Privacy Policy

For us, data privacy is of paramount importance. This Privacy Policy describes our commitment to protect the privacy of individuals in accordance with the GDPR.

Our Data Privacy Commitment

As part of our business relationship with you, we need to process some of your personal data to provide you with services.

Who will process your personal data?

The services are provided by Business & General Consulting Ltd ("B&G"), a company registered in England & Wales number 08342572;  Address: Wraysbury House, Forestside, Rowlands Castle, Hampshire UK, PO9 6ED. 

In some cases, the decisions regarding your personal data will be made by your organisation. In such case, your company will be considered as a controller and we will act as a processor, acting upon the instructions of such organisation.  In any case, B&G does outsource certain activities to third parties, who may also use your personal data when acting on our behalf. You can find more details about these parties here :

What kind of personal data do we process?

Data that you provide to us: 

During initial discussions, you may submit some identification and contact data (such as your e-mail address, name, job title or position, address, phone number). This data is necessary for the provision of our services.

Billing Information: If you decide to work with us, you will need to provide billing information. You might also provide payment information, such as bank or payment card details, which we collect via secure payment processing services. This data is necessary to provide you with our services.

Other Information: You may decide to share further information, including personal data, with us when you contact our Teams, submit forms on our website or otherwise communicate with us. Our processing of such data will be based on your consent.

Website statistics. You can visit the our website without providing any direct information about yourself. We store data without direct personal references, namely the visitor’s browser types, the name of your internet service provider, the website from which you have visited us and internet protocol addresses.Unless you choose to identify yourself, this data does not allow us to draw any conclusions regarding your identity. By storing and analyzing such information, we are able to create in-depth analysis about our website, which is essential for website and SEO improvement purposes. 

What is the legal basis for processing? (for EEA users)

If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal basis for doing so under applicable EU laws. This means we collect and use your information only where:

  • It is necessary in order to provide you with our services.
  • It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote our services and to protect our legal rights and interests. 

Legitimate interest:

We only collect and use your personal data with a lawful basis: with your consent, when it is necessary in order to provide our services, when we need to fulfill a legal obligation or when there’s a legitimate business reason.

How do we use your data?

We may process your personal data for several purposes. How we use your personal data depends on your preferences you have communicated to us.

Billing : We will process your Registration and Billing Information for billing purposes, i.e. to complete transactions and send you related information including service request forms and invoices.

Marketing : If you are an existing customer and have opted-in, we may use your email address and phone number provided to us to send you marketing communications, such as providing you with information about similar services, unless you have subsequently opted-out.

Protecting our legitimate business interests and legal rights:

Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger, closure or sale of our business.

Other purposes:

We may also process your data for any other purposes for which we obtain your consent where necessary or otherwise in accordance applicable law and this policy.

Do we share your personal data with third parties?

We will share your personal data with third parties only in accordance with this policy. We will never sell your personal data to third parties. However, we may need to share some information, including personal data, we obtain from your use of our service in the following circumstances:-

1. Complying with legal requirements:

We may transmit personal data if the applicable legal provisions so require, or when such action is necessary to comply with any laws, including to meet national security or law enforcement requirements. We may also need to share personal data for the protection of our rights and interests, to protect your safety or the safety of others or to investigate fraud, in accordance with the applicable laws.

2) Using third-party service providers:

In certain cases we need to share information, including personal data with our third-party service providers. We use third-party service providers for a number of services, including application development, backup, storage, payment processing, analytics and other services. We require our third-party service providers to use the personal data that we share with them solely in connection with the services they provide to us. The current list of our service providers is available here:

3) Business Transactions:

We may assign or transfer this policy, as well as your account and related information and data, including any personal information, to any person or entity that acquires all or substantially all of our business, stock or assets, or with whom we merge.  Regardless of any changes that might happen in our company, your personal data will be protected the same way as it is right now.

4) Testimonials:

From time to time, we may post testimonials on our website that may contain personal data. We obtain your consent to post your name along with your testimonial. If you wish to update or delete your testimonial, you can contact us at

Where do we transfer your data?

We are a company incorporated in England & Wales, covered by UK Laws (and where required, EU Law). We primarily store personal data within the UK. Your personal data stored with us may also be transferred to countries outside of the EEA. All such transfers of personal data are and will be made in accordance with applicable laws. You can reach the list of our current sub-processors here:  Your data may be transferred outside of the UK/EEA in accordance with legal and regulatory requirements.

How long will we retain your information?

We will retain your personal data as long as it is needed to fulfil the purposes specified above, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). When we have no ongoing legitimate business need to process your personal data, we will delete it as soon as it is technically possible.

Your privacy rights:

You may ask us to: provide information to you about the personal data that we or our processors maintain about you, correct inaccuracies or amend your personal data and delete your personal data. You can request this by send an email to We will respond to your request within thirty days. Please note that, we may ask you to verify your identity before complying with the request.

If you are from a country where the GDPR applies, you may have additional rights:

In certain circumstances, you may have a broader right to erasure of your personal data. For example, if it is no longer necessary in relation to the purposes for which it was originally collected. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.

You may have the right to request us to stop processing your personal data and/or to stop sending you marketing communications.

You may have the right to request that we restrict processing of your personal data in certain circumstances (for example, where you believe that the personal data we hold about you is inaccurate or unlawfully held).

In certain circumstances, you may have the right to be provided with your personal data in a structured, machine readable and commonly used format and to request that we transfer the personal data to another data controller without hindrance.

If you would like to exercise such rights, please contact us at

We will consider your request in accordance with applicable laws. To protect your privacy and security, we may ask you to verify your identity before complying with the request.

You also have the right to complain to a data protection authority or claim damages before the court. For more information, please contact your local data protection authority. 

Withdrawal of consent

In cases where the processing of your personal data is based on your consent, you can withdraw your consent any time by editing settings at device level. If you withdraw your consent, we will no longer process your personal data for the relevant purpose. However, please note that such withdrawal of your consent does not affect the lawfulness of our processing activities based on consent before its withdrawal.

Changes to this policy

We reserve the right to alter or modify this policy when it is necessary.

If there are any material changes to this policy, you will be notified 30 days prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of our website or our services constitutes your agreement to be bound by such changes to this policy. Your only remedy, if you do not accept the terms of this policy, is to discontinue use of our website/services. 

Third party controllers

Our webpage or services may, from time to time, contain links to and from the websites or services of third parties. This policy does not extend to these external sites or companies, so please refer directly to their privacy policies.

If you have any questions, please contact us/our data protection officer at