Privacy Policy

Last Updated: 14 June 2025

British Contracts (“we”, “us” or “our”) is committed to respecting and protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data when you visit our website BritishContracts.com (“our Site”) or otherwise interact with us. It also outlines your rights under data protection law. We aim to be transparent about these practices and ensure you have control over your personal information.

Please read this Privacy Policy carefully. By using our Site or providing personal information to us, you acknowledge that your information will be handled as described in this Policy. If you do not agree with any part of this Policy, you should not use our Site or services.

1. Who We Are

Operator of the Site: Our Site is owned and operated by Geoffrey Caesar, a solicitor of England and Wales, practicing as a sole trader under the trading name “British Contracts.” For the purposes of data protection laws (including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018), Geoffrey Caesar is the “Data Controller” of your personal data processed via the Site and services.

  • Business Name: British Contracts (trading name of Geoffrey Caesar)

  • Address: (We operate online; a physical business address is not publicly listed here. For official correspondence, please contact us and we will provide necessary details.)

  • ICO Registration: Geoffrey Caesar is registered with the UK Information Commissioner’s Office (ICO) as a data controller under registration number ZB905094. This registration reflects our commitment to handling personal data in accordance with UK data protection laws.

  • Contact for Privacy Inquiries: If you have questions about this Privacy Policy or your personal data, you can reach us through the contact form on our Site. Please select the subject relating to privacy/data, and we will route your inquiry appropriately. (We do not publish an email address or phone number for data protection inquiries to avoid spam and ensure timely responses; the contact form is the best way to contact us.)

(We do not have a designated Data Protection Officer because the scale and nature of our data processing does not legally require one. However, we take privacy seriously and will respond to your queries or exercises of rights diligently.)

2. What This Policy Covers

This Privacy Policy applies to personal data that we collect through:

  • Our website BritishContracts.com (including any subpages, forms, and online tools on the Site).

  • Communications you have with us (such as via our contact form or email, if provided, or through service inquiries and consultations).

  • When you purchase or use our services (for example, if you sign up for one of our legal service packages, we will collect certain details to deliver the service).

It covers how we use that data and under what circumstances we may share it.

Third-Party Websites: Our Site may contain links to third-party websites or integrations (for example, payment processors or reference links to external resources). This Policy does not apply to those external sites which we do not operate. If you follow links to other websites, please check their privacy policies before submitting any personal data, as we have no control over how they collect/use information.

3. What is Personal Data?

Personal data” means any information that relates to an identified or identifiable individual. It includes obvious things like your name or email address, as well as less obvious things like IP addresses or other unique identifiers if they can be linked to you.

Examples of personal data we might collect include: your contact details, information about your device (if linked to you), and information relating to your legal matter if it identifies you or others. We aim to collect only what is necessary for the purposes stated in this Policy.

4. Your Rights

Under the UK GDPR and Data Protection Act 2018, you have certain rights regarding your personal data. We respect these rights and have processes in place to help you exercise them. Your rights include:

  • Right to be Informed: You have the right to be given clear information about how we use your personal data (which is the purpose of this Privacy Policy).

  • Right of Access: You can request a copy of the personal data we hold about you, commonly known as a “Subject Access Request.” This allows you to confirm what data we have and check that we are processing it lawfully.

  • Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you have the right to have it corrected or completed.

  • Right to Erasure: Also known as “the right to be forgotten.” In certain circumstances, you have the right to ask us to delete or remove personal data we hold about you (for example, if the data is no longer necessary for the purposes we collected it, or if you withdraw consent and no other legal basis for processing applies). Please note this right is not absolute and may not apply in contexts where we need to retain data for legal obligations or legitimate interests.

  • Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain situations – for instance, if you contest the accuracy of the data or have objected to our processing and we are considering that objection.

  • Right to Data Portability: You have the right, in certain circumstances, to obtain personal data you’ve provided to us in a structured, commonly used, machine-readable format and to reuse it elsewhere or ask us to transfer it to a third party of your choice.

