PRIVACY POLICY

Last updated: [March 2025]

At Ridgeflow Performance, your privacy matters. This Privacy Policy explains how we collect, use, and protect your personal information when you visit our website or use our services. We are committed to handling your data responsibly and in accordance with the UK General Data Protection Regulation (UK GDPR).

1. Who We Are

Ridgeflow Performance is a consultancy and training provider supporting individuals, teams, and organisations in performance, leadership, and wellbeing.

Data Controller: Ridgeflow Performance
📧 Contact: krener@ridgeflowperformance.com
🌐 Website: https://www.ridgeflowperformance.com

2. What Data We Collect

We may collect and process the following types of personal data:

  • Contact details: Name, email address, phone number, job title, organisation

  • Booking or service information: Session history, preferences, notes from consultations

  • Payment details: Billing information (processed securely through third-party providers)

  • Marketing preferences: Newsletter subscriptions or event registrations

  • Website usage data: IP address, browser type, device info, pages visited (via analytics tools)

3. How We Use Your Information

We use your personal data for the following purposes:

  • To deliver and manage our services

  • To respond to your inquiries and communicate with you

  • To manage bookings, payments, and invoicing

  • To send occasional newsletters, resources, or service updates (only if you opt in)

  • To improve our website and user experience through anonymised analytics

4. Legal Basis for Processing

We process your data under one or more of the following lawful bases:

  • Contractual necessity – to fulfil our service agreements with you

  • Consent – for marketing communications (you can withdraw consent anytime)

  • Legitimate interests – to improve our services and website

  • Legal obligation – for record keeping or regulatory compliance

5. How We Store and Protect Your Data

We take data protection seriously and implement appropriate technical and organisational measures to safeguard your data. Your information is stored securely on password-protected systems and only accessible to those who need it to carry out their work.

We do not store payment card details on our servers.

6. Data Sharing

We do not sell or trade your personal information. We may share data with trusted third-party service providers only when necessary for service delivery, such as:

  • Email marketing platforms (e.g., Mailchimp)

  • Scheduling or invoicing software

  • Web analytics tools (e.g., Google Analytics)

All third-party processors are GDPR-compliant and contractually bound to protect your data.

7. How Long We Keep Your Data

We retain personal data only for as long as necessary to fulfill the purpose for which it was collected, including legal and accounting requirements. For most client and service data, we keep records for up to 7 years.

8. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you

  • Correct inaccurate or outdated information

  • Request deletion of your data (where applicable)

  • Object to or restrict certain types of processing

  • Withdraw consent for marketing communications

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise your rights, contact us at [Insert email address].

9. Cookies

We use cookies and similar technologies to enhance your browsing experience and gather usage statistics. You can manage or disable cookies through your browser settings. For more details, see our [Cookie Policy].

10. Updates to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with the date of the latest revision.