to processing (incl. marketing)

  • Portability (receive your data in a common format)

  • Withdraw consent at any time (doesn’t affect prior lawful processing)


You also have the right to lodge a complaint with the CNPD (Luxembourg supervisory authority).

 

10) Children

Our site and services are not directed to children under 16. We do not knowingly process children’s data.

 

11) Security

We apply technical and organisational measures: encryption in transit, access controls, least-privilege access, regular reviews. No system is 100% secure; we work to minimise risk.

 

12) Third-Party Links

Our site may link to third-party sites. Their privacy practices are their own; review their policies.

 

13) Changes to This Policy

We may update this policy occasionally. We’ll post the new version with a new “Last updated” date. Material changes may be signposted on the site.

 

  • We use cookies to make this site work and to improve it. Choose “Accept all” to help us measure performance and run relevant ads, or “Manage” to pick what’s okay with you. You can change your choice anytime in Cookie Settings.

bottom of page