Privacy Policy

We do this on the basis of our legitimate interest in maintaining our website and fixing problems that may occur.  We have considered our legitimate interests carefully and have balanced our legitimate interests against your rights under data protection law. We only use your data as necessary for maintaining the website and it is in your reasonable expectation that we would need to use certain personal data in this way.

We use platforms like LinkedIn, Meta, and Google Ads to enhance our marketing efforts, track user interactions, and provide targeted advertisements. These platforms collect specific data about your interactions with our website. You can learn more about how these platforms process data by visiting their respective privacy policies and our Cookies Policy. 

We process this information under the legal basis of consent. Please note that you have the right to withdraw consent any time. If you wish to do so you can manage your own preferences or contact us directly. 

We use a Google service called Google Analytics to help inform our marketing decisions – for example, the information provided by Google might tell us that we have a large number of visitors from a particular area or falling into a particular demographic.

The service works by saving to your device a series of small files called “cookies”, which contain information which Google can use to track your activity on our website and identify unique visitors.

We ask for your consent before we store performance cookies on your device using our website’s privacy preference center. Read our Cookie Policy to understand how we use cookies for analytics and to manage your existing cookie preferences.

The information presented to us by Google is statistical in nature and does not identify you personally, but if you have a Google account and you are logged in to it on the device you’re using to browse our website then it is likely that Google will know who you are.

Read about Google Analytics data protection.

Read about Google Analytics data retention.

Find details of how Google uses your personal data on their privacy notice.

When you subscribe to our newsletters, we may send you marketing communications for as long as you've subscribed. You may opt out of our marketing emails at any time by using the unsubscribe link in the emails.

We may retain certain data about you after you've unsubscribed. We do so in order to maintain our suppression list to ensure that we can give effect to your right to opt out of further communications. 

We use Pipedrive and Hubspot for promoting our business and your personal data will be stored and processed on Pipedrive and Hubspot servers. When you interact with an email campaign that you receive from us, Pipedrive and Hubspot may collect information about your device and interaction with the email.

You can learn more about Pipedrive and Hubspot’s data privacy pages and how they collect this information here.

We process this information under the legal basis of consent. Please note that you have the right to withdraw consent any time. If you wish to do so you can manage your own preferences via the unsubscribe link at the bottom of our newsletter or contact us directly.

When you sign up for our events through Linkedin or our Webflow forms, the data is processed through Zapier, which then transfers the information to Pipedrive and Hubspot for further processing and management.

We give you an option to subscribe to our newsletter and will transfer your contact information to our marketing mailing lists if you give your consent for us to process your data in this way. See the "Marketing and promoting our business" section for more information about how we process this information.

We may require a payment when you're attending our ticketed events. The payment information will be processed on a third-party platform who will be our sub- processors for this activity. Please note that anytime we use a sub processor we always ensure that they will provide you with an equivalent level of protection as per our obligations under data protection legislation. 

We may share your contact details with third parties who are organising the events with us, for example, event venues or partners we're working with on the event. If this is the case you will be provided with this additional information at the time you register for the event. 

We store your contact details for as long as you are registered for the event as we may need to contact you regarding any changes or updates. We may keep your information after the event, for the purposes described above.

We process this information under the legal basis of consent. Please note that you have the right to withdraw consent any anytime.

We carry out these processing activities under the legal basis of performance of contract, legitimate interest, that being our interest in running our business in an efficient and legally complaint manner, to fulfil our legal and regulatory obligations or in some cases with your consent. 

• Directly from you in person, by telephone, email, surveys or via our website;

• From publicly available sources such as internet search engines and social media sites;  

• From call recording when you interact with us;

• From our website, including the use of cookie and web analytics. Please see our cookies policy for further information;

• From third parties in connection with any acquisition or merger of a business by us.  

If you would like further information in relation to who we share your data with please contact our Data Protection and Privacy Office on the details set out above. 

You may participate in the research work we do for our clients. This includes interviews, field studies, usability testing and surveys. We may also send you a post-test questionnaire following a research session if you consent to receive such materials. 

We may use a third-party recruitment agency in the recruitment process of any external research subjects. The recruiters may provide us with your contact information so we may contact you before and during the interview process if you consent to the onward transfer of your data. 

During the interview process, we may collect various types of information for demographics purposes. This may include some special categories of personal information. You may refuse to answer any questions without needing to provide us with a reason. We will always seek your explicit consent to process such information. 

When we're conducting interviews remotely, we may record audio and video so that we may reference these during the research process. We will ask consent from every participant for the recording and you may end the sessions at any time.

We may need to share your personal data with the client so that they may use your contribution for the purpose of the research. We will inform you of this when you participate in our research and ask for your consent before sharing your personal information.

Your personal data, including any audio and video recordings and any special categories of data, shall be retained for as long as it is required in connection with the research purpose and record-keeping. Your personal data will usually be deleted once the project that the data was relevant to has been completed. We will make you aware of any changes to this in advance of the research taking place and ask for your consent before extending this period.

We use third party platforms to conduct interviews and these vendors may store and process your data. We carry out due diligence in relation to all of our processors as per our obligations under data protection legislation. If you have any questions regarding these technology providers please contact the Data Protection and Privacy Office on the details set out above.

You may participate in workshops for the work we do for your business. Some of these workshops may also take place during the events we organise. 

The information processed will likely include your name, occupation and any relevant contact details needed to access these workshops. We may also ask for your photograph to personalise the experience.

Information about the particular workshop and details of the use of your data will be provided in advance of your participation in the workshop. We ask for your consent before you participate in any workshop or process your data. We may share the research data with our clients. We will inform you of this when you participate in our research and ask for your consent before sharing your personal information.

When we're conducting workshops remotely, we use third-party platforms that may store and process your data. If you have any questions regarding these technology providers please contact the Data Protection and Privacy Office on the details set out above.

When we process personal information in order to facilitate technical solutions to or provide services for our clients, they will be the controllers of the personal data we process for this purpose. In order to understand your rights and how they process your personal information please see their privacy notice as available on their webpages or their Employee Privacy Notice which will be available internally or via their own Data Protection and Privacy Office. 

If you would like further information in relation to who we share your data with please contact our Data Protection and Privacy Office on the details set out above. 

We will retain your personal data for as long as is reasonably necessary for the purposes explained in this Notice. 

If we are acting as the data controller of the information process in most cases this will be a maximum of seven years post termination of contract. Where we are acting as data processors on behalf of our client our data retention period will be in line with the terms of our commercial agreement or the length of campaign plus one year. 

In some circumstances we may retain your Personal Data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax or accounting requirements. We may also retain your personal data for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your relationship with us. Where your personal data is no longer required, we will ensure it is either securely deleted or stored in a way that no longer identifies you. If you would like further details regarding our records retention then please contact us.  

• Buy, receive, or sell the personal information of 50,000 or more California residents, households, or devices; or

• Derive 50% or more of our annual revenue from selling California resident's personal information.

Said mechanism ensure that your personal data is protected to the same standard as it would be within the UK or the EEA.  

If you would like further details about how the technology providers transfer your personal data please click on the links above or contact our data protection team (see above for contact details).

• In the United Kingdom, that is the Information Commissioner’s Office.

• See the list of the supervisory authorities for EU member states.

We reserve the right to amend this notice at any time in response to changes in data protection legislation and our legal and regulatory obligations. We recommend that you check our privacy page on a regular basis. If the changes will have an effect on you or the way we use your personal data we will bring them to your attention where appropriate (e.g. if we have your email address as part of our relationship with you).