Smarter Together
Smarter Together

Smarter Together Consulting Privacy Policy (B2B)

Last updated: February 2026

This privacy policy explains how Smarter Together Consulting Limited (“we”, “us”, “our”) collects, uses and protects your personal data.

1. Who we are

Smarter Together Consulting Limited is a UK-registered company providing consultancy and regulatory guidance services. If you have any questions about this policy or how we handle your data, please contact:

• Legal name: Smarter Together Consulting Limited

• Company number: 16808609

• Address: 4 Villiers Road, Kenilworth, CV8 2JB, United Kingdom

• Email: admin@smartertogether.uk

For the purposes of UK data protection law, we act as the data controller for the personal data described in this policy.

This Privacy Policy applies to personal data relating to:

• Business customers and their representatives

• Suppliers and service providers

• Professional advisers

• Website users acting in a business capacity

This policy does not apply to consumer (B2C) transactions unless expressly stated.

2. Personal data we collect

We collect and process the following professional contact information in a B2B context:

Business Contact Information

• Name

• Job title

• Company name

• Business email address

• Business telephone number

• Work postal address

Contract and Transaction Information

• Details of services provided

• Purchase history

• Invoices and payment details

Communications Data

• Emails and correspondence

• Call records (where applicable)

• Meeting notes

Technical Data

• IP address

• Browser type

• Device identifiers

• Website usage data

• CVs and professional profiles for associates/contractors

We work with our clients’ policy and process information, and do not intentionally process their staff or customer data as part of our services. We do not knowingly collect children’s data or special category personal data (such as health information). If we do, we will ensure an appropriate lawful basis applies.

3. How we collect personal data

We collect personal data when:

• You contact us by email, phone, web form or social media.

• We enter into, or discuss, a contract for services with you or your organisation.

• You sign up to receive updates from us.

• You visit our website, where we may collect IP address and usage data through cookies/analytics.

• We obtain it from publicly available sources such as company websites or Linkedin.

• You work with us as a supplier, associate or contractor.

4. How we use personal data and legal bases

Under UK GDPR, we must have a lawful basis to process personal data. In a B2B context, we use personal data for the following purposes and lawful bases under the UK GDPR:

1. Delivering consultancy and regulatory guidance services

o To plan, deliver and manage contracts, projects and services for clients.

o Legal basis: Contract.

2. Managing contracts, billing and accounts

o To issue proposals, contracts, invoices and manage payments.

o To keep appropriate business and tax records.

o To comply with tax, accounting and regulatory requirements.

o Legal basis: Contract and legal obligation.

3. Responding to enquiries

o To respond to emails, calls and other requests for information.

o To manage our business relationship with you

o Legal basis: Legitimate interests.

4. Sending occasional B2B updates and marketing

o To send relevant updates about our services, thought leadership and events to existing clients and appropriate business contacts.

o Legal basis: Legitimate interests(Subject to all relevant Consents and the ability to opt-out).

5. Website analytics and performance

o To understand how our website is used and to improve content and usability.

o Tools such as Google Analytics may be used for aggregated, anonymised statistics where possible.

o Legal basis: Legitimate interests and, where required, consent for non-essential cookies.

6. Managing suppliers, associates and contractors

o To maintain contact, assess suitability for projects (e.g. via CVs), and manage engagements.

o Legal basis: Contract and legitimate interests.

We do not use personal data for automated decision-making or profiling that produces legal or similarly significant effects.

5. Who we share personal data with

We only share personal data where necessary and appropriate, with:

• Microsoft 365 services (including Outlook, OneDrive and any Microsoft-based CRM), for email, document storage and contact management.

• Microsoft Teams, for online meetings and collaboration.

• Google Analytics, for website analytics.

• Any other relevant IT service provider or hosting provider

• Professional advisers, Payment processors, Regulators and authorities where required.

• Trusted suppliers, associates and contractors working with us on client engagements, under appropriate confidentiality and data protection terms.

We do not sell your personal data.

6. International transfers

As a UK-based organisation, we primarily store and process data within the UK. Some of our service providers (such as Microsoft and Google) may process personal data on servers located outside the UK and European Economic Area.

Where such transfers occur, we rely on appropriate safeguards such as UK adequacy regulations and/or Standard Contractual Clauses, the UK International Data Transfer Agreement (IDTA) implemented by our providers, or the UK Addendum to EU Standard Contractual Clauses.

7. Data retention – how long we keep data

We keep B2B personal data only for as long as necessary for the purposes described above and to meet legal, accounting and reporting requirements.

• Client and project records: up to 7 years after the end of the relevant engagement.

• Financial records (e.g. invoices, payment records): at least 6 years from the end of the financial year to which they relate.

• Enquiries that do not lead to work: up to 2 years from last contact.

• Mailing list/marketing contacts: until you unsubscribe or we remove inactive contacts (typically after around 2–3 years of inactivity).

• Associate/contractor CVs and contact details: while we actively work with you and for up to 6 years afterwards, unless deletion is requested and we are not required to keep them longer.

We may keep anonymised or aggregated data (which does not identify individuals) for longer.

We securely delete or anonymise data when no longer needed.

8. How we protect personal data

We take appropriate technical and organisational measures to protect personal data, including:

• Using reputable cloud providers with strong security standards.

• Restricting access to personal data to people who need it for their role.

• Using secure devices with password protection and, where available, encryption and multi-factor authentication.

• Using up-to-date software and security controls where possible.

• Requiring associates and contractors to uphold appropriate confidentiality and data protection standards.

9. Your rights

Under UK data protection law, you have rights in relation to your personal data, including the right to:

• Access your personal data.

• Correct inaccurate or incomplete personal data.

• Request deletion of your personal data in certain circumstances.

• Object to certain processing, including direct marketing.

• Restrict how we process your personal data in some cases.

• Withdraw consent where we rely on consent.

To exercise any of these rights, please contact:

• Email: admin@smartertogether.uk

• Post: Smarter Together Consulting Limited, 4 Villiers Road, Kenilworth, CV8 2JB, United Kingdom

We may need to verify your identity before responding and aim to respond within one month.

If you have concerns about how we handle your personal data, we would appreciate the opportunity to address your concerns first and try to resolve them informally. You may, however,

lodge a complaint with the UK Information Commissioner’s Office (ICO):

• Website: www.ico.org.uk

• Telephone: 0303 123 1113

10. Cookies and website analytics

What Are Cookies?

Cookies are small text files placed on your device when you visit our website. They help us operate the website effectively and understand how it is used.

Under the Privacy and Electronic Communications Regulations (PECR), we must obtain consent before placing non-essential cookies on your device. Where required, a cookie banner will appear when you first visit, giving information and, for non-essential cookies, a choice about whether to accept them. You can also manage cookies through your browser settings.

Types of Cookies We Use

1. Strictly Necessary Cookies

These cookies are essential for the operation of our website. They enable core functionality such as:

• Page navigation

• Security features

• Access to secure areas

• Remembering your cookie preferences

These cookies do not require your consent.

2. Analytics Cookies (Consent Required)

We use analytics cookies to understand how visitors use our website so we can improve its performance and usability.

These cookies may collect information such as:

• IP address (which may be truncated where possible)

• Browser type

• Pages visited

• Time spent on pages

• Referring website

We use this information in aggregated form and do not use it to identify individuals directly.

Examples of tools we may use:

• Google Analytics

• Microsoft Clarity

Analytics cookies are only placed on your device if you provide consent via our cookie banner.

You can withdraw your consent at any time by adjusting your cookie preferences.

3. Marketing Cookies (If Applicable)

Where used, marketing cookies may:

• Track visits across websites

• Help us measure marketing effectiveness

• Enable targeted advertising

These cookies are only used with your consent.

Lawful Basis

Under UK GDPR:

• Strictly necessary cookies are processed on the basis of our legitimate interests (Article 6(1)(f)) in operating a secure and functional website.

• Analytics and marketing cookies are processed on the basis of your consent (Article 6(1)(a)), as required under PECR.

You may withdraw consent at any time.

How Long Cookies Are Stored

Cookies may be:

Session cookies (deleted when you close your browser), or

Persistent cookies (stored for a set period, e.g. 12–24 months).

Specific retention periods depend on the cookie provider.

Managing Cookies

You can manage cookies by:

• Adjusting your browser settings

• Clearing cookies from your device

Please note that disabling strictly necessary cookies may affect website functionality.

11. Changes to this privacy policy

We may update this privacy policy from time to time, for example to reflect changes in our services or in data protection law.

The latest version will always be posted on our website and will show the date it was last updated.

12. B2B Marketing (UK PECR)

Under the UK Privacy and Electronic Communications Regulations (PECR):

• We may send marketing emails to corporate subscribers (e.g., info@company.co.uk) without consent.

• We may send marketing to individual corporate contacts where we consider it within our legitimate interests and it relates to their professional role.

• Where required, we will obtain consent before sending electronic marketing communications.

You can object to marketing at any time by:

• Clicking “unsubscribe” in any email

• Contacting admin@smartertogether.uk

We do not send unsolicited marketing to sole traders or partnerships without consent, unless the soft opt-in applies.