Privacy Notice

This privacy notice tells you what to expect us to do with your personal information.

Contact details

Email: hello@eliteprojectconsulting.co.uk

What information we collect, use, and why:

To provide and improve products and services for clients

We collect or use the following personal information:

  • Names and contact details

  • Addresses

  • Occupation

  • Transaction data (including payments and services purchased)

  • Usage data (how you use our website, products and services)

  • Video recordings

  • Audio recordings (e.g. calls)

  • Records of meetings and decisions

  • Account access information

  • Website user information

For information updates or marketing purposes

We collect or use:

  • Names and contact details

  • Addresses

  • Profile information

  • Marketing preferences

  • Purchase or account history

  • Website and app user journey information

To comply with legal requirements

We collect or use:

  • Name

  • Contact information

  • Any other personal information required to comply with legal obligations

For recruitment purposes

We collect or use:

  • Contact details (e.g. name, address, telephone number, email)

  • Date of birth

  • National Insurance number

  • Copies of passports or photo ID

  • Employment history (applications, references)

  • Education history (qualifications)

  • Right to work information

  • Criminal conviction data (e.g. DBS / Disclosure Scotland where applicable)

For dealing with queries, complaints or claims

We collect or use:

  • Names and contact details

  • Addresses

  • Payment details

  • Account information

  • Purchase or service history

  • Correspondence

Lawful bases and data protection rights

Under UK data protection law, we must have a lawful basis for collecting and using your personal information.

Your rights include:

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restriction of processing

  • Right to object

  • Right to data portability

  • Right to withdraw consent

You can find out more on the ICO’s website.

If you make a request, we will respond within one month.

To exercise your rights, contact us using the details above.

Our lawful bases for processing

Providing and improving services

  • Contract

  • Legitimate interests

We process personal data to deliver, manage, and improve our consulting services. This includes project delivery, communication, and tailoring solutions to client needs. We ensure processing is necessary, proportionate, and subject to appropriate safeguards.

Marketing and updates

  • Legitimate interests

We send relevant updates and insights to clients and professional contacts. We ensure communications are proportionate, relevant, and include clear opt-out options.

Legal obligations

  • Legal obligation

We process data where required to comply with applicable laws and regulations.

Recruitment

  • Contract

  • Legal obligation

  • Legitimate interests

We process candidate data to assess suitability, comply with employment law, and maintain fair recruitment processes.

Queries, complaints, and claims

  • Legal obligation

  • Legitimate interests

We use personal data to investigate and resolve issues, respond appropriately, and protect legal rights.

Where we get personal information from

  • Directly from you

  • Publicly available sources

  • Suppliers and service providers

  • Third-party marketing list providers (where applicable and lawful)

How long we keep information

We retain personal data only as long as necessary, including:

  • Client records: up to 6 years after contract end

  • Recruitment data: up to 12 months after decision

  • Marketing data: until you unsubscribe or disengage

We may retain data longer where required for legal or regulatory reasons.

Who we share information with

Data processors

We use trusted third-party service providers to support our operations:

  • External accountancy provider (UK)

    • Payroll, tax, and financial reporting

  • Cloud hosting and productivity provider (EU)

    • Email, file storage, collaboration tools

  • Time and billing provider (United States)

    • Time tracking, expenses, invoicing

  • Project management and collaboration provider (United States)

    • Project delivery, task management, collaboration

Other organisations

We may share personal information with:

  • Regulators, authorities, or law enforcement where required

  • Courts or legal advisers where necessary

  • Other parties where required by law

Sharing information outside the UK

Where necessary, we transfer personal data outside the UK in compliance with UK GDPR.

We ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses.

International transfers

Microsoft Ireland Operations Ltd

  • Location: Ireland (EU)

  • Safeguard: UK adequacy regulations

Smartsheet

  • Location: United States (US region)

  • Safeguard: UK International Data Transfer Agreement (IDTA) and Standard Contractual Clauses (SCCs)

Harvest, Inc

  • Location: United States

  • Safeguard: IDTA and SCCs

These safeguards ensure your personal data is protected to UK GDPR standards.

How we protect your information

We implement appropriate technical and organisational measures, including:

  • Access controls and authentication

  • Secure cloud infrastructure

  • Data minimisation principles

  • Staff confidentiality obligations

  • Regular review of processors and security practices

How to complain

If you have concerns about how we use your personal data, contact us using the details above.

If you remain dissatisfied, you can complain to:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline: 0303 123 1113

Website: https://www.ico.org.uk/make-a-complaint

Last updated

March 2026