Privacy policy.
Gritt Consulting Ltd
Last Updated: 20th October 2025
1. WHO WE ARE
Company Name: Gritt Consulting Ltd
Company Number: 13145612
Registered Address: 141 Leigh Park Road, Bradford On Avon, England, BA15 1TQ
Contact Email: marc@marcdrichard.com
Contact Phone: +44 7927 406 063
We are a business turnaround and strategic consulting firm. This privacy policy explains how we collect, use, and protect your personal data in accordance with UK GDPR and the Data Protection Act 2018.
2. INFORMATION WE COLLECT
From Prospective & Current Clients:
Name, job title, company name
Business contact details (email, phone, business address)
Financial information related to your business (for consulting purposes)
Information you provide during consultations and engagements
Communications between us (emails, meeting notes, reports)
From Website Visitors:
Contact form submissions (name, email, message)
Website usage data (IP address, browser type, pages visited) - if using analytics
Cookie data - see our Cookie Policy
From Other Sources:
Publicly available business information (Companies House, LinkedIn, company websites)
Information from third parties where you've given consent (e.g., referrals)
3. HOW WE USE YOUR INFORMATION
Legal Basis for Processing:
Legitimate Interests (most of our processing):
Providing consulting services you've requested
Managing our client relationships
Business development and marketing
Improving our services
Maintaining business records
Contract (when we have an engagement with you):
Delivering the consulting services agreed in your engagement letter
Processing payments
Communicating about project progress
Legal Obligation:
Complying with tax, accounting, and legal requirements
Responding to regulatory or legal requests
Maintaining statutory business records
Consent (where required):
Sending marketing emails (you can unsubscribe anytime)
Using anonymised case studies
Using cookies beyond essential ones
4. WHO WE SHARE YOUR INFORMATION WITH
We may share your information with:
Service Providers:
IT and cloud service providers (e.g., Google Workspace, hosting providers)
Payment processors
Professional advisors (accountants, lawyers) bound by confidentiality
Legal Requirements:
Law enforcement or regulatory bodies when legally required
Courts or tribunals if involved in legal proceedings
Business Transfers:
Potential buyers if we sell or transfer our business
We do NOT:
Sell your data to third parties
Share client-confidential information without explicit consent
Use your data for purposes beyond those described here
5. INTERNATIONAL TRANSFERS
Your data is primarily stored and processed within the UK.
Where we use service providers based outside the UK (e.g., cloud services), we ensure they provide adequate protection through:
UK GDPR adequacy decisions, or
Standard Contractual Clauses, or
Other approved safeguards
6. HOW LONG WE KEEP YOUR DATA
Client Data:
Active engagement: Duration of project + 6 years (for legal/tax purposes)
After project completion: 6 years minimum (legal requirement for business records)
Financial records: 6 years (HMRC requirement)
Marketing Data:
Until you unsubscribe or request deletion
We review marketing lists annually and remove inactive contacts
Website Data:
Analytics data: Up to 26 months (if using Google Analytics)
Contact form submissions: Until enquiry resolved + 2 years
7. YOUR RIGHTS
Under UK GDPR, you have the right to:
Access - Request a copy of your personal data
Rectification - Correct inaccurate or incomplete data
Erasure - Request deletion (subject to legal obligations)
Restriction - Limit how we process your data
Portability - Receive your data in a portable format
Object - Object to processing based on legitimate interests
Withdraw Consent - Where we rely on consent, withdraw it anytime
To exercise these rights, contact: marc@marcdrichard.com
Response Time: We'll respond within 1 month of receiving your request.
8. DATA SECURITY
We protect your data through:
Password-protected systems and encrypted communications
Secure cloud storage with reputable providers
Access controls (only authorized personnel can access client data)
Regular security reviews and updates
Confidentiality obligations in our Terms & Conditions
However, no internet transmission is completely secure. We cannot guarantee absolute security but take all reasonable precautions.
9. COOKIES
Our website uses cookies. See our separate Cookie Policy for details.
Essential cookies (required for website function) are used automatically. Optional cookies (analytics, marketing) require your consent via our cookie banner.
10. MARKETING COMMUNICATIONS
How we contact you:
Email newsletters about our services, insights, and industry updates
LinkedIn messages (if we're connected)
Your control:
Unsubscribe links in every marketing email
Contact us to opt out: marc@marcdrichard.com
We'll never share your email with third parties for their marketing
11. CHILDREN'S PRIVACY
Our services are not directed at children under 18. We do not knowingly collect data from minors. If you believe we have inadvertently collected such data, please contact us immediately.
12. CHANGES TO THIS POLICY
We may update this policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.
For material changes affecting your rights, we'll notify you by email where appropriate.
13. COMPLAINTS
If you're unhappy with how we've handled your data, please contact us first: marc@marcdrichard.com
You also have the right to complain to:
Information Commissioner's Office (ICO)
Website: https://ico.org.uk
Telephone: 0303 123 1113
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
14. CONTACT US
For any privacy-related questions or to exercise your rights:
Email: marc@marcdrichard.com
Phone: +44 7927 406 063
Post: Gritt Consulting Ltd, 141 Leigh Park Road, Bradford On Avon, England, BA15 1TQ