Privacy Policy

---

Introduction

This privacy policy explains how Reflective Strategy Limited (“Reflective Strategy”, “we”, “us”) collects, uses, stores, and protects your personal information. It also outlines your rights under UK data protection law and how to contact us if you have questions or concerns.

This policy applies to your use of our website and any personal information shared with us through communication, downloads, or services.

Registration reference: ZB916209

Last updated: 20/06/2025

Name: Reflective Strategy Limited (also known as Reflective Strategy)

Email: privacy@reflectivestrategy.co.uk

We may collect and process the following types of personal information:

• Names and job titles
   
• Professional contact details (email address, phone number, organisation name)
   
• Information submitted via contact forms or email
   
• Client correspondence and project-related materials
   
• Website usage data (via analytics tools or cookies)
   

Our services are intended for professional use and are not targeted at children under 16. We do not knowingly collect personal data from children.

Most personal information we process is provided directly by you, for example when you:

• Contact us to request a service or consultation
• Download a resource or subscribe to communications
• Engage us as a client or collaborator
   

We may also collect personal information indirectly from:

• Referrals from clients or professional contacts
• Public sources such as LinkedIn, professional websites, or Companies House
   

We use this information to:

• Respond to enquiries
• Provide consultancy and communication services
• Deliver downloadable guides and resources
• Maintain business records and improve services
• Analyse website traffic and engagement

We do not sell or rent your personal data to third parties.

We may share your information with:

• Legal or financial advisors where required (e.g. contracts, compliance, tax)
• Trusted service providers who support our website, cloud systems, or communications (e.g. web hosting, Microsoft 365)
   

With your consent, or where we have a legitimate interest, we may contact you with updates, guides, or insights that may be relevant to you. You can opt out at any time by:

• Clicking "unsubscribe" in any email
• Contacting privacy@reflectivestrategy.co.uk
   

We do not use your information for unsolicited marketing.

Under the UK GDPR, we rely on the following lawful bases to process personal data:

• (a) Consent – you may withdraw your consent at any time by contacting us
• (b) Contract – when we are providing services to you
• (f) Legitimate interest – such as responding to enquiries, delivering downloads, or maintaining records
   

Your information is securely stored in encrypted cloud-based systems (Microsoft 365). We take data security seriously, including the use of two-factor authentication (2FA) where possible to prevent unauthorised access.

We retain client and contact data for up to 5 years after our last communication, unless otherwise required or requested.

We dispose of personal information through secure deletion from our systems and backups in line with our data retention policy.

We may use AI-powered tools to support content drafting or internal workflows. We do not use AI to process personal data without consent or to make decisions about individuals.

When using AI, we minimise data input and follow responsible-use practices to ensure privacy is respected.

We do not transfer your personal data outside the UK or European Economic Area (EEA). If this changes in future, we will ensure appropriate safeguards are in place as required by law.

Our website uses cookies to help improve user experience, monitor engagement, and remember preferences. You will be prompted to accept or manage cookies when you visit the site.

For more details, see our Cookie Policy.

Under data protection law, you have the right to:

• Access your personal information
• Correct inaccurate or incomplete data
• Request deletion (right to be forgotten)
• Restrict how your data is processed
• Object to certain processing (e.g. direct marketing)
• Request transfer of your data (data portability)

You will not be charged for exercising your rights.

We will respond to any request within one month.

To make a request, please contact:

📧 privacy@reflectivestrategy.co.uk

We implement appropriate technical and organisational measures to protect your personal information from unauthorised access, disclosure, alteration, or loss.

Access to your data is limited to those with a business need. All third-party providers are subject to confidentiality agreements or privacy standards. We have procedures in place for data breaches, including notification if required by law.

If you have concerns about how we use your personal information, please contact us first at:

📧 privacy@reflectivestrategy.co.uk

You may also contact the UK Information Commissioner’s Office (ICO):

Information Commissioner’s Office

Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
📞 0303 123 1113
🌐 www.ico.org.uk

This policy may be updated from time to time. When we make material changes, we will update the "last updated" date at the top of this page.