Summary: We collect only the information you voluntarily provide (via our contact form), use it solely to respond to your enquiry, and never sell or share it with third parties for marketing purposes. You have full rights over your data under UK GDPR.
1. Who We Are
Headland Marketing ("we", "us", "our") is a marketing consultancy based in the North East of England, operating as data controller for the purposes of UK data protection law.
- Business name: Headland Marketing
- Contact: Use our contact form
- Website: headlandmarketing.co.uk
- Location: North East England, United Kingdom
This Privacy Policy applies to personal data collected through headlandmarketing.co.uk and associated subdomains.
2. What Data We Collect
We collect personal data in the following circumstances:
2.1 Contact & Enquiry Form
When you submit our mentoring enquiry or application form, we collect:
- Full name
- Email address
- Company or brand name (optional)
- Phone number (optional)
- Approximate annual revenue (optional)
- Your message or enquiry details
2.2 Technical / Usage Data
When you visit our website, our hosting provider (Netlify) may automatically collect limited technical data including your IP address and basic browser information as part of normal server logging. We do not currently use analytics software to track your behaviour on our site.
2.3 Cookie Data
We set a cookie to remember your cookie consent choice. Please see our Cookie Policy for full details.
3. How We Use Your Data
| Purpose | Data Used | Legal Basis (UK GDPR) |
|---|---|---|
| Responding to your enquiry about our mentoring programme | Name, email, phone, message | Legitimate interests (Art. 6(1)(f)) — or pre-contractual steps (Art. 6(1)(b)) |
| Maintaining records of business communications | Name, email, correspondence | Legitimate interests |
| Improving our website and services | Aggregated, anonymised usage data | Legitimate interests |
| Complying with legal obligations | As required by applicable law | Legal obligation (Art. 6(1)(c)) |
We do not use your data for automated decision-making or profiling. We do not send marketing emails without your explicit consent.
4. Legal Basis for Processing
Under the UK General Data Protection Regulation (UK GDPR), we rely on the following legal bases:
- Legitimate interests: Processing is necessary for the purposes of our legitimate business interests (responding to enquiries, maintaining business records), provided these are not overridden by your rights and interests.
- Pre-contractual steps: Where your enquiry relates to entering into a contract with us.
- Legal obligation: Where we are required by law to process your data.
- Consent: Where we specifically ask for your consent (e.g. for non-essential cookies). You may withdraw consent at any time.
5. Who We Share Your Data With
We do not sell, rent, or trade your personal data with any third parties for marketing or commercial purposes.
We may share your data with trusted third parties only as necessary:
| Recipient | Purpose | Location |
|---|---|---|
| Netlify, Inc. | Website hosting and form submission processing | USA (Standard Contractual Clauses in place) |
| Google LLC | Fonts CDN (no personal data collected beyond server logs) | USA (Standard Contractual Clauses in place) |
We may also disclose your data where required to do so by law, court order, or regulatory authority.
6. How Long We Keep Your Data
We retain personal data only for as long as necessary for the purposes set out in this policy:
- Enquiry / contact form data: Retained for up to 2 years from last contact, unless you become a client (in which case standard business retention periods apply).
- Technical / server logs: Automatically deleted by our hosting provider after 30 days.
- Cookie consent records: Stored in your browser for up to 1 year.
7. Your Rights Under UK GDPR
You have the following rights regarding your personal data. To exercise any of these rights, please contact us using our contact form at headland.marketing. We will respond within one month.
Right of Access
Request a copy of the personal data we hold about you (Subject Access Request).
Right to Rectification
Ask us to correct any inaccurate or incomplete personal data we hold about you.
Right to Erasure
Ask us to delete your personal data where there is no longer a legitimate reason for us to hold it.
Right to Restrict Processing
Ask us to limit how we use your data in certain circumstances.
Right to Data Portability
Receive your personal data in a structured, commonly used format.
Right to Object
Object to processing based on our legitimate interests. We will stop unless we have compelling grounds to continue.
Right to Withdraw Consent
Where we rely on your consent to process data (e.g. non-essential cookies), you can withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.
Right to Complain
You have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection:
- Website: ico.org.uk/make-a-complaint
- Helpline: 0303 123 1113
8. Data Security
We take appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, disclosure, alteration, or destruction. Our website is served over HTTPS (TLS encryption), and form submissions are processed securely via our hosting provider.
Whilst we take all reasonable precautions, no data transmission over the internet or storage system can be guaranteed as completely secure. If you have concerns about how we handle your data, please contact us.
9. International Transfers
Some of our service providers (Netlify, Google) are based in the United States. Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements, including the use of Standard Contractual Clauses (SCCs) approved by the UK ICO or the UK International Data Transfer Agreement (IDTA).
10. Children's Privacy
Our website and services are intended for business owners and professionals aged 18 and over. We do not knowingly collect personal data from anyone under the age of 18. If we become aware that we have inadvertently received data from a person under 18, we will delete it promptly.
11. Links to Other Websites
Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to read their individual privacy policies.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. For significant changes, we will make this prominent on our website. We recommend checking this page periodically.
13. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:
- Contact: Use our contact form
- Website: headlandmarketing.co.uk
- Data Controller: Headland Marketing, North East England, United Kingdom
We will respond to all requests within one calendar month. For complex requests, we may extend this by a further two months, but we will let you know within the first month.