Privacy Policy

Privacy Policy for Eliza Filby Associates Ltd.

Updated: May 2026

1. Introduction

At Eliza Filby Associates Ltd ("we", "our", "us"), we are committed to protecting the privacy and security of personal data. This Privacy Policy explains how we collect, use, store, and protect personal information in accordance with the UK General Data Protection Regulation (UK GDPR).

Eliza Filby Associates Ltd is the data controller for the purposes of UK data protection law.

For any questions regarding this policy or your personal data, please contact: harriet@elizafilby.com

2. What Information We Collect

We may collect and process the following categories of personal data:

  • Full name, address, email address, and phone number

  • Employment history, qualifications, and Right to Work documentation (for applicants and employees)

  • Professional details (for clients)

  • References and referee contact details

  • Payment and billing information

  • Equal opportunities and diversity data (where voluntarily provided and anonymised where appropriate)

  • Communications, meeting notes, and survey responses

  • Marketing preferences, newsletter subscriptions, and event registrations

  • Any other information you voluntarily provide to us

3. How We Collect Your Data

We collect personal data through:

  • Direct interactions, including emails, meetings, and website contact forms

  • Event participation and registrations

  • Newsletter sign-ups

  • Application forms, CVs, cover letters, and interviews

  • Contracts and business communications

  • Third-party references or referrals

4. Website Analytics

This website collects information about visitors and their interactions with the site in order to analyse traffic and improve website performance. This may include:

  • Information about your browser, network, and device

  • Web pages you visited before coming to this website

  • Your IP address

This information may also include details about your use of this website, including:

  • Clicks

  • Internal links

  • Pages visited

  • Scrolling

  • Searches

  • Timestamps

We use Squarespace as our website hosting and analytics provider. Squarespace processes this information on our behalf to help us understand website traffic and usage. You can read more about how Squarespace uses your data (site usage information of end users) for its own purposes in their Privacy Policy.

5. Cookies

This website uses cookies and similar technologies. Cookies are small text files stored on your device when you visit a website. Some cookies are strictly necessary for the operation and security of the website and are always active.

Analytics and performance cookies are only used where you have provided consent through our cookie banner. These cookies help us understand website traffic and visitor interactions.

Squarespace, our website hosting provider, may place cookies on this website for security, functionality, and analytics purposes. More information about Squarespace cookies can be found at: https://support.squarespace.com/hc/en-us/articles/360001264507-Cookies-and-Squarespace.

6. Online Webforms

When you submit information through a form on this website, we collect the information requested in order to respond to your enquiry, manage communications, or provide services.

This information is processed by Squarespace, our website hosting provider, on our behalf. Form submissions are sent to us via email and stored securely within our email systems.

7. Why We Collect Your Data

We collect personal data to:

  • Deliver services to clients

  • Manage employment and HR functions

  • Recruit and evaluate job candidates

  • Comply with legal and regulatory obligations

  • Communicate effectively and maintain records

  • Improve our services and business operations

8. Legal Basis for Processing

We process personal data under the following lawful bases:

  • Consent, for example where you subscribe to marketing communications

  • Contractual necessity, for example to provide services to clients

  • Legitimate interests, including operating and improving our services and business activities

  • Legal obligation, where processing is required by law

9. How We Use Your Data

We use your personal data to:

  • Communicate with you

  • Deliver services and insights

  • Send newsletters, updates, or marketing communications where consent has been provided

  • Analyse anonymised trends and feedback

  • Improve our services and offerings

You can unsubscribe from marketing communications at any time using the unsubscribe link in our emails or by contacting us directly.

10. Data Sharing

We do not sell your personal data.

We may share data with:

  • Trusted third-party service providers acting on our behalf

  • Payroll, administrative, or professional support providers

  • Internal staff, advisors, or contractors working under confidentiality obligations

  • Legal or regulatory authorities where required by law

All third-party providers are contractually required to process personal data securely and in accordance with applicable data protection laws.

11. How We Store and Protect Your Data

We implement appropriate technical and organisational measures to protect personal data, including:

  • Secure digital storage using encrypted platforms where appropriate

  • Access restricted to authorised personnel only

  • Regular review and deletion procedures

12. How Long We Keep Your Data

We retain personal data only for as long as necessary for the purposes outlined in this Privacy Policy, including to comply with legal, regulatory, tax, accounting, or reporting obligations. Where data is no longer required, it is securely deleted or anonymised.

13. International Transfers

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, including the use of Standard Contractual Clauses or other approved transfer mechanisms where required.

14. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data

  • Correct or update inaccurate information

  • Withdraw consent at any time

  • Request deletion of your personal data

  • Object to or restrict certain types of processing

  • Request transfer of your data in certain circumstances

  • Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise your rights, please contact: harriet@elizafilby.com

You also have the right to make a complaint to the ICO via: https://www.ico.org.uk

15. Contact Us

If you have any questions about this Privacy Policy or how we handle personal data, please contact: harriet@elizafilby.com.