Privacy policy

I respect your privacy, am committed to protecting your personal data and being transparent about what data I collect and how I use it, in line with GDPR (General Data Protection Regulations).

The purpose of this privacy notice 

This notice aims to provide you with information about how I collect and process your data. This includes what personal data I collect, how I use that data, how I ensure your privacy is maintained and your legal rights relating to your personal data. 

What personal data do I collect?

Personal data, or personal information, means any information about an individual from which that person can be identified. 

I collect the following information: 

If you become a client

  • First name, last name and pronouns

  • Your contact details, postal address, telephone number and email address

  • Financial data: your invoices, records of your payments

  • Your communication and marketing preferences

  • Your intake questionnaire, feedback and survey responses

  • Your correspondence and communication with me

If you sign up to my mailing list

  • Your name

  • Your email address

If you make an enquiry through my website

  • Your name and pronouns

  • Your phone number and email address

  • Information you share about your business and why you are interested in exploring working together

How do I use your data?

I use your personal data for: 

  • Providing my services to you

  • Providing information to you that you request from me relating to my services

  • Internal record keeping

  • Improving and personalising my services

  • Sending you relevant information updates should you sign up to receive them

  • Promotional and Marketing purposes: with your agreement, to contact you via email, phone or mail about relevant promotional offers, services and events which I think may interest you

  • Developing new services

  • Client insight and market research purposes, which helps me to better understand your needs

  • Informing you of any changes to my website or services

  • Enabling me to manage all interactions with you 

  • Where I have a legal right or duty to disclose your information (for example in relation to an investigation by a public authority or in a legal dispute)

Marketing 

Promotional communications: 

With your consent, I may use your personal data for electronic marketing purposes and to provide updates on services which are of interest and relevant to you as an individual. 

You have the right to opt out of receiving personal communications at any time by: 

  1. Clicking the “unsubscribe” link at the bottom of emails 

  2. Contacting me directly via the contact details within this notice

Usage Data

I do not use cookies or scripts on my website designed to track the websites you visit. I use a privacy focused analytics service that doesn’t set cookies.

Legal basis for using your data

I am required to set out the legal basis for my processing of your personal data. 

I collect and use your personal data as it is necessary: 

  • To pursue my legitimate interests

  • For the purposes of complying with my duties and exercising my rights under a contract for the sale of services to a client

  • To comply with my legal obligations; or 

  • Where you have consented to the use.

You have the right to withdraw your consent at any time.

My legitimate interests 

The usual basis for processing your data is that it is necessary for my legitimate interests which include: 

  • Selling and supplying services to my clients

  • Promoting, marketing and advertising my services

  • Sending promotional communications which are relevant and tailored to clients

  • Understanding client behaviours, preferences and needs

  • Improving existing services and developing new services

  • Complying with legal and regulatory obligations

  • Preventing crime and fraud

  • Handling client contracts, queries, complaints and disputes (including refunds)

  • Managing any claims made by clients (including legal)

Sharing data with Third Parties 

My services providers and suppliers

To make certain services available to you, I may need to share your personal data with some of my service partners. These include video conferencing platforms and marketing service providers. 

I do my best to choose service providers that apply appropriate data protection and security controls.

I will not share any sensitive data you provide with third parties.

Other third parties

Aside from my service providers, I will not disclose your personal data to any other third party, except for those set out below: 

  • Government bodies, regulators, law enforcement agencies, courts/tribunals and insurers, where I am required to do so

  • I store your information on the following:

    • email provider (if you contact me)

    • mailing list provider (if you join my mailing list)

    • client relationship management system (if you become a client or make an enquiry)

I will never sell or rent your data to other organisations for marketing purposes. 

International transfers

To deliver services to you, it may be necessary for me to share your data outside of the United Kingdom (“UK”). This will occur when service providers are located outside the UK. I shall ensure, to the best of my ability, a similar degree of protection is afforded to your data when using these service providers.

How I protect your data

I am committed to keeping your personal data safe and secure. I have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.  

The measures I have implemented are:

  • Strong passwords;

  • Limitation of access to personal data to those with a business need to know.

Where you provide sensitive data, extra protection measures will be taken. Such as:

  • Controlled access

  • Securely destroyed when no longer needed

I will strive to protect your data in all means reasonably required by me to do so. However, no internet site can be 100% secure and so I cannot be held responsible for unauthorised or unintended access that is beyond my control.

I have appropriate measures in place to deal with any personal data breaches and will notify you and any applicable regulator of a breach where I am legally required to do so.

How you can help me protect your data

I will never ask you to confirm any bank account or credit details via email, if you receive an email claiming to be from me asking you to do this, please ignore it and do not respond.

How long do I keep your data?

I will only retain your data for as long as necessary for the purpose I collected it for. Sensitive data will only be held for as long as is necessary and will be securely destroyed when no longer required.

If you no longer wish for me to hold your information, you can contact me (see rights below). However, please note I have a legal requirement to keep some of your personal data even after you have asked me to delete it to ensure that I can meet my legal or regulatory requirements, resolve disputes, prevent fraud or enforce my contract with you. 

It is important that the personal data I hold about you is accurate and current. Please keep me informed if your personal data changes during your relationship with me.

Your rights in respect of your data

You have rights relating to your personal information, these are: 

  • To ask for a copy of the personal data that I hold about you and check that I am lawfully processing it (right to access)

  • To request that I delete or remove personal data held on you, where I no longer have any legal reason to retain it (right of erasure). Note: I may not always be able to comply with your request for erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request

  • To ask me to update and correct any incomplete or inaccurate personal data that I hold about you (right of rectification)

  • To opt out of any marketing communications that I may send to you and to object to using/holding your personal data if I have no legitimate reasons to do so (right to object)

  • To ask me to restrict processing of data, this enables you to ask me to suspend the processing of your personal data (only in certain circumstances)

  • To ask me to supply you or a third party with some of the personal data I hold about you in a machine-readable format (right to data portability/transfer)

  • To withdraw consent at any time where I am relying on consent to process your personal data. If you withdraw your consent, I may not be able to provide services to you. I will advise you if this is the case at the time you withdraw your consent

If you wish to exercise any of the above rights, please contact me using the contact details below.

You will not have to pay a fee to exercise any of the rights above. I may need to request specific information from you to help me confirm your identity, this is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. 

I try to respond to all requests within one month. This may be longer if the request is complex, I will notify you if this is the case.

Exercising your rights

If you have questions about this privacy notice or want to exercise your rights, you may contact me using the details set out below. 

Contact Details: 

Email address: hey@rebeccacaution.com

You have the right to lodge a complaint at any time with the Information Commissioner’s Office (ICO). You can find further information, including contact details at https://ico.org.uk

Notice updates 

This notice was last updated on 14th June 2024.

I may update this notice from time to time so please check this page occasionally to ensure you are happy with any changes to this notice.