Privacy notice

The whole point of a privacy notice is that you can understand what will happen to data relating to you when you engage with an organisation. We’ve tried to make our interactions as privacy respectful as possible but this site does use and embed third-party services which are described below.

In this privacy notice when we say “we” or “us” or “the website” we actually mean John Elliott and Tim Wiseman who are legally the joint (data) controllers.

If you’re just browsing the website

The website collects no personal information about you, there’s no analytics, no need to register and no options to subscribe.

Sometimes posts will have embedded content such as a YouTube video and there’s a Twitter widget on the side of each page. Your browser will load that third party content from YouTube or Twitter which will set cookies and try to track you. You can set adjust your privacy settings on those third party sites or better still install the EFF’s Privacy Badger extension for your browser.

Content is distributed using the Cloudflare content distribution network. Cloudflare sets a single cookie – __cfduid which is identify trusted web traffic. It does not correspond to any user id in the web application, nor does the cookie store any personal data. More info.

If you contact us to discuss a business relationship or have a chat (we can come and train you)

We will process personal data consisting of your contact information – it is necessary and in our legitimate interests for us respond to your enquiry and to stay in touch with you. You can always ask us to delete your personal data and if we’ve not spoken for a few years it will be automatically purged.

We don’t really do direct marketing, but if we did if would be fully compliant with the PECR and we’d absolutely respect your right to opt-out of the processing of your personal data for this purpose.

If we establish a commercial relationship

We will often also process the personal data of other people in your organisation. In some cases this will be as a controller of the data, e.g. in respect of the contact information for people in your finance and procurement departments. Processing this data is necessary to maintain our commercial relationship with you and will generally be retained for six years to satisfy tax regulations and to defend against potential legal claims.

If you ask us to work with other colleagues in an organisation we may process their personal data in the course of providing our professional services to you. This processing occurs in the context of our relationship and we will usually be acting as a (data) processor acting on your instructions as defined in our written agreement in compliance with Article 28 of the GDPR.

Your rights

The GDPR gives you a number of rights over data relating to you that’s processed by us. We’re committed to respecting those rights so just ask if you want to exercise those rights.