Eliza Consultancy Ltd takes your privacy seriously. This page explains what personal data we collect, why we collect it, how we use it and your rights under UK data protection law. Who we are
Eliza Consultancy Ltd is the data controller for elizaconsultancy.co.uk.
Company number: 13923639
Registered office: 67-71 Lambeth Walk, London, SE11 6DX
Contact: info@elizaconsultancy.co.uk
The information we collect
Information you give us directly: contact form submissions including name, job title, organisation, email address, phone number and message. Emails and follow-up correspondence. Client onboarding and delivery information including key contacts, correspondence, contracts and invoicing details.
Information we collect automatically: basic analytics data about how the site is used, including pages visited, device and browser type, and approximate location derived from IP address. Cookies and similar technologies as described in the Cookies section below.
We do not collect more data than we need and we do not sell your data under any circumstances.
How we use your information and our legal basis
Responding to enquiries: we use the details you provide to respond to your enquiry and arrange next steps. Our legal basis is legitimate interests as a business, and where a potential engagement is being discussed, steps taken prior to entering a contract.
Service delivery: if we work together we use your information to deliver our services, scope and agree work, communicate with relevant stakeholders and handle invoicing and payments. Our legal basis is performance of a contract.
Business operations: we use information for internal record keeping, accounting and audit purposes. Where we are meeting a legal duty such as tax and financial record keeping, our legal basis is legal obligation. For other operational purposes our legal basis is legitimate interests.
Sharing your information
We share personal data only where necessary. This includes service providers acting on our instructions such as website hosting and email platforms, professional advisers including legal and accounting professionals, and regulators or law enforcement agencies where we are legally required to do so.
We do not share your data with third parties for marketing purposes. All suppliers are required to handle your data in accordance with UK data protection law.
International transfers
Some of our service providers may process data outside the UK. Where this occurs we ensure appropriate safeguards are in place in accordance with UK GDPR requirements, including UK adequacy decisions and standard contractual clauses where applicable.
How long we keep your information
Enquiry data: 12 months from last contact, unless we proceed to work together.
Client and project records: typically 7 years to meet our legal and accounting obligations.
Website analytics data: in accordance with the retention settings of our analytics provider.
Your rights
Under UK GDPR and the Data Protection Act 2018 you have the following rights:
The right to access the personal data we hold about you. The right to rectification of inaccurate or incomplete data. The right to erasure in certain circumstances. The right to restrict processing in certain circumstances. The right to object to processing based on legitimate interests. The right to data portability where applicable. The right to withdraw consent at any time where processing is based on consent. Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal.
To exercise any of these rights please email info@elizaconsultancy.co.uk. We will respond within one calendar month.
You also have the right to lodge a complaint with the Information Commissioner's Office if you are unhappy with how we handle your personal data. The ICO can be contacted at ico.org.uk or by calling 0303 123 1113.
Cookies
We use essential cookies which are necessary for the site to function and cannot be switched off. We also use analytics cookies to help us understand how the site is used. Analytics cookies are only enabled with your consent, which you can manage via our cookie banner or your browser settings.
Security
We apply reasonable technical and organisational measures to protect your personal data, including HTTPS encryption in transit and appropriate access controls. No method of transmission over the internet is entirely secure but we take our obligations seriously and review our approach regularly.
Children
Our website and services are directed at adults and professional organisations. We do not knowingly collect personal data from children under the age of 13.
Third party links
Our website may contain links to third party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies independently.
Changes to this policy
We will update this page when we make material changes to how we handle personal data. The last updated date below will reflect any revisions. Where changes are significant we will take reasonable steps to bring them to your attention.