How we handle your data.
What personal data this website collects, why, the legal bases we rely on, and the rights you have.
The essentials
Reachford is the data controller for personal data collected through this website. We collect only what we need, use it for the purposes described below, keep it no longer than necessary, and protect it with appropriate safeguards. We do not sell personal data.
To ask a question or exercise a right, use our contact page. We respond within the timeframes set by applicable law, generally within one month under the GDPR.
Privacy Policy
1. Who we are
Reachford is the data controller responsible for personal data collected through this website. Our principal office is in London, United Kingdom. For all privacy matters, contact us through our contact page.
2. Personal data we collect
We collect information you provide directly, such as your name, email address, organisation, and the contents of your messages when you contact us, book a call, or request a proposal. We also collect technical data automatically (such as IP address, browser, and device information) and, subject to your consent, usage data through cookies. See Cookie Settings for the categories involved. We do not collect special-category data through the site.
3. How and why we use your data
We use personal data to respond to your enquiries, provide what you request, operate and secure the site, understand and improve how it is used, and, where you have opted in, send you updates. We use it only for these purposes or for compatible purposes permitted by law.
4. Legal bases for processing
Under the GDPR we rely on: consent (analytics and marketing cookies, marketing emails); the performance of a contract or pre-contract steps (responding to a proposal request); our legitimate interests in operating, securing, and improving the site, balanced against your rights; and compliance with legal obligations. Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
6. International transfers
Where your data is transferred outside your home jurisdiction, including outside the European Economic Area or the United Kingdom, we put appropriate safeguards in place, such as the European Commission's Standard Contractual Clauses or equivalent mechanisms, so it remains protected to the standard required by applicable law.
7. How long we keep data
We keep personal data only as long as necessary for the purposes described here, including legal, accounting, and reporting requirements. When it is no longer needed, we delete or anonymise it securely.
8. How we protect data
We use appropriate technical and organisational measures against loss, misuse, and unauthorised access, and limit access to those who need it. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
9. Your rights under the GDPR
If you are in the European Economic Area or the United Kingdom, you have rights under the GDPR and UK GDPR, and we honour equivalent rights elsewhere. These include the rights to be informed, of access, to rectification, to erasure (next section), to restrict processing, to data portability, and to object to processing based on legitimate interests or to direct marketing.
You may withdraw consent at any time, and you have the right to lodge a complaint with your local data protection supervisory authority. To exercise any right, contact us; we may need to verify your identity, and we respond within the timeframes required by law.
10. Right to erasure
Under Article 17 of the GDPR you can ask us to erase the personal data we hold about you. We will do so without undue delay where a GDPR ground applies, for example: the data is no longer necessary, you withdraw the consent processing relied on, you object and no overriding legitimate ground exists, the processing was unlawful, or erasure is required by law.
The right is not absolute: we may keep certain data where the law requires or permits it, for example to defend legal claims. If we cannot fully erase your data, we will explain why. To make a request, contact us through our contact page.
12. Advertising
Parts of this website may display advertising served by third-party advertising partners, such as Google AdSense or Ezoic. These partners may use cookies and similar identifiers to serve and measure ads and, with your consent, to personalise them based on your visits to this and other websites.
Where advertising is personalised, Google and other vendors use advertising cookies as described in Google's advertising technology policies (see "How Google uses information from sites or apps that use our services", available at policies.google.com/technologies/partner-sites). Visitors in the European Economic Area, the United Kingdom, and Switzerland are shown ads only on the legal basis selected through our consent banner, and non-personalised ads are served where consent for personalisation is not given.
You can review or withdraw your advertising consent at any time on our cookie settings page, opt out of personalised advertising from Google at adssettings.google.com, and learn about opting out of interest-based advertising generally at youradchoices.com and aboutads.info.
This section applies from the moment advertising is enabled on the site. Ad slots are always labelled where third-party advertising is shown.
13. Children's privacy
This website is intended for business audiences and is not directed at children. We do not knowingly collect personal data from children; if you believe a child has provided us data, contact us so we can address it.
14. Changes to this policy
We may update this policy to reflect changes in our practices or the law. The version in force is the one published here. Where the law requires it, we will notify affected individuals of material changes.
15. How to contact us
For questions about this policy, data requests, or concerns, reach us through our contact page.
Make a privacy request.
Contact us and your request will be handled in accordance with applicable data protection law.