Privacy Policy
Hutson Consultancy
Last updated: January 2026
1. Introduction
This Privacy Policy explains how Hutson Consultancy collects, uses, stores, and protects your personal data when you visit this website or use my services.
I am committed to handling your information lawfully, fairly, and transparently, in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
If you have any questions, you can contact me at:
Email: hutsonconsultants@gmail.com
2. What Personal Data I Collect
I may collect the following types of personal data:
Information you provide directly
• Name
• Email address
• Phone number
• Business name
• Project details or enquiries
• Any information you include in forms or emails
Information collected automatically
• IP address
• Browser type
• Device information
• Website usage data (via analytics cookies, if enabled)
This aligns with ICO guidance to clearly list the types of data collected.
3. How I Use Your Personal Data
I use your data for the following purposes:
• Responding to enquiries
• Providing consultancy services
• Preparing proposals, reports, and deliverables
• Managing invoices and payments
• Improving my website and services
• Maintaining business records
• Complying with legal obligations
These uses reflect the lawful bases of Contract, Legitimate Interests, and Legal Obligation.
4. Lawful Bases for Processing
I rely on the following lawful bases under UK GDPR:
Contract
To provide services you request, including communication, project delivery, and invoicing.
Legitimate Interests
For:
• basic website analytics
• improving services
• maintaining business records
I only rely on legitimate interests where the impact on your privacy is low and proportionate, consistent with GDPR expectations for SMEs.
Legal Obligation
For:
• tax and accounting record‑keeping
5. Cookies & Analytics
If analytics tools (e.g., Google Analytics) are used, non‑essential cookies will only run with your consent.
You can manage your cookie preferences at any time through your browser settings.
This follows ICO guidance on transparency and cookie use.
6. How Your Data Is Stored and Protected
I take appropriate technical and organisational measures to keep your data secure, including:
• password‑protected devices
• secure cloud storage
• limited access to data
• regular data reviews
• secure deletion when no longer needed
These measures reflect GDPR’s requirement to protect personal data with appropriate security.
7. How Long Your Data Is Kept
I keep personal data only for as long as necessary:
• Enquiry emails: up to 12 months
• Client project files: up to 3 years after project completion
• Financial records: 6 years (legal requirement)
After these periods, data is securely deleted.
8. Sharing Your Data
I do not sell or share your data with third parties for marketing.
I may share data with trusted service providers who help me operate my business, such as:
• cloud storage providers
• email service providers
• website hosting platforms
These providers act as “processors” and must comply with UK GDPR requirements, as required for small businesses using third‑party tools.
9. International Transfers
Some service providers may store data outside the UK.
Where this happens, I ensure appropriate safeguards are in place, such as:
• adequacy regulations
• standard contractual clauses
10. Your Rights
Under UK GDPR, you have the right to:
• access your data
• correct inaccurate data
• request deletion
• object to processing
• restrict processing
• request data portability
To exercise any of these rights, contact me at hutsonconsultants@gmail.com and it is also within your rights to make a complaint to the ICO.