  • Right to Object: You can object to our processing of your personal data where we are doing so on the basis of legitimate interests or for direct marketing. If you object on grounds relating to your particular situation, we will consider whether our legitimate grounds for processing override your rights. If your data is used for direct marketing, you have an absolute right to object and we will stop processing for that purpose if you object.

  • Right to Withdraw Consent: Where we rely on your consent to process data (such as for marketing emails, if you opted in), you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal.

  • Rights related to Automated Decision-Making: We do not currently use your personal data for automated decision-making that produces legal or similarly significant effects (like profiling you in a way that significantly affects you). If we ever do, you have rights to request human intervention, express your point of view, and contest decisions made solely by algorithms.

You can exercise most of these rights by contacting us via our contact form with your specific request. We will respond within one month (or inform you if we need more time, which can be up to two further months for complex requests). There is generally no fee for exercising your rights, but if a request is manifestly unfounded or excessive, we may charge a reasonable fee or refuse to act on it.

Keeping Data Accurate: We encourage you to help us keep your personal data accurate and up-to-date. If your information changes (for example, you get a new email address or your name changes), please inform us so we can update our records.

Complaints: If you have any concerns or complaints about how we are handling your personal data, please contact us first so we can try to resolve it. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. You can find more information on the ICO website: https://ico.org.uk/concerns/ or call their helpline at +44 303 123 1113. We would, however, appreciate the chance to address your concerns before you approach the ICO, so please consider reaching out to us initially.

5. The Data We Collect and How We Collect It

The personal data we collect depends on how you interact with us. We may collect the following categories of data:

5.1. Information You Provide Directly:

  • Contact Information: When you fill out our contact form or engage with us, we ask for your name, email address, and possibly your phone number or other contact details. For example, the contact form requires your name and email so we can respond.

  • Inquiry Details: If you send us a message via the site or email, we will collect whatever information you choose to provide in that message. This could include the nature of your legal question, details about your business, etc., which might contain personal data.

  • Service Sign-Up Information: If you decide to purchase a legal service package, we will collect information necessary to process that order. This includes your contact details (so we can communicate and send deliverables), billing information (to process payment, though payment details like credit card numbers are handled by our payment processor – see below), and details about your legal matter (e.g., context for the contract you want drafted, names of parties involved, etc.). Some of this may be personal data (e.g., if you are an individual wanting a contract, the contract details might include your personal address).

  • Account Data: If our Site offers account creation (for example, to save drafts or track orders), we will collect username, password, and any profile information you provide. (Currently, our site may or may not have a user account system – if not, this category is not applicable.)

  • Feedback/Testimonials: If you provide feedback, testimonials, or surveys, we will collect whatever information you provide about your experience and potentially publish it with your consent (possibly including your name or initials, if you agree to that for a testimonial).

  • Communications: If you communicate with us by email, postal mail, or phone (where applicable), we may keep records of that correspondence or communication, which could include personal data like your contact info and the content of the communication.

5.2. Information We Collect Automatically:

When you visit our Site, we (or service providers acting on our behalf) may automatically collect certain technical information about your device and usage of the Site. This may include:

  • Device and Browser Data: such as your IP address, browser type and version, time zone setting, operating system and platform, device type (desktop, mobile, tablet), and other technology on the devices you use to access our Site.

  • Usage Data: information about how you navigate and use our Site, such as the pages you visit, the time and date of your visits, the amount of time spent on pages, clickstreams, and referring website addresses.

  • Cookie Data: We use cookies and similar tracking technologies (see our Cookie Policy for details) to collect and store some of this information. For example, cookies might log when you last visited or whether you are logged in (if accounts are applicable).

This automatically collected data might be considered personal data (especially IP addresses can be personal data in some cases under law), although we do not typically use it to identify you by name. It’s mainly used to analyze and improve our Site and to ensure security.

5.3. Information from Third Parties:

We do not generally purchase or obtain personal data from third-party data brokers or marketing lists. However, we might receive personal information about you from third parties in specific contexts:

  • Payment Processors: When you make a payment, the payment processor (e.g., a credit card gateway or PayPal) will provide us with confirmation of payment and basic details like your name, email, billing address (for receipt/invoice), and amount paid. We do not see your full card number or bank details—those are handled securely by the processor.

