Privacy & Cookie Policy

Privacy & Cookie Policy 06/02/2026

• DeltaD Consulting Ltd (“we”, “us”, “our”) is committed to protecting your privacy and handling personal data transparently and securely.  This Privacy & Cookie Policy explains how we collect, use, store, and protect personal data when you visit our website, contact us, or engage our change management consultancy services. It applies in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

• We act as a Data Controller for the personal data described in this policy.

• For any questions about this policy or your personal data, please contact us using the details above.

Personal Data We Collect

• We may collect and process the following categories of personal data.

Information you provide to us

• Name
• Job title and organisation
• Email address
• Telephone number
• Information submitted via contact forms, emails, or meetings
• Contractual, proposal, and invoicing information
• Payment details (where applicable)

Information collected automatically

• When you use our website, we may automatically collect:
• IP address
• Browser type and version
• Device and operating system
• Pages visited and time spent on the site
• Referring website or source
• This data is collected using cookies and similar technologies.

Client and project-related data

• When delivering consultancy services, we may process limited personal data relating to client employees or stakeholders where necessary for the agreed scope of work.

How We Use Personal Data

• We use personal data only where lawful and necessary, including to:
• Respond to enquiries and requests
• Deliver consultancy and advisory services
• Prepare proposals, contracts, and invoices
• Manage client relationships and communications
• Improve our website, services, and operating model
• Meet legal, regulatory, and professional obligations
• Send relevant business communications where permitted
• We do not sell personal data.

Lawful Bases for Processing

• Under UK GDPR, we rely on one or more of the following lawful bases:
• Contract – processing necessary to perform or enter into a contract
• Legitimate interests – to operate and improve our consultancy business, where this does not override your rights
• Legal obligation – to comply with tax, accounting, or regulatory requirements
• Consent – where explicitly required (e.g. certain cookies or marketing)

Marketing Communications

• We may send business-related communications to corporate contacts where permitted under PECR and UK GDPR.
• You can opt out at any time by:
• Using the unsubscribe link in our emails, or
• Contacting us directly
• We do not conduct unsolicited mass marketing.

Sharing Personal Data

• We only share personal data where necessary and appropriate, including with:
• Professional advisers (e.g. accountants, legal advisers)
• IT, hosting, cloud storage, and email providers
• Payment processors (where applicable)
• Regulators, courts, or authorities where legally required
• All third parties are required to handle data securely and in line with applicable data protection laws.

International Transfers

• Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, such as:
• UK adequacy regulations, or
• Approved contractual safeguards
  

Data Security

• We implement appropriate technical and organisational measures to protect personal data, including:
• Secure systems and access controls
• Limited access on a need-to-know basis
• Encryption where appropriate
• Regular review of security practices
  

Cookies and Similar Technologies

• Cookies are small text files placed on your device when you visit a website. They help the site function correctly and provide information about usage.
• We may use the following categories of cookies:
• Strictly necessary cookies
• These cookies are required for the website to function properly and cannot be switched off.
• Analytics / performance cookies
• These cookies help us understand how visitors use our website (e.g. pages visited, traffic sources), allowing us to improve performance and usability.
• Analytics cookies are used only where permitted by law and may require your consent.
• Functional cookies
• These cookies remember your preferences and improve your experience (e.g. form inputs or settings).
• Managing cookies
• You can control or disable cookies through:
• Your browser settings, and/or
• Any cookie consent tool provided on our website
• Please note that disabling cookies may affect website functionality.
  

Data Retention

• We retain personal data only for as long as necessary for the purposes for which it was collected, including legal and professional obligations.
• Typical retention periods include:
• Client records: up to 7 years after engagement ends
• Enquiry data: up to 24 months if no engagement follows
• Marketing preferences: until withdrawn
  

Your Rights

• Under UK GDPR, you have the right to:
• Access your personal data
• Request correction of inaccurate or incomplete data
• Request erasure of personal data (where applicable)
• Restrict or object to processing
• Request data portability
• Withdraw consent at any time (where consent applies)
• To exercise your rights, contact us using the contact us on this website.

Complaints

• If you have concerns about how we handle your personal data, please contact us first so we can address the issue.
• You also have the right to lodge a complaint with the UK supervisory authority:
• Information Commissioner’s Office (ICO)
  Website: https://ico.org.uk
• ICO Registration: ZC086786
  

Changes to This Policy

• We may update this Privacy & Cookie Policy from time to time. Any changes will be posted on this page with the updated date shown above.