🎙️ Latest episode available — Listen on Spotify
The Management Consultant
Projects Blog

Legal

Privacy Policy

Last updated: 23 February 2026

1. Introduction

Welcome to The Management Consultant (themanagementconsultant.co.uk). This privacy policy explains how we collect, use, store and protect your personal information when you visit our website or use our services.

This website is operated by Chris Cooper ("we", "us", "our"). We are committed to protecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

Information you provide directly

We collect personal information that you voluntarily provide when you:

  • Submit the contact form: Your name, email address, company name (optional), and message content.
  • Log in to the admin area: Email address and password (for authorised administrators only).

Information collected automatically

When you visit our website, we may automatically collect:

  • Technical data: IP address, browser type and version, operating system, referring URL, pages visited, time and date of your visit.
  • Cookies: We use essential cookies to ensure the website functions correctly. See section 6 for our full cookie policy.

3. How We Use Your Information

We use your personal information for the following purposes:

  • To respond to enquiries: When you submit the contact form, your details are sent to us via Slack so we can respond to your request.
  • To operate the website: Ensuring the site functions correctly and securely.
  • To improve our services: Understanding how visitors use the site to improve content and user experience.

4. Legal Basis for Processing

Under the UK GDPR, we rely on the following legal bases:

  • Consent: When you submit the contact form, you consent to us processing your data to respond to your enquiry.
  • Legitimate interests: To operate and improve the website and our services.

5. Third-Party Services

We use the following third-party services that may process your data:

  • Slack: Contact form submissions are delivered via Slack webhook. Slack's privacy policy applies to their processing of this data.
  • Cloudflare R2 (via AWS S3 protocol): We use Cloudflare R2 for storing uploaded images. No personal data is stored in these files.
  • Spotify: We embed links to our podcast on Spotify. If you click these links, Spotify's privacy policy will apply.
  • Bunny Fonts: We load fonts from Bunny Fonts (fonts.bunny.net), a GDPR-compliant font service that does not track users.
  • Laravel Cloud: Our website is hosted on Laravel Cloud. Their infrastructure processes your requests to serve web pages.

We do not sell, rent or share your personal information with third parties for marketing purposes.

6. Cookies

What are cookies?

Cookies are small text files placed on your device when you visit a website. They help the site function properly and can provide information to the site owner.

Cookies we use

Cookie Purpose Duration
XSRF-TOKEN Security token to prevent cross-site request forgery Session
laravel_session Manages your session on the website 2 hours
cookie_consent Remembers your cookie consent preference 1 year

We do not use any analytics, advertising or tracking cookies.

Managing cookies

You can control and delete cookies through your browser settings. Please note that disabling cookies may affect the functionality of this website.

7. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected:

  • Contact form submissions: Retained in our Slack workspace for as long as needed to respond to and manage your enquiry.
  • Website logs: Retained for up to 30 days for security and operational purposes.

8. Your Rights

Under the UK GDPR, you have the following rights:

  • Right of access: You can request a copy of the personal data we hold about you.
  • Right to rectification: You can request that we correct any inaccurate or incomplete data.
  • Right to erasure: You can request that we delete your personal data where there is no compelling reason for us to continue processing it.
  • Right to restrict processing: You can request that we limit the way we use your data.
  • Right to data portability: You can request a copy of your data in a structured, commonly used format.
  • Right to object: You can object to the processing of your personal data in certain circumstances.

To exercise any of these rights, please contact us using the details below.

9. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure or destruction. This includes using HTTPS encryption for all data transmitted between your browser and our servers.

10. Children's Privacy

This website is not intended for children under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions about this privacy policy or how we handle your personal data, please contact us:

  • Email: [email protected]
  • Phone: 0330 122 6544
  • Address: Delta House, 16 Bridge Road, Haywards Heath, RH16 1UA

If you are not satisfied with how we handle your complaint, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

We use essential cookies to ensure this website functions correctly. By continuing to browse, you agree to our use of cookies. Privacy Policy