  • Referrals or Collaborations: If another client or a partner law firm refers you to us, they might provide us with your contact information and a brief summary of your needs (with your consent). Similarly, if we collaborate with another professional on your matter, they might share relevant data with us (with appropriate permissions).

  • Publicly Available Data: In preparing to assist you, we may on occasion consult publicly available sources (like Companies House records for a business contract) that contain personal data (like director names or addresses). This is part of our research to provide services and is generally not stored beyond its use in your matter.

  • Cookies from Third Parties: Sometimes third-party analytics or embedded content on our Site may provide us with information (for example, Google Analytics might aggregate data about site traffic — see Cookie Policy). This is generally statistical and not identified to you personally.

We will only use third-party-sourced data in accordance with the law and this Policy.

5.4. Special Category Data: We do not seek to collect any “special category” personal data through our Site (such as data about health, religion, political opinions, etc.) unless it is directly relevant to a legal service you ask us to provide and you voluntarily provide it. We ask that you do not submit any such sensitive data through casual use of the Site unless necessary. If it is needed for a case (for example, if we draft a contract that touches on health data or something sensitive), we will ensure appropriate safeguards as required by law.

5.5. Children’s Data: Our Site and services are not directed to individuals under 18. We do not knowingly collect personal data from children. If you are under 18, please do not provide any personal information. If we learn we have collected personal data from a child, we will delete it. Parents or guardians who believe we might have information about a child, please contact us to remove it.

6. How We Use Your Personal Data

We will only use your personal data where we have a valid legal basis to do so. Under UK data protection law, the main grounds we rely on are: (a) to perform a contract with you or take steps at your request before entering a contract; (b) to comply with a legal obligation; (c) where it is in our legitimate interests and those interests are not overridden by your rights; and (d) where you have given consent (for example, for marketing).

Below, we describe the purposes for which we process personal data and the legal bases:

  • To Provide and Manage Our Services: When you engage us for legal services, we use your personal data to perform our contract with you. This includes using your information to communicate with you, gather details about your legal needs, provide advice, draft contracts, and deliver final documents. (Legal basis: Contractual necessity; and in some cases, legal obligation – e.g., keeping records for regulatory compliance.)

  • To Respond to Inquiries: If you contact us with a question (through the contact form or otherwise), we will use your contact information and the content of your inquiry to respond to you. We do this because it’s in both your and our legitimate interest to communicate, or because you’ve asked us to take steps like providing information before possibly entering a contract. (Legal basis: Legitimate interests – to provide good customer service to prospective clients; or pre-contractual steps at your request.)

  • Account Registration (if applicable): If our Site allows account creation, we process your data to set up and maintain your account (like storing your login credentials, saved drafts, preferences). (Legal basis: Contractual necessity – providing the account service you requested; and Legitimate interests – for security and administration of our site.)

  • Payment Processing and Order Fulfillment: We use personal data to process payments and keep proper transaction records. For example, our payment processor will use payment data to complete the transaction. We may record that payment was made and associate it with your account or order. (Legal basis: Contractual necessity; Legal obligation – financial record-keeping.)

  • Providing the AI Drafting Tool: If you use our AI contract drafting tool, any data you input (which may include personal data) is used to generate the draft you requested. We also may store that input and generated draft for a short period to allow you to retrieve results and to improve our services or the tool’s accuracy. We do not use this data for any unrelated purposes, and if it contains personal details, we treat it as confidential. (Legal basis: Contractual necessity – providing the tool’s functionality; Legitimate interests – improving our services, ensuring the tool works well. We ensure this use is minimal and not intrusive, respecting your confidentiality.)

  • Customer Support: We maintain records of communications (emails, contact form submissions, call notes) to help us manage your inquiries or case. This helps in providing context if you contact us again and improves efficiency. (Legal basis: Legitimate interests – ensuring high-quality service and continuity.)

  • Marketing Communications (if opted-in): We may use your contact details to send you updates, newsletters, or information about services that might interest you if you have consented to such communications (for example, by ticking a box to receive news, or if you’ve become a client, we might send related service offerings). You can opt-out at any time. We will not spam you and will typically only send legal updates or BritishContracts service news occasionally. (Legal basis: Consent for non-clients or general newsletter subscribers; Legitimate interests for existing clients to inform about related services, but always with a clear opt-out.)

  • Analytics and Improvement of Our Site: We use data like website usage information and cookies to understand how users interact with our Site, which pages are most popular, how users progress through the site, etc. This helps us troubleshoot problems and design a better user experience or content strategy. All analytics data is typically aggregated and does not identify you personally (we do not attempt to tie analytics data to individual identities). (Legal basis: Legitimate interests – to improve our website and services. We consider that this processing has minimal impact on privacy, especially since it’s often aggregated/anonymous. You can opt out of non-essential analytics cookies via our Cookie Policy settings.)

  • Security and Fraud Prevention: We may process certain data to keep our Site and services secure. For example, we might log IP addresses to detect multiple failed login attempts, or use CAPTCHA and other tools to prevent spam through our contact form. If we suspect any fraudulent or malicious activity, we might process relevant data to investigate and prevent it. (Legal basis: Legitimate interests – protecting our business, site, and clients from fraud or security threats; and Legal obligation, where applicable, such as obligations under money laundering regulations to report suspicious activity.)

  • Legal and Regulatory Compliance: We will process personal data where necessary to comply with our legal obligations. Examples include maintaining records for tax and accounting purposes, performing conflict of interest checks (we may use names in such checks to ensure we’re not advising both sides of a transaction), complying with anti-money laundering (AML) regulations (which might require identity verification data), and cooperating with law enforcement or regulatory requests when legally required. (Legal basis: Compliance with a legal obligation.)

  • Record-Keeping and Administration: Like any professional service provider, we keep records of our engagements and communications. We may use personal data for internal administration, such as maintaining our client database, tracking service delivery, and ensuring we provide consistent service (for instance, remembering your preferences or prior engagements with us). (Legal basis: Legitimate interests – efficient administration of our practice; Legal obligation – certain records are required by law or professional rules to be kept for a minimum time.)

  • Profiling or Automated Decision-Making: We do not use your personal data to make automated decisions about you without human involvement. We also do not profile you in a way that has legal or significant effects. For instance, we don’t algorithmically decide whether to offer you a service based on your data – any such decisions involve human judgement (e.g., a solicitor deciding if your case falls within our scope). If this ever changes, we will update this policy and ensure required safeguards, including informing you and allowing you to request human review.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another related reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and explain the legal basis that allows us to do so, or seek your consent when required.

7. Sharing and Disclosure of Personal Data

We treat your personal data with care and confidentiality. We do not sell your personal information to third parties. However, in certain circumstances we may share your data with others, as detailed below, for the purposes described above:

  • Service Delivery (Partner Law Firms or Freelancers): If, as part of providing you a legal service, we involve another solicitor or law firm (for example, assigning your contract drafting to a collaborating solicitor, as described in our Terms of Service), we will share with them the information necessary to carry out that service. This could include details of your matter and your contact info. Any such partner is bound by confidentiality and data protection obligations either by professional rules (if they are a law firm) or by a contract with us.

  • Employees and Personnel: If we employ staff or engage assistants (including IT support, administrative assistants, etc.), they may have access to personal data as needed to perform their duties. They will be subject to confidentiality agreements and trained in data protection.

  • Payment Processors: We use reputable third-party payment processing companies (for example, Stripe, PayPal, or similar) to handle credit card transactions and online payments. These processors receive your payment data (such as credit card number, billing address, etc.) directly when you enter it in the payment form. They operate under their own privacy policies and compliance standards. We share with them the necessary information to process the payment (like the charge amount, our business name, perhaps your name/email to send receipt). We receive from them confirmation of payment and basic payer info. We recommend reviewing the privacy policy of the payment provider at checkout for more details on their handling of data.

  • IT and Cloud Service Providers: We rely on various third-party service providers for operating our Site and business:

    • Web Hosting and Email: Our website may be hosted by a third-party hosting company, which means the data you submit to the Site (including contact form submissions) might be stored on their servers. Our business email service is also through a provider (e.g., Microsoft 365, Google Workspace, etc.), so when we email you, the data passes through their systems. We have agreements or terms in place with these providers to safeguard the data (including, where applicable, EU Standard Contractual Clauses for international transfers).

    • Analytics Services: As mentioned, we might use Google Analytics or similar tools to collect website usage data. These tools might set cookies and collect information about how you use our Site. Google (for instance) may process this data on servers globally. We have set up Google Analytics in a privacy-friendly manner (e.g., IP anonymization to truncate your IP address) and we don’t enable sharing of analytics data with Google’s other services. You can opt-out of analytics as described in our Cookie Policy. (Google’s privacy policy is available at https://policies.google.com/privacy)

    • Customer Relationship Management (CRM) / Data Storage: We might use cloud-based software to organize client information and case documents (for example, secure cloud storage like Dropbox or OneDrive, or a CRM system). If so, personal data related to your matter may be stored there. We choose reputable providers with strong security and, where possible, data residency in the UK/EU or appropriate safeguards.

    • Appointment Scheduling Tools: If we use an online scheduler for consultation calls (like Calendly or similar), and you use it to book a time, that tool will process your name, email, and the meeting details to schedule. That data is used only for scheduling and notifications, and we would ensure any such provider meets privacy standards.

  • Legal Requirements and Vital Interests: We may disclose personal data if required to comply with a legal obligation or a lawful request (for example, a court order, tax authority demand, or an SRA investigation). We may also share information if necessary to protect the vital interests of an individual (e.g., if someone’s life or health is in danger and data needs sharing in an emergency) or to enforce our terms and protect our rights or the rights of others (which could involve providing data to law enforcement to prevent fraud or cybercrime).

  • Professional Advisors: We may share relevant personal data with our professional advisors (such as accountants, auditors, or lawyers) if needed for consulting on our business operations, compliance, or in defense of legal claims. For example, our accountant might see transaction records that include client names for invoicing purposes. All professional advisors are bound by confidentiality obligations.

  • Business Transfer: In the unlikely event that British Contracts (the practice operated by Geoffrey Caesar) is sold, merged, or transferred (for example, if Geoffrey Caesar joins or forms a law firm, or sells the website to another solicitor), the personal data held by this business may be transferred to the new owner or successor as part of the transaction. We would ensure that any such successor processes your data in a manner consistent with this Privacy Policy. You would be notified of any change in ownership that affects how your personal data is used, and your choices (which might include the option to have your data deleted or not transferred, if desired and feasible).

We require all third parties with whom we share personal data to respect the security of your data and to treat it in accordance with the law. When we share data, we do so only as necessary for the specific purpose and, whenever possible, in a pseudonymized or limited way (for example, giving an IT support person access to a system for troubleshooting without exposing all data).

8. International Data Transfers

We are based in the United Kingdom. Generally, our primary data storage and processing activities occur in the UK. However, some of the third parties we use (mentioned above) might be located or have servers outside the UK or European Economic Area (EEA).

For example:

  • If we use Google Analytics, data may be processed in the United States or elsewhere.

  • Our email or cloud storage might route data through or store data in data centers outside the UK/EEA (even if the provider is EU/UK based, they may have global redundancy).

  • If you or a collaborating lawyer are abroad, communications could naturally cross borders.

When transferring personal data out of the UK/EEA, we will ensure that a similar degree of protection is afforded to it by implementing at least one of these safeguards:

  • Adequacy Decisions: We may transfer to countries that the UK (or EU) has deemed to have an adequate level of data protection (currently, for example, EEA countries are adequate to the UK, and the UK is adequate to the EU; other examples include countries like Canada (commercial organizations), Japan, New Zealand, etc.).

  • Standard Contractual Clauses (SCCs): For transfers to countries without an adequacy decision (like the US in many cases), we use standard contractual data protection clauses approved by the UK (or EU) which legally oblige the recipient to provide a level of protection comparable to UK/EU standards. Many large service providers include SCCs in their terms or have signed Data Processing Agreements with us containing such clauses.

  • Other Measures: We also assess on a case-by-case basis any additional technical or organizational measures needed (such as encryption in transit and at rest, limiting access, etc.) to ensure data is secure during international transfers.

By using our Site or services, you acknowledge that your personal data may be transferred to and stored on servers located in countries outside of your own jurisdiction. However, we assure you that we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and applicable law.

If you would like more information about how we protect specific international transfers, please contact us and we can provide details of relevant contractual terms or policies.

9. Data Retention – How Long We Keep Your Data

We will not keep your personal data for longer than necessary for the purposes for which it was collected, unless a longer retention period is required or permitted by law (for example, for legal, tax, or accounting reasons).

In general:

  • Website Inquiries: If you contact us but do not become a client or engage our services, we will retain that inquiry data for a reasonable period (typically up to 1 year) in case you follow up or decide to use our services later, and for our administrative records, after which we will delete it from active systems. (Backup archives may retain some data slightly longer until cyclical deletion.)

  • Client Data (Legal Service): If you become a client, we will retain your data for the duration of our engagement and then typically at least 6 years after the conclusion of our services or the closure of your case. Why 6 years?This period often aligns with the statute of limitations for contract claims and is a common retention period for legal practice in case of any issues or queries that arise later. We also have professional obligations to retain certain records for minimum periods. We may keep files longer than 6 years for complex matters or if we have another legitimate reason (for example, if you return as a client frequently, we may keep past documents to better serve you, unless you request deletion). However, we will not keep full files indefinitely unless there’s an ongoing reason.

  • Financial Records: We keep transaction records (invoices, payment records) for at least 6 years as required by tax law.

  • Account Data: If user accounts exist and you register, we will keep your account data until you deactivate your account or after prolonged inactivity. If you wish to delete your account, you can contact us. Backups might retain username or email even after deletion for a short time, but we will scrub personal info to extent possible.

  • Analytics Data: Google Analytics and similar tools retain aggregated website data for a certain time (Google’s default is 26 months for user-level data, which we may adjust). Since this data is typically not identifiable to you by name, we may retain it to analyze trends over time. However, any IP addresses logged are anonymized and raw server logs are usually rotated or deleted within a few months.

  • Email Communications: We may retain business communications (including emails) for several years, as part of our continuous records (often older emails are archived but still retrievable). This helps us have context for any follow-up or in case any issues arise that require referencing past communications.

  • Legal Hold: In the event of a dispute, investigation, or legal hold, we may retain relevant information beyond standard periods until it is resolved or the hold is lifted.

When we have no ongoing legitimate need or legal obligation to process your personal data, we will either delete it securely or anonymize it (so it can no longer be associated with you) for archival or statistical purposes.

For example, if you request that we remove your data and we are able to (provided it’s not needed for legal reasons), we might anonymize certain remaining info (like keep a record “Client ID 123 – matter was contract drafting – completed on X date – data deleted per request” without personal identifiers) to maintain practice records.

Please note that even after you delete your account or we have removed your data from our active systems, backups may still contain residual data for a period of time until those backups are overwritten or deleted. We also may retain a minimal amount of information to record that we complied with a deletion request (for example, your email address in a suppression list to ensure we don’t send you emails again if you opted out).

If you have any questions about our data retention practices specific to your information, feel free to contact us for more detail.

10. How We Protect Your Personal Data

We take the security of your personal data seriously and have implemented various measures to protect it:

  • Technical Security: We use industry-standard technical measures to secure our Site and systems. This includes encryption of data in transit (our website is served over HTTPS, which encrypts information between your browser and our server), firewalls and monitoring to prevent unauthorized access, regular software updates to patch vulnerabilities, and, where applicable, encryption of data at rest (especially for sensitive information). For instance, if you provide personal data via our forms, that data is transmitted securely. Our databases or cloud storage are protected by strong passwords and possibly two-factor authentication accessible only to authorized personnel.

