Last updated: 18/10/2023
1. Data We Collect
We collect personal data in the following ways:
- Directly: When you sign up, purchase our services, or contact us.
- Automatically: When you visit our website, such as IP addresses and browsing history.
2. Purpose of Processing
We process your data for:
- Service provision.
- Communication and customer support.
- Marketing and promotions.
- Website improvement and analytics.
3. Legal Basis for Processing
- Consent: For sending promotional emails or data processing activities where we ask for consent.
- Contractual necessity: When it’s necessary to perform a contract we have with you.
- Legitimate interests: For our lawful business purposes.
4. Sharing of Data
We do not sell or rent your personal data. We may share it with trusted third-party providers when necessary to provide our services, or if required by law.
5. Data Retention
We retain your data as long as necessary for the purposes outlined in this Policy or until you request its deletion, whichever comes first.
6. International Transfers
While we are based in the UK, we may transfer data to processors outside the EEA. We ensure these transfers are compliant with GDPR regulations.
7. Your Rights
Under GDPR, you have the right to:
- Access your personal data.
- Rectify inaccurate data.
- Request erasure.
- Object to or restrict processing.
- Data portability.
- Withdraw consent.
We implement robust security measures to protect your data. However, no system is completely secure, so we cannot guarantee absolute security.
10. Third-Party Links
Our website may contain links to third-party sites. We are not responsible for their privacy practices.
11. Changes to this Policy
For any data protection enquiries, you can contact us at firstname.lastname@example.org.
13. Data Protection Authority
If you have concerns, you have the right to raise them with the UK’s Information Commissioner’s Office or your local Data Protection Authority.
In order to provide our services, we may engage third-party companies and individuals as data subprocessors. These subprocessors are granted access to certain personal data under the condition that they maintain the confidentiality of such data and they don’t use it for any purpose other than to deliver the services we’ve contracted them for. We use the following subprocessors:
- Hosting Provider: Webflow - They host and manage our website.
- Client Portal: ManyRequests- They provide our client portal.
- Web Analytics: Google Analytics- They analyse website usage data to help us understand user behaviour and improve our services.
- Payment Processing: Stripe - They handle card payments for us.
When any new subprocessor is onboarded, we perform due diligence to ensure they have appropriate technical and organizational measures in place to protect your data.
If you’d like to receive a full list of our subprocessors or details about their subprocessors and security measures, please contact us