Privacy

Privacy Policy

Effective Date: 19 April 2026

At The CM Consultancy, discretion is not just a policy; it is my prerequisite. This document outlines my personal commitment to your privacy and the high standards of Data Minimisation I employ within my practice.

1. Data Controller

I am the data controller for this consultancy. For any enquiries regarding your data, you may contact me directly:

  • Email: info@the-cmconsultancy.co.uk
  • Address: [ ]

2. My Data Minimisation & Retention Policy

Unique to my commitment to Absolute Discretion, I operate a strict policy regarding the data of prospective and active clients:

  • Unsuccessful Enquiries: If an initial enquiry or preliminary discussion does not result in a scheduled session or formal engagement, I permanently delete all personal data, correspondence, and contact details provided via my website or email.
  • Secured Appointments: Once an appointment is secured via payment, I retain your contact details and the Confirmation of Appointment Session email as part of my professional record of service.
  • Financial Records: Per UK tax law, if you make a payment to my Client Business Account, I am required to retain records of that transaction for six years. This data is held securely and used solely for accounting purposes.
  • Engaged Clients: Data for long-term clients is held under a separate, high-security engagement contract and retained only for the duration required by law and professional insurance.

3. Information I Collect

I collect only the essential information required to facilitate our work:

  • Identity & Contact: Your name and email address.
  • Financial Data: Records of payments made for secured sessions (I do not see or store your bank login details; only the bank transfer record).
  • Project Context: High-level details regarding the complexity or change you are navigating.

4. Disclosure of Data

I do not sell, trade, or share your data with third parties. Your information is only accessible to me personally. The only exception is sharing transaction data with my professional accountant or as required by HMRC.

5. Your Rights

Under the UK GDPR, you have the right to access, rectify, or erase your data. Please note that my Zero-Retention Policy means that for many enquiries, your data will have already been securely destroyed by the time a request for erasure is made.