top of page

Privacy Policy

Last updated: 8 December 2025


SIM Consulting Ltd (“SIM Consulting”, “we”, “us”, “our”) is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose and protect your personal information when you visit our website or engage with us in the course of business.

 

We are a UK-based consulting business operating primarily within the United Kingdom. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

 

Please read this statement carefully to understand how we use your information.
If you have any questions, you can contact us using the details in Section 2.

 

1. Who We Are (Data Controller)

 

SIM Consulting Ltd is the data controller for the personal data we collect.

 

Company name: SIM Consulting Ltd
Registered address: Riverbank House, 1 Putney Bridge Approach, London, England, SW6 3JD
Company number: 07542204


This policy applies to:

 

Visitors to our website
Prospective clients and business contacts
Individuals who make enquiries or request information
Attendees of SIM Consulting workshops, training or events


This policy does not cover our internal employee/contractor data handling, which is governed by separate internal notices.

2. Contact Details
 

If you have any questions about this policy or your personal data, please contact:

Privacy Lead
SIM Consulting Ltd
Email: info@simconsulting.co.uk
Postal: Riverbank House, 1 Putney Bridge Approach, London, England, SW6 3JD


You may contact us at any time.

 

3. Types of Personal Data We Collect
We collect different categories of personal data depending on how you interact with us.

 

a) Data you provide directly
Name
Email address
Phone number
Job title and employer information
Project or enquiry details
Marketing preferences


b) Data we collect automatically
Through Cookiebot-controlled technologies, we may collect:


IP address (anonymised where possible)
Device type, browser type, operating system
Website usage patterns (pages visited, time spent, link clicks)
Referrer URLs


c) Data from third-party or public sources

 

LinkedIn (public profile information)
Company websites
Event registration tools
CRM and analytics tools

 

We do not intentionally collect sensitive or “special category” personal data through this website.

4. How We Use Your Personal Data (Purposes of Processing)
 

Purpose
Examples of Processing
Lawful Basis
Responding to enquiries
Emails, calls, meeting arrangements
Contract / Legitimate Interest
Providing consulting services
Proposals, project communication, reporting
Contract
Sending marketing communications
Newsletters, updates, event invitations
Legitimate Interest / Consent
Analytics & website optimisation
Measuring performance, improving content
Consent (via Cookiebot)
Operating our business
CRM, invoicing, internal record-keeping
Legitimate Interest / Legal Obligation
Legal compliance
Tax, audit, regulatory requirements
Legal Obligation


5. Our Legal Bases for Processing


We rely on the following lawful bases:


a) Contract
To respond to enquiries or deliver agreed consulting services.


b) Legitimate Interests


For example:


B2B marketing to individuals acting in a professional capacity
CRM management and business development
Website security and basic analytics
Maintaining business records


We have conducted a Legitimate Interest Assessment (LIA) to ensure our interests do not override your rights.


c) Consent


Used for:


Cookiebot-managed cookies (statistics, preferences, marketing)
Optional email sign-ups


You may withdraw consent at any time.


d) Legal Obligation


HMRC requirements, record-keeping and compliance matters.

 

6. Marketing Communications
 

We may send marketing emails to:


Individuals who have opted into communications, or
Individuals representing UK businesses where it is reasonable to expect B2B contact under legitimate interests.


You can unsubscribe at any time using the link in every email or by contacting us.


We do not sell or rent marketing lists.

7. Analytics
 

If you consent via Cookiebot, we use analytics tools (e.g., Google Analytics 4 with IP anonymisation) to understand how visitors engage with our website.

 

No personally identifiable analytics data is stored.


Data retention aligns with Cookiebot settings and analytics provider limits.

 

8. Third-Party Service Providers (Processors)
 

We work with trusted third parties who help us run our business, such as:

 

Website hosting & security providers
Analytics providers (e.g., Google Analytics)
Email delivery tools (e.g., Mailchimp, HubSpot)
CRM platforms
Cloud productivity software (e.g., Microsoft 365)
Event management tools


We ensure all suppliers:


Act only under our instructions
Meet UK GDPR security standards
Do not use your data for their own purposes

 

9. International Data Transfers


SIM Consulting primarily stores data in the UK.
Where service providers operate outside the UK, we use appropriate safeguards such as:


UK International Data Transfer Agreement (IDTA)
UK Addendum to EU Standard Contractual Clauses
Adequacy decisions (where applicable)


These ensure your data remains protected to UK GDPR standards.

10. How Long We Keep Your Personal Data
 

Type of Data
Retention Period
Enquiry correspondence
24 months
Marketing contacts
Until opt-out or after 3 years of inactivity
Client project records
Duration of contract + 7 years
Analytics data
As set by Cookiebot and provider limits
Legal/financial records
7 years (statutory requirement)

We securely delete or anonymise data when it is no longer needed.

11. How We Keep Your Data Secure
 

We use a combination of technical and organisational measures including:

 

Encryption and secure servers
Access controls and multi-factor authentication
Staff training and confidentiality controls
Regular security and compliance reviews
Data breach response processes


No method of transmission is 100% secure, but we take every reasonable step to protect your information.

12. Your Rights Under UK GDPR
 

You have the following rights:

 

Right to be informed about how your data is used
Right of access to your data
Right to rectification if data is inaccurate
Right to erasure (in certain circumstances)
Right to restrict processing
Right to object to legitimate interest or marketing
Right to data portability
Rights regarding automated decision-making (we do not use ADM)


To exercise these rights:

Email info@simconsulting.co.uk
We will respond within one month.

13. Complaints
 

If you have concerns about how we handle your data, please contact us first.


You also have the right to lodge a complaint with:
The Information Commissioner’s Office (ICO)
Website: https://ico.org.uk
Phone: 0303 123 1113

14. Changes to This Privacy Policy


We may update this policy from time to time. When we do, we will:

 

Update the “Last updated” date
Publish changes on this page

bottom of page