Privacy Policy

1. Information We Collect

Information You Provide

When you use our validation services or download our pre-launch checklist, we collect:

• Contact Information: Name, email address, company name (if provided)
• Project Information: Details about your project or idea that you share with us
• Communication Records: Messages you send via email or contact forms

Information Collected Automatically

When you visit our website, we automatically collect:

• Analytics Data: Page views, time on site, pages visited (via Plausible Analytics - privacy-focused, no cookies)
• Technical Information: Browser type, device type, operating system
• Usage Data: Which CTAs you click, which pages you view

2. How We Use Your Information

We use your information to:

• Deliver Services: Provide validation sprints, consultations, and lead magnets you request
• Communicate: Send you the resources you requested (e.g., pre-launch checklist)
• Improve Our Services: Understand how visitors use our site to improve user experience
• Personalize Experience: Remember your preferences and tailor content
• Legal Compliance: Meet legal and regulatory requirements

3. How We Share Your Information

We do not sell your personal information. We only share your information in these limited circumstances:

• Service Providers: Email delivery (e.g., ConvertKit), analytics (Plausible), payment processing (if applicable)
• Legal Requirements: If required by law or to protect our legal rights
• Business Transfers: In the event of a merger, acquisition, or sale of assets

4. Data Retention

We retain your information for as long as:

• Your account or subscription is active
• Needed to provide you with services
• Required by law (typically 6 years for business records in the UK)

After this period, we securely delete or anonymize your data.

5. Your Rights (UK GDPR & CCPA)

You have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we use your data
• Portability: Receive your data in a machine-readable format
• Object: Object to processing of your data for marketing purposes
• Withdraw Consent: Opt out of communications at any time

To exercise any of these rights, email us at: tom@tomeldridge.co.uk

6. Cookies & Tracking

We use minimal tracking:

• Plausible Analytics: Privacy-focused analytics, no cookies, GDPR-compliant
• Local Storage: Used for A/B test variant assignment (expires after 30 days)
• No Third-Party Cookies: We don't use Google Analytics, Facebook Pixel, or other invasive trackers

7. Data Security

We protect your information using:

• HTTPS encryption for all data transmission
• Secure, reputable third-party services (all GDPR-compliant)
• Regular security reviews and updates
• Limited access - only authorized personnel can access your data

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

8. Children's Privacy

Our services are not directed to anyone under 16. We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately.

9. International Data Transfers

Your information may be processed in countries outside the UK/EU. When we transfer data internationally, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses, Privacy Shield frameworks).

10. Changes to This Policy

We may update this privacy policy from time to time. We'll notify you of significant changes by:

• Updating the "Last updated" date at the top
• Sending an email (if you've provided your email address)
• Posting a notice on our website

11. Contact Us

If you have questions about this privacy policy or how we handle your data, contact us:

• Email: tom@tomeldridge.co.uk
• Website: decide.tomeldridge.co.uk

← Back to Previous Page