Privacy Policy

Problem Solving Catalyst
Effective Date: 1 January 2026
Last Updated: 6 February 2026

1. Introduction

Problem Solving Catalyst (“we,” “us,” “our”) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website at www.problemsolvingcatalysts.co.uk (the “Website”) or engage with our services.

We are the data controller responsible for your personal data. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Contact Information:
For privacy enquiries or to exercise your data rights, contact:
Email: legal@problemsolvingcatalysts.co.uk
Website: www.problemsolvingcatalysts.co.uk

Information Commissioner’s Office (ICO):
If you have concerns about our data practices, you can contact the ICO:
Website: www.ico.org.uk
Helpline: 0303 123 1113

2. Information We Collect

2.1 Information You Provide Directly

When Booking Services:

  • Full name
  • Email address
  • Phone number
  • Business name and industry
  • Payment information (processed by Stripe)
  • Booking preferences and requirements
  • For general 1-2-1 sessions: Information provided in enquiry form about your specific business challenges

When Purchasing Products:

  • Name and email address
  • Payment information (processed by Stripe)
  • Delivery information (for physical products)

When Using Our Website:

  • Contact form submissions
  • Newsletter subscription details
  • Account registration information
  • Communications with us (email, phone, messaging)

During Service Delivery:

  • Business information you share during sessions
  • Session notes and materials
  • Implementation progress and feedback
  • Testimonials and reviews (with your consent)

2.2 Information Collected Automatically

Website Usage Data:

  • IP address
  • Browser type and version
  • Operating system
  • Referring website
  • Pages visited and time spent
  • Date and time of visit
  • Device information

Cookies and Tracking Technologies:

  • Session cookies (essential functionality)
  • Analytics cookies (Google Analytics)
  • Marketing cookies (with consent)
  • Preference cookies (settings you choose)

See Section 9 for detailed cookie information.

2.3 Information from Third Parties

Payment Processors (Stripe):

  • Payment confirmation data
  • Transaction details
  • Fraud prevention information

Booking System (Amelia):

  • Booking confirmation details
  • Appointment scheduling data

Email Service Provider:

  • Email delivery statistics
  • Open rates and click rates
  • Unsubscribe requests

Social Media:

  • If you interact with our social media posts, we may see publicly available profile information

3. How We Use Your Information

3.1 Legal Basis for Processing

We process your personal data under the following legal grounds:

Contract Performance:

  • To provide services you have booked
  • To process payments
  • To send booking confirmations and service-related communications
  • To deliver digital products

Legitimate Interests:

  • To improve our services and website
  • To prevent fraud and ensure security
  • To analyse website usage and customer behaviour
  • To send marketing communications (with easy opt-out)
  • To enforce our Terms and Conditions

Legal Obligation:

  • To comply with tax and accounting requirements
  • To respond to legal requests and court orders
  • To prevent illegal activity

Consent:

  • To send marketing emails (you can withdraw consent anytime)
  • To use cookies beyond essential ones
  • To publish testimonials with identifying information
  • To send you information about similar services (soft opt-in under PECR)

3.2 Specific Uses

Service Delivery:

  • Scheduling and confirming appointments
  • Conducting coaching sessions and workshops
  • Providing materials and resources
  • Follow-up communications and support
  • Maintaining service quality

Payment Processing:

  • Processing transactions
  • Sending receipts and invoices
  • Managing refunds and disputes
  • Preventing fraud

Communication:

  • Responding to enquiries
  • Sending service updates
  • Providing customer support
  • Sending booking reminders

Marketing (with your consent or soft opt-in):

  • Sending newsletters and updates
  • Promoting new services and workshops
  • Sharing relevant content and resources
  • Informing you about special offers

Website Improvement:

  • Analysing website performance
  • Understanding user behaviour
  • Improving user experience
  • Testing new features

Legal and Safety:

  • Enforcing terms and conditions
  • Protecting against fraud
  • Complying with legal obligations
  • Defending legal claims

4. How We Share Your Information

4.1 Third-Party Service Providers

We share your data with trusted third parties who help us operate our business:

Payment Processing:

  • Stripe: Processes all card payments securely
  • Purpose: Payment processing, fraud prevention
  • Location: UK/EEA with appropriate safeguards
  • Privacy Policy: stripe.com/privacy

Booking System:

  • Amelia (WordPress plugin): Manages appointment bookings for The Pricing Lab
  • Purpose: Scheduling, appointment management, reminders
  • Location: Data stored on our UK-hosted server
  • Privacy Policy: wpamelia.com/privacy-policy

Forms System:

  • Gravity Forms (WordPress plugin): Processes enquiry forms for general 1-2-1 session requests
  • Purpose: Collecting client enquiries, custom quote requests
  • Location: Data stored on our UK-hosted server
  • Privacy Policy: gravityforms.com/privacy-policy

Email Communications:

  • Email service provider (e.g., ConvertKit, Mailchimp, or similar)
  • Purpose: Sending newsletters, booking confirmations, marketing emails
  • Location: UK/EEA or with appropriate safeguards
  • You can unsubscribe anytime

Website Hosting:

  • Hosting provider: Hosts our WordPress website
  • Purpose: Website availability and performance
  • Location: UK-based server
  • Data stored: All website, booking, and enquiry form data

Analytics:

  • Google Analytics: Website traffic analysis
  • Purpose: Understanding website usage, improving user experience
  • Privacy: IP addresses anonymised
  • Privacy Policy: policies.google.com/privacy
  • Opt-out: Via browser settings or Google Analytics Opt-out

Event Management:

  • Eventbrite: Processes workshop ticket sales
  • Purpose: Event registration, ticketing, attendee management
  • Location: UK/EEA with appropriate safeguards
  • Privacy Policy: eventbrite.co.uk/support/articles/en_US/Troubleshooting/eventbrite-privacy-policy

Accounting and Tax:

  • Accounting software: For financial record-keeping
  • Purpose: Tax compliance, invoicing, financial reporting
  • Access: Limited to necessary financial data only

4.2 Legal Requirements

We may disclose your information if required by law:

  • To comply with legal obligations
  • To respond to court orders or legal processes
  • To protect our rights and property
  • To prevent fraud or criminal activity
  • To protect health and safety

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets:

  • Your data may be transferred to the new owner
  • You will be notified of any change in data controller
  • Your rights under UK GDPR will continue

4.4 What We Don’t Do

We never:

  • Sell your personal data to third parties
  • Share your data for others’ marketing purposes (without consent)
  • Send spam
  • Use your data for purposes not disclosed in this policy

5. International Data Transfers

5.1 UK and EEA Processing

Your data is primarily stored and processed within the United Kingdom and European Economic Area (EEA).

5.2 Transfers Outside UK/EEA

Some service providers may process data outside the UK/EEA. Where this occurs:

  • We use providers in countries with adequate data protection (e.g., USA under UK-US Data Bridge)
  • We implement Standard Contractual Clauses (SCCs) approved by UK authorities
  • We ensure appropriate safeguards are in place

5.3 Specific Third Parties

Stripe: May process payment data globally with appropriate safeguards
Google Analytics: May process anonymised data in USA with safeguards
Email Provider: Data stored in UK/EEA or USA with appropriate protections

6. How Long We Keep Your Data

6.1 Retention Periods

Booking and Payment Records:

  • Retained for 7 years after final transaction
  • Legal requirement: Tax and accounting obligations (HMRC)

Service Delivery Records:

  • Session notes and materials: 3 years after final session
  • Or until you request deletion (subject to legal obligations)

Marketing Communications:

  • Email addresses: Until you unsubscribe
  • Marketing consent records: 3 years after withdrawal

Website Analytics:

  • Anonymised data: Retained indefinitely for trend analysis
  • IP addresses: Anonymised after 26 months (Google Analytics default)

Correspondence:

  • Email communications: 3 years after last interaction
  • Or until you request deletion

Legal Claims:

  • Data relevant to legal claims: Retained until claim is resolved plus 6 years

Testimonials:

  • Published testimonials: Until you request removal
  • We may retain anonymised versions after removal

6.2 Deletion

After retention periods expire:

  • Data is securely deleted or anonymised
  • Anonymised data may be retained for statistical purposes
  • Some data may need to be retained for legal compliance

6.3 Early Deletion Requests

You can request early deletion (see Section 7), but we may need to retain data for:

  • Completing ongoing services
  • Resolving disputes
  • Legal compliance
  • Defending legal claims

7. Your Data Protection Rights

Under UK GDPR, you have the following rights:

7.1 Right of Access

  • Request a copy of your personal data
  • Understand how we use your data
  • First copy is free; reasonable fee for additional copies
  • We will respond within one month

7.2 Right to Rectification

  • Correct inaccurate personal data
  • Complete incomplete data
  • We will update records promptly

7.3 Right to Erasure (“Right to be Forgotten”)

  • Request deletion of your personal data
  • Applies when:
    • Data no longer necessary for original purpose
    • You withdraw consent
    • You object to processing and no overriding legitimate grounds exist
    • Data processed unlawfully
  • Exceptions: We may need to retain data for legal obligations or legal claims

7.4 Right to Restrict Processing

  • Limit how we use your data while we:
    • Verify accuracy of disputed data
    • Consider your objection to processing
  • We may still store data but not use it

7.5 Right to Data Portability

  • Receive your data in structured, machine-readable format (CSV, JSON)
  • Transfer data to another service provider
  • Applies to data you provided under contract or consent

7.6 Right to Object

  • Object to processing based on legitimate interests
  • Object to direct marketing (we will stop immediately)
  • Object to automated decision-making (if applicable)

7.7 Right to Withdraw Consent

  • Withdraw consent at any time where processing is based on consent
  • Unsubscribe from marketing emails via unsubscribe link
  • Does not affect lawfulness of processing before withