Skip to content
Newlyn home page
Open menu
Newlyn home page

Privacy Policy

1. Introduction

This Privacy Policy explains how Newlyn Works Limited (“Newlyn”, “we”, “us”, “our”) collects, uses, and protects personal data in connection with our website and the licensing of our typeface software products (“Fonts”).

Newlyn is committed to protecting the privacy and security of personal data. This policy applies to all users of our website and all customers who license our products.

For the purposes of applicable data protection law, including the UK General Data Protection Regulation (“UK GDPR”), Newlyn Works Limited is the data controller.

2. Contact Details

If you have any questions about this Privacy Policy or your personal data, you may contact us at:

Email: [email protected]
Address: Newlyn Works Limited, 75 Westow Hill, London SE19 1TX, United Kingdom

3. The Data We Collect

We collect and process the following categories of personal data:

3.1 Account and Identity Data

  • Name (individual or company representative)

  • Email address

  • Business name and associated details

3.2 Commercial and Licensing Data

  • Products licensed

  • Transaction and order history

  • Licence configuration and scope

  • Declared Business Size (including employee and workforce scale, as defined in our Licence Agreement)

3.3 Billing and Payment Data

  • Billing address

  • Payment details (processed securely via third-party payment providers)

  • VAT or tax-related information

3.4 Technical and Usage Data

  • Internet Protocol (IP) address

  • Browser type and operating system

  • Website usage data (including pages visited and interaction patterns)

3.5 Marketing Data

  • Email address where you subscribe to our communications

  • Preferences relating to marketing communications

4. How We Collect Data

We collect personal data:

  • When you purchase or license products from us

  • When you create or use a Licensee Account

  • When you communicate with us

  • When you subscribe to our newsletter

  • Automatically through your use of our website (including analytics and cookies)

5. How We Use Your Data

We use personal data for the following purposes:

5.1 Contractual Performance

  • To process orders and supply licensed products

  • To administer Licence Agreements

  • To calculate licence fees based on Business Size

  • To provide customer support and account management

5.2 Business Operations and Legitimate Interests

  • To maintain and improve our website, products, and services

  • To monitor usage and detect fraud or misuse

  • To enforce our Licence Agreement, including compliance and audit processes

  • To communicate with customers regarding services and updates

5.3 Legal and Regulatory Compliance

  • To comply with tax, accounting, and legal obligations

  • To respond to lawful requests from authorities

5.4 Marketing (with consent where required)

  • To send communications about our products and services

  • You may unsubscribe at any time via the link in our emails

6. Legal Bases for Processing

We process personal data on the following legal bases:

  • Contractual necessity — to perform our obligations under licence agreements

  • Legitimate interests — to operate and improve our business, including licensing, security, and enforcement

  • Legal obligation — to comply with applicable laws and regulations

  • Consent — where required, particularly for marketing communications

7. Data Sharing

We do not sell personal data.

We may share personal data with the following categories of third parties where necessary:

  • Payment processors (including Stripe)

  • Professional advisors, including legal and accounting firms

  • Technology and hosting providers supporting our website and systems

  • Analytics providers (e.g. Google Analytics)

  • Regulatory or law enforcement authorities where required by law

All third parties are required to process personal data only to the extent necessary and in accordance with applicable data protection laws.

8. International Data Transfers

Some third-party providers may process personal data outside the United Kingdom.

Where this occurs, we ensure appropriate safeguards are in place, including:

  • Adequacy regulations issued by the UK government

  • Standard Contractual Clauses or equivalent mechanisms

9. Data Retention

We retain personal data only for as long as necessary:

  • Licensing and account data: for the duration of the licence and a reasonable period thereafter

  • Financial records: in accordance with legal and tax requirements (typically 6–7 years)

  • Marketing data: until you withdraw consent or unsubscribe

10. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or alteration.

While no system is completely secure, we follow industry-standard practices to safeguard data.

11. Cookies and Analytics

Our website uses cookies to support functionality and improve user experience.

These include:

  • Essential cookies for ecommerce functionality (e.g. cart and session management)

  • Analytics cookies (including Google Analytics) to understand website usage

Where required by law, we obtain your consent for non-essential cookies.

You can control cookies through your browser settings.

12. Your Rights

Under applicable data protection law, you have the right to:

  • Access the personal data we hold about you

  • Request correction of inaccurate data

  • Request erasure of your data (where applicable)

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent where processing is based on consent

To exercise these rights, contact us at [email protected].

13. Third-Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices of those sites.

14. Children

Our website and services are intended for business use. We do not knowingly collect personal data from children.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Any updates will be published on this page.

16. Strategic Note on Data Minimisation

Newlyn’s licensing model is designed to minimise third-party data exposure.

Unlike third-party hosted font services, Newlyn Fonts are licensed for self-hosting, meaning:

  • No font requests are made to external servers controlled by Newlyn

  • End-user browsing data is not transmitted to Newlyn through font usage

  • Customers retain full control over how fonts are deployed within their own systems

This approach reduces reliance on third-party infrastructure and supports privacy-conscious implementation.