  • Access Control: Personal data is only accessible to those who need it for their job or to provide services. For example, our solicitor and any necessary assistants will have access to client files, but a marketing consultant (if any) would only see data relevant to their task (and likely anonymized). We limit access credentials and follow the principle of least privilege.

  • Training and Policies: Anyone who works with us (employees, contractors) is educated on confidentiality and data protection. We have internal policies in place to handle data securely, including how to deal with data breaches or suspected security issues.

  • Third-Party Standards: When using third-party service providers, we choose reputable firms known for strong security (for example, hosting providers with ISO 27001 certification or payment processors compliant with PCI-DSS standards). We also ensure through contracts or terms that they commit to protecting the data.

  • Backups: We maintain backups of critical data to prevent data loss, but these backups are also stored securely. Access to backups is restricted, and they are encrypted if possible.

  • Device and Physical Security: Our devices (computers, etc.) that may hold personal data are encrypted and protected with passwords/biometrics. Hard copy documents (if any personal data is printed) are stored in secure locations and shredded when no longer needed. Our office (if any physical location) is access-controlled.

  • Testing and Monitoring: We may periodically test our systems and processes (or have them audited) to ensure security measures are effective. We keep our software up to date to mitigate security risks. We monitor for any suspicious activities on accounts or our website.

No system is 100% secure, so while we strive to protect your data, we cannot guarantee absolute security. However, we will notify you and the appropriate authorities as required by law if we discover a data breach that poses a high risk to your rights and freedoms. We have a Breach Response Plan to quickly address such incidents.

You also play a role in data security. We encourage you to use strong, unique passwords for any accounts, keep your login credentials confidential, and be cautious about the information you share. If you believe your interactions with us or your data may no longer be secure (for example, if you suspect your account has been compromised), please alert us immediately via our contact form so we can investigate and assist.

11. Cookies and Tracking Technologies

Our Site uses cookies and similar tracking technologies to enhance your experience, analyze usage, and for other purposes. For detailed information on the cookies we use and your choices regarding cookies, please see our Cookie Policy (which is available [here on our Site]).

In summary:

  • Cookies are small text files placed on your device that help the Site function or provide analytical information. We use strictly necessary cookies to enable core functionality (like session cookies for logged-in users or to remember cookie consent choices), which do not require consent.

  • We may use analytics cookies (from third parties like Google Analytics) to collect aggregated usage data – these help us understand things like website traffic and page popularity. These will be used only with your consent where required (when you first visit, we may ask you to consent to analytics cookies via a banner or settings).

  • We might use functional cookies to remember your preferences (e.g., if the site has a feature to remember your details for next time).

  • We do not use cookies for advertising or targeting purposes (we don’t show ads or track you across other sites for advertising).

  • If in the future we embed content from social media or other external platforms, those may set their own cookies as well (for example, a YouTube video embed might set cookies). Such third-party cookies are governed by the third party’s privacy policy.

You have control over cookies. You can adjust your browser settings to refuse or delete cookies. However, please note that disabling certain cookies may affect the functionality of our Site (for example, if you disable strictly necessary cookies, some features might not work as intended).

For more about how we use cookies and how you can manage them, please refer to our Cookie Policy.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. If we make significant changes, we will notify users by posting a prominent notice on our Site (and/or by email if appropriate, especially if you are a client or have provided your email for updates).

The “Last Updated” date at the top of this Policy will always indicate when the latest changes were made.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

If you do not agree with any updates to the Privacy Policy, you should stop using our Site and services and may request us to remove your personal data (provided we can do so in compliance with legal obligations). By continuing to use our Site or services after the revised Policy comes into effect, you will be deemed to have accepted the changes.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us via the contact form on our Site. We will do our best to assist you and address your inquiry promptly.

Postal contact address or other methods can be provided upon request via the contact form, but initially reaching out through the Site ensures your inquiry is tracked and directed correctly. Remember, do not include sensitive personal information in the contact form beyond what is necessary, as it is a general inquiry form.

Thank you for reading our Privacy Policy. Your privacy is important to us, and we are committed to ensuring your personal information is handled safely and transparently.

Scroll to Top