Privacy Policy

Pico Digital Marketing (“Pico” or “Pico Digital” or “We” or “Us”) respects our customers (“Users”) concerns about privacy. We understand that visitors to our website may have questions about whether and how this website collects and uses information, and are committed to protecting your privacy. We only use the personally identifiable information (“personal information” or “personal data”) that you provide in accordance with the terms outlined below.

This Privacy Policy covers any personal information we obtain when you visit us, use our services, or access the features on the websites that Pico Digital owns or controls (today or in the future), including https://www.choosepico.com/ and our mobile site (together, the “Sites”). You can access the Sites from a computer or mobile phone, and this Privacy Policy will apply regardless of the means of access. This Privacy Policy also governs the use of personal information we obtain from you from any third-party site or application where we post content or invite your feedback or participation, including (“Third Party Sites”). Pico cannot control the privacy policies or practices of Third Party Sites or of companies Pico does not own or control, and cannot control the actions of people Pico does not employ or manage. You should always check the privacy policies of Third Party Sites and your privacy settings.

Top 3%

Google Premier Partner

Pico has been verified by Google as a top 3% elite Ads specialist.

5 Stars

Verified Trust

Unbiased, third-party proof of client satisfaction and success.

100%

Senior Accountability

Work directly with the founder and senior experts—zero juniors.

10+ Years

Client Loyalty

Proving our value with client partnerships spanning over a decade.

1. Global Statutory Framework

Pico (“the Company,” “we,” “us,” or “our”) operates under a global privacy framework designed to meet or exceed the following regulations:

  • United Kingdom: The UK GDPR and the Data (Use and Access) Act 2025 (DUAA).
  • European Union: The EU General Data Protection Regulation (GDPR) 2016/679.
  • United States: The Colorado Privacy Act (CPA) and the California Consumer Privacy Act (CCPA/CPRA).
  • South Africa: The Protection of Personal Information Act, 2013 (POPIA).

2. Artificial Intelligence (AI) & Automated Processing

In compliance with the EU AI Act (2026) and Colorado’s Automated Decision-Making (ADMT) regulations, we disclose the following:

  • Transparency of Interaction: If you interact with our AI-enabled support systems, you will be notified at the point of first interaction that you are communicating with an artificial agent.
  • Model Training & Inputs: We do not use "Identifiable Personal Information" to train third-party foundation models. Any data used for internal system optimization is strictly de-identified or synthetic.
  • Automated Decision-Making: We do not currently use AI to make "consequential decisions" (e.g., decisions that affect your legal rights, employment, or financial status). If such technology is deployed, you have the right to opt out and request a human review of the outcome.
  • AI Safety: We maintain a documented risk management system for all AI deployments to prevent algorithmic discrimination.

3. South Africa Specifics (Remote Workforce)

As Pico engages remote staff and contractors within South Africa, we act as a Responsible Party under POPIA.

  • Processing Purpose: We process personal information of South African residents solely for employment administration, payroll, and professional services.
  • Security for Remote Work: Our South African staff operate under strict "Security for Remote Work" protocols, including encrypted hardware and VPN requirements to ensure that any client data they access remains secure.
  • Information Regulator: South African residents may lodge complaints regarding the processing of their data with the Information Regulator at inforegulator@justice.gov.za.

4. Colorado & California Consumer Rights

As a business with a presence in Denver, we provide Colorado residents with the following rights (effective as of the 2026 CPA updates):

  • Universal Opt-Out: We recognize and honor Universal Opt-Out Mechanisms (UOOMs) and Global Privacy Control (GPC) signals from your browser.
  • Right to Correct & Delete: You have the right to correct inaccuracies in your data or request deletion without a "cure period" (as the 60-day grace period for businesses was sunset in Jan 2026).
  • Sensitive Data: We do not process "Sensitive Data" (biometrics, neural data, or race/religion) without your prior explicit opt-in consent.

5. Detailed Data Collection & Retention

Data Category Specific Examples Lawful Basis (GDPR/POPIA)
Identifiers Name, Email, Job Title, LinkedIn ID Contract / Legitimate Interest
Technical IP Address, Cookie IDs, Device OS Legitimate Interest (Security)
AI Logs Chat prompts, support metadata Consent / Service Improvement
Employment Data Payroll info, SA Tax ID (Staff only) Legal Obligation

Retention Policy: Marketing data is purged after 180 days of inactivity. Contractual and employment-related data (e.g., for SA staff or Denver office records) is retained for 7 years to comply with statutory audit requirements.

6. International Data Transfers (The "Bridge")

Because we share data between the UK, US, and SA, we employ the following safeguards:

  • UK to USA: Transfers are governed by the UK Extension to the EU-U.S. Data Privacy Framework.
  • South Africa Transfers: All data transferred out of South Africa is protected by Section 72 POPIA agreements, ensuring the recipient provides a level of protection substantially similar to South African law.

7. Security & Redress

We implement "Privacy by Design," utilizing AES-256 encryption for data at rest and TLS 1.3 for data in transit. In the event of a high-risk breach, we will notify the ICO (UK), the Information Regulator (SA), and relevant State Attorneys General (US) within 72 hours.

Contact for Data Subject Requests:

  • Privacy Officer: Samantha Bedford sam@choosepico.com
  • Mailing Address: Alloway House, 6 Alloway Place, Ayr, KA7 2AA, United Kingdom
  • UK Office Contact: +44 (0) 7925-833862
  • Denver Office Contact: +1 (303) 594-6634

Pico Digital Marketing Ltd > Registered in Scotland | Company No. SC849132