Data Protection & Privacy Statement 

Beetroot Consulting Ltd 

At Beetroot Consulting Ltd, we take your privacy, data rights, and trust seriously. We are committed to handling all personal data lawfully, transparently, and securely — in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018

This statement outlines how we manage data responsibly when you work with us, contact us, or visit our website. 

1. Who We Are 

Beetroot Consulting Ltd is a UK-based consultancy offering services in IT strategy, systems development, facilitation, research, and organisational support. 

We act as a Data Controller for the information we collect from our clients, partners, suppliers, and website users, and a Data Processor when handling data on behalf of our clients. 

2. What Information We Collect 

We may collect and store personal data when you: 

  • Make an enquiry or contact us via email or web form 

  • Contract with us for services or consultancy 

  • Attend an event or workshop we host 

  • Provide feedback, testimonials, or referrals 

  • Request access to our services, policies, or secure platforms 

This can include your name, contact details, role or organisation, correspondence history, and (in limited cases) sensitive or special category data — always with care and purpose. 

3. How and Why We Use Your Data 

We will only use your personal information where we have a lawful basis to do so. This may include: 

  • Responding to your enquiries or service requests 

  • Delivering contracted services or collaborations 

  • Managing business operations, billing, and project communications 

  • Meeting our legal, regulatory, or contractual obligations 

  • Improving our services and digital presence 

We do not use your data for profiling, automated decision-making, or unsolicited marketing. We will never sell or share your information with third parties for commercial purposes. 

4. Your Rights 

You have rights over your personal data, including: 

  • The right to access a copy of your data 

  • The right to request correction or deletion 

  • The right to object to or restrict certain types of processing 

  • The right to withdraw consent (where relevant) 

To exercise these rights, or to make a data-related request, contact us at info@beetrootconsulting.co.uk. 

We will respond to all data rights requests within 30 days, unless an exemption applies. 

5. Data Security 

We take data security seriously and implement appropriate technical and organisational measures to protect your information from loss, misuse, or unauthorised access. 

This includes: 

  • Secure digital platforms (e.g. Google Workspace with MFA) 

  • Encrypted file storage and access controls 

  • Privacy training and policies for all staff and associates 

  • Regular data protection reviews 

We are aligned with the Cyber Essentials Plus standard and take a proactive approach to digital risk. 

6. Data Sharing and Storage 

We only share personal data where necessary, such as: 

  • With trusted service providers (e.g. cloud hosting) under strict data processing agreements 

  • With clients where the information is relevant and lawful 

  • Where required by law or with your explicit consent 

We store data securely in the UK or with providers who meet UK adequacy standards. 

7. Cookies and Website Use 

Our website uses minimal cookies and does not track personal data unless you choose to submit a form or email us. Any web analytics are anonymised and used solely to improve accessibility and performance. 

8. Contact and Complaints 

For any questions about this statement or your data, please contact: 
Data Protection Lead 
kanika@beetrootconsulting.co.uk
  

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has been misused: 
🔗 www.ico.org.uk