PRIVACY POLICY

1. Introduction

This privacy notice explains how we collect, use and protect your personal data when you visit our website (www.catherinebennett.co.uk) or engage with our services. By providing us with your data, you confirm that you are over 13 years of age.

Catherine Bennett is the data controller, referred to as “we”, “us” or “our” in this notice.

2. Contact Details

Legal Entity: Catherine Bennett

Email: catherine@catherinebennett.co.uk

Phone: 07800 763760

ICO Registration Number: ZA053337

If you have any concerns about how we handle your data, we encourage you to contact us first. You also have the right to lodge a complaint with the UK’s Information Commissioner’s Office (ICO): www.ico.org.uk

Please keep us informed of any changes to your personal data to ensure it remains accurate and up to date.

3. What Data We Collect

Personal data refers to information that can identify an individual. We may collect the following categories of data:

  • Identity Data: Name, title, date of birth,  gender and marital status
  • Contact Data: Address, email address, phone numbers
  • Financial Data: Bank account information
  • Transaction Data: Details of payments and services provided
  • Sensitive Data (optional):
    • Relevant physical or mental health information (e.g., to tailor services)
    • Names of partners, children, pets, or household members
    • Cultural or religious information relevant to your belongings

Sensitive data will never be shared without your explicit consent.

Third party funded services: If someone else is funding your service, we may provide progress updates or share photos only with your express permission.

4. How We Collect Your Data

We collect data in the following ways:

  • Direct interactions: You provide information when you:
    • Enquire about services
    • Fill out a form
    • Subscribe or make a purchase
    • Give feedback or contact us by post, phone, or email

5. How We Use Your Data

We will only use your personal data when legally permitted. The most common uses are:

  • To respond to your enquiry
  • To provide services under a contract with you
  • To comply with legal or regulatory obligations
  • For our legitimate interests, such as internal record keeping or service improvement (where your rights do not override these interests)

We do not sell or rent your personal data to third parties.

6. Sharing Your Data

We may share your data with trusted third parties, including:

  • IT and system administration providers
  • Professional advisers (e.g., lawyers, bankers, accountants, insurers)
  • HM Revenue & Customs and other UK regulators, where legally required

All third parties are required to respect the security of your data and process it in accordance with the law. If data is transferred outside the UK or EEA, appropriate safeguards will be put in place.

7. Data Retention

We only retain personal data for as long as necessary:

  • Enquiries only: Basic contact details retained for 1 year
  • Former clients: Data retained for a minimum of 6 years from last contact, in line with HMRC requirements, or for the period required under industry standards and/or legal requirements, whichever is longer

After this time, your data will be securely deleted unless we are legally required to retain it longer.


8. Data Security

We implement appropriate technical and organisational security measures to protect your personal data from accidental loss, misuse, or unauthorised access. Access is limited to those who have a business need to know and are subject to confidentiality obligations.

9. Cookies and Third-Party Links

Our website may use cookies to enhance your experience. You can manage cookie preferences in your browser settings.
This site may also include links to third-party websites. Please review their privacy policies separately, as we do not control those sites.

10. Your Legal Rights

You have rights under data protection law, including to:

  • Request access to your personal data
  • Request correction of inaccurate data
  • Request erasure of your data
  • Object to the processing of your data
  • Request restriction of processing
  • Request the transfer of your data
  • Withdraw consent at any time.

You can see more about these rights at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

To exercise any of these rights, please email the Data Controller at catherine@catherinebennett.co.uk.
You will not have to pay a fee to access your data or exercise your rights, unless your request is unfounded, repetitive, or excessive. In such cases, we may charge a reasonable fee or refuse the request.

We may ask for proof of identity before releasing data. This is to ensure that personal data is not disclosed to anyone who does not have the right to receive it.

We aim to respond to all legitimate requests within one month. In complex cases or where multiple requests are made, we may take longer and will keep you informed.

 

Last updated: September 2025

BRINGING YOU A CLEAR CALM HOME