Privacy Policy

← Back to Home

1. Introduction

Strat Consulting Limited ("we", "our", "us") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller: Strat Consulting Limited
Company Registration: 8868745
Registered Office: London, England

2. Information We Collect

2.1 Information You Provide to Us

We collect personal data that you voluntarily provide when you:

• Contact us via our website form: Name, company name, email address, phone number, industry sector, and details about your business challenges
• Subscribe to marketing communications: Email address and communication preferences
• Engage our services: Additional business and contact information necessary to provide our consulting services
• Communicate with us: Information contained in emails, phone calls, or other correspondence

2.2 Information We Collect Automatically

When you visit our website, we may automatically collect:

• Technical data: IP address, browser type and version, time zone setting, browser plug-in types, operating system and platform
• Usage data: Information about how you use our website, products and services
• Cookies and similar technologies: See our Cookie Policy for details

2.3 Information from Third Parties

We may receive personal data about you from:

• Business partners and professional advisors
• Publicly available sources (e.g., Companies House, LinkedIn)
• Marketing and analytics providers

3. How We Use Your Information

We process your personal data for the following purposes:

Purpose	Legal Basis (UK GDPR)
Responding to your enquiries and providing requested information	Legitimate interests / Contract
Providing consulting services to you	Contract performance
Sending marketing communications (with your consent)	Consent
Improving our website and services	Legitimate interests
Complying with legal obligations	Legal obligation
Protecting our business interests and rights	Legitimate interests

3.1 Marketing Communications

We will only send you marketing communications if you have:

• Given us explicit consent to do so, or
• Previously engaged with our services (soft opt-in), and you have not opted out

You can opt out of marketing communications at any time by clicking the unsubscribe link in any email or by using the contact form above.

4. Data Sharing and Disclosure

4.1 Service Providers

We may share your data with trusted third-party service providers who assist us in:

• Website hosting and maintenance
• Email communications and marketing platforms
• Analytics and performance monitoring
• IT services and data storage

All service providers are required to maintain appropriate security measures and process data only as instructed by us.

4.2 Legal Requirements

We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., courts, government agencies).

4.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or use of your personal data.

4.4 We Do Not Sell Your Data

We will never sell, rent, or trade your personal information to third parties for their marketing purposes.

5. International Data Transfers

Your personal data is processed and stored within the United Kingdom. Should we need to transfer data internationally in the future, we will ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the UK Information Commissioner's Office
• Ensuring the recipient country provides adequate data protection
• Implementing appropriate technical and organisational security measures

6. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction, including:

• SSL/TLS encryption for data transmission
• Secure data storage with access controls
• Regular security assessments and updates
• Employee training on data protection
• Incident response procedures

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Enquiry data (non-clients): Up to 2 years from last contact
• Client data: Duration of engagement plus 7 years (for legal and tax purposes)
• Marketing data: Until you unsubscribe or request deletion
• Website analytics: 26 months (Google Analytics standard)

After the retention period expires, we will securely delete or anonymise your personal data.

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

1. Right of Access: Request a copy of the personal data we hold about you
2. Right to Rectification: Request correction of inaccurate or incomplete data
3. Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data in certain circumstances
4. Right to Restrict Processing: Request that we limit how we use your data
5. Right to Data Portability: Receive your data in a structured, commonly used format
6. Right to Object: Object to processing based on legitimate interests or for direct marketing
7. Rights Related to Automated Decision-Making: We do not use automated decision-making or profiling
8. Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time

8.1 How to Exercise Your Rights

To exercise any of these rights, please contact us:

We may need to verify your identity before processing your request. There is no charge for exercising your rights unless your request is clearly unfounded or excessive.

9. Cookies

Our website uses cookies and similar tracking technologies. For detailed information about the cookies we use and how to manage your cookie preferences, please see our Cookie Policy.

10. Third-Party Links

Our website may contain links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending an email notification (if you have provided your email address)

We encourage you to review this Privacy Policy periodically.

13. Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the supervisory authority:

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: