Privacy Policy
1. Introduction
Seneca Consultancy (“we”, “us”, or “our”) is committed to protecting your privacy and handling your personal data fairly, lawfully, and transparently.
This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website or engage with our consultancy services.
We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws.
2. Who We Are
Seneca Consultancy is a consultancy specialising in governance, risk management, compliance, information security, internal audit, and related advisory services.
If you have any questions regarding this Privacy Policy or how we process your personal data, please contact us using the details provided on our Contact page.
3. Information We Collect
Depending on how you interact with us, we may collect:
Information You Provide
- Name
- Company name
- Job title
- Email address
- Telephone number
- Postal address
- Details submitted through contact forms
- Information provided during enquiries or consultancy engagements
Information Collected Automatically
When you visit our website, we may automatically collect:
- IP address
- Browser type and version
- Device information
- Operating system
- Pages visited
- Date and time of your visit
- Referring website
- Website usage statistics
This information helps us improve the performance, usability, and security of our website.
4. How We Use Your Information
We use your personal data to:
- Respond to enquiries.
- Provide consultancy services.
- Communicate regarding projects and engagements.
- Prepare proposals and contracts.
- Improve our website and services.
- Maintain website security.
- Comply with legal and regulatory obligations.
- Maintain business records.
We will only use your personal data where we have a lawful basis for doing so.
5. Lawful Basis for Processing
Depending on the circumstances, we process personal data under one or more of the following lawful bases:
- Your consent.
- Performance of a contract.
- Legitimate business interests.
- Compliance with legal obligations.
- Protection of legal rights where applicable.
6. Cookies
Our website may use cookies and similar technologies to improve user experience and analyse website traffic.
Cookies may include:
- Essential cookies
- Functional cookies
- Analytics cookies
- Performance cookies
Where required by law, we will ask for your consent before placing non-essential cookies on your device.
Further information is available in our Cookie Policy.
7. Sharing Your Information
We do not sell your personal information.
We may share personal data with trusted third parties where necessary, including:
- IT service providers
- Website hosting providers
- Professional advisers
- Cloud service providers
- Email service providers
- Legal, regulatory, or government authorities where required by law
All third parties are required to protect your personal data appropriately.
8. International Transfers
Where personal data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place in accordance with UK GDPR requirements, including approved contractual safeguards where necessary.
9. Data Security
We implement appropriate technical and organisational security measures designed to protect personal information from:
- Unauthorised access
- Loss
- Misuse
- Alteration
- Disclosure
- Destruction
Although we strive to protect personal information, no method of internet transmission or electronic storage can be guaranteed to be completely secure.
10. Data Retention
We retain personal information only for as long as necessary to:
- Provide our services.
- Meet contractual obligations.
- Comply with legal and regulatory requirements.
- Resolve disputes.
- Enforce our agreements.
Retention periods vary depending on the type of information and legal obligations.
11. Your Rights
Under UK data protection law, you may have the right to:
- Access your personal information.
- Request correction of inaccurate information.
- Request deletion of your information.
- Restrict processing.
- Object to processing.
- Request data portability where applicable.
- Withdraw consent where processing is based on consent.
- Lodge a complaint with the Information Commissioner’s Office (ICO).
We will respond to requests in accordance with applicable legal requirements.
12. Third-Party Websites
Our website may contain links to external websites.
We are not responsible for the privacy practices or content of third-party websites. We encourage users to review their privacy policies before providing personal information.
13. Children’s Privacy
Our website and consultancy services are intended for businesses and professionals and are not directed at children under the age of 13. We do not knowingly collect personal information from children.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in legislation, technology, or our business practices.
Any updates will be published on this page with a revised “Last Updated” date.
15. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us using the details on our Contact page.
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s independent authority for data protection matters.
