This Privacy Policy explains how we collect, use, and share personal data when you visit our Site or contact us.
1. Data We Collect
Contact data: name, company, email address, phone number, and the contents of your message when you submit our form or email us.
Technical data: IP address, device and browser information, and basic diagnostics collected through our hosting provider.
Cookies: essential cookies for security and functionality. If we implement analytics cookies, we will request your consent and provide details in a cookie notice.
2. How We Use Your Data
We use personal data to:
- Respond to enquiries and provide requested information;
- Operate, secure, and improve the Site;
- Comply with legal obligations and exercise our legal rights.
3. Legal Bases (UK/EU GDPR)
Our processing is based on:
- Legitimate interests (responding to enquiries, operating and improving the Site, preventing fraud/abuse);
- Contract (taking steps at your request before entering into an engagement);
- Consent (for optional analytics cookies, if used);
- Legal obligation (record‑keeping, compliance, and regulatory requirements).
4. Sharing Your Data
We may share data with trusted service providers acting on our behalf (e.g., website hosting, email services, IT support) under contracts requiring them to protect your data and use it only under our instructions. We may also disclose data if required by law or in connection with a business reorganisation.
5. International Transfers
Where service providers are located outside the UK/EEA, we will ensure appropriate safeguards are in place (such as standard contractual clauses or adequacy decisions) as required by applicable law.
6. Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. No method of internet transmission is completely secure.
7. Data Retention
We keep enquiry records for up to 24 months from the last contact unless a longer period is required by law or necessary to establish, exercise, or defend legal claims. Server logs may be retained for security and audit purposes for a limited period.
8. Your Rights (UK/EU)
You may have rights to access, correct, delete, or restrict processing of your personal data; to object to certain processing; and to data portability. Where processing is based on consent, you can withdraw it at any time. To exercise your rights, contact hello@griffinconsultants.im.
9. Children
The Site is not intended for children, and we do not knowingly collect personal data from children.
10. Cookies
We may use essential cookies necessary for the Site to function. If we introduce analytics cookies (e.g., to measure traffic), we will present a cookie banner seeking consent and a link to manage preferences.
11. Changes to this Policy
We may update this Policy from time to time. The updated version will be posted on this page with a new effective date.