Information Handling

Information Handling

In this area you can find out more about how I use your personal data (what little of it I collect). Please click on each of the tabs below to reveal the content and find out more. If you have any queries as you are going along, please do get in touch!

What is 'personal data'?

Well, rather than me give you the meaning of life, let me put simply that like life, information is everywhere and comes in all shapes and sizes. Some information, either on it's own or when mixed with other information, can even be used to tell one person apart from another. In other words, to identify someone. Data Protection laws call this information 'Personal Data'. This could be anything from a name and contact email address right the way through to information that tells someone where you are right now reading this privacy notice (I don't collect that sort of information, so don't panic...).

Are special categories of personal data involved?

In short, no. Wherever possible I avoid collecting any sort of information that could be seen as 'special'. However, where I am supporting you in the investigation of an incident or complaint it is highly likely that some special personal data may need to be examined in order to investigate the matter fully. If we think this may be the case I'll work with you to determine the best solution for how we can proceed.

Why do you want my personal data?

Although I'll do what I can to avoid using personal data, there area a number of areas where it is a necessity. These include;

  • Contacting you about your support and how I can assist you
  • Contacting and liaising with you regarding finances
  • Record keeping for my own legal obligations under tax and insurance laws
  • Contacting you about any future support you may require


What are you going to be doing with my personal data?

For my four main purposes I have different 'legal grounds' that allow me to use that information. None of them are used without your prior knowledge or agreement.

  • Contacting you about your support and how I can assist you is part of a contract negotiation then delivery of that same contract (Article 6(2) of the GDPR)
  • Contacting and liaising with you regarding finances is part of that same contract delivery (Article 6(2) of the GDPR).
  • Record keeping for my own legal obligations under tax and insurance laws requires me to keep certain basic information for a minimum number of years and would come under Article 6(4) of the GDPR.
  • Contacting you about any future support you may require would always be with your clear and explicit consent (Article 6(1)).

I may, if I get the time, contact you regarding a piece of research or case study I would like to develop. If and when that happens we will agree together what is the best approach regarding any personal data that may or may not need to be part of that study.

Who are you going to share my personal data with?

I'm not, unless I legally have to. For a variety of reasons client confidentiality is maintained at all times unless you give me expressed permission to the contrary. This includes any personal data that may form part of our support or contract.

If HMRC ever ask to see my books your basic personal data that forms part of an invoice may be disclosed to them as part of my formal accounts.

Where in the world are you storing my personal data?

Right here in the United Kingdom! I am lucky enough that all my technology platforms are hosted here in the United Kingdom. Email and file storage are hosted by a UK firm just outside London and my account package is stored in the EU.

How are you protecting my personal data?

I would like to say with round the clock minions and ninja unicorns as that would be rather cool but unfortunately its more mundane than that. My email and file storage capacity is hosted on secure services in UK protected by high-level encryption, firewalls and access controls (plus a lot more other technical things for which I have no idea what purpose they serve). Any controls on what is or is not shared via email will be discussed with you before we share anything. I train myself on security at least once a year and you can read more about our standards on confidentiality in our terms of business.

What else do I need to know?

That is about it really. I don't do any 'Cambridge Anlytica' type profiling or analytics stalkerish nonsense on your data as I don't have the time, inclination or the valid justification for doing so. I keep my operation simple so hopefully this privacy notice is nice and simple to understand.

I do not meet the requirement for a Data Protection Officer however while I also do not meet the requirement for registration with the ICO I have registered regardless and can be found under reference XXXXXXXXXX.

At any time you can contact me for a copy of what I hold on you and if you believe anything I have is incorrect you can ask me to correct it or, where appropriate, delete it.

If you have any questions or concerns please get in touch via

Similarly if you like the look and feel of this privacy notice and would like help with your own please do get in touch.