UK GDPR Compliant

Privacy Policy

Data Protection & Your Privacy Rights

Last Updated: September 6, 2025

Your Privacy Matters

This privacy policy explains how we collect, use, and protect your personal data when you visit our website or use our services. We are committed to protecting your privacy and complying with UK GDPR regulations.

Data We Collect

We collect the following types of personal data:

  • Contact Information: Email address, phone number, and name
  • Payment Information: Processed securely via Stripe (we do not store payment details)
  • Session Notes: Application responses and session-related information
  • Website Usage Data: Collected via cookies to improve your experience

How We Use Your Data

Your personal data is used for the following purposes:

  • Service Delivery: Providing the strategic consulting and coaching services you've contracted
  • Payment Processing: Processing payments for services through our secure payment provider
  • Service Improvement: Analyzing usage patterns to enhance our services
  • Marketing Communications: Sending relevant updates and offers (only with your explicit consent)

Data Sharing

We do not sell your personal data. We may share your information with:

  • Payment Processors: Stripe for secure payment processing
  • Email Service Providers: AWS SES for service-related communications
  • Legal Authorities: When required by law or to protect our legal rights

All third-party processors are carefully selected and required to maintain appropriate data protection standards.

Your Rights Under UK GDPR

As a data subject, you have the following rights:

Access Your Data

Request a copy of all personal data we hold about you

Request Corrections

Ask us to correct any inaccurate or incomplete data

Request Deletion

Ask us to delete your personal data in certain circumstances

Withdraw Consent

Remove consent for marketing communications at any time

File Complaints

Lodge complaints with the Information Commissioner's Office (ICO)

Data Portability

Request your data in a machine-readable format

Data Retention

  • Client Data: Retained for 7 years for business records and legal compliance
  • Marketing Data: Retained until consent is withdrawn or you unsubscribe
  • Website Analytics: Anonymized data retained for 26 months

After the retention period, data is securely deleted or anonymized.

Cookies & Website Data

We use cookies to:

  • Remember your preferences and settings
  • Analyze website traffic and user behavior
  • Improve website functionality and user experience
  • Provide personalized content

You can control cookie settings through your browser preferences.

Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and staff training
  • Secure hosting and backup procedures

Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically.

Data Protection Queries

For any questions about this privacy policy or to exercise your data rights, contact us at:

privacy@sukhvinderjaveed.com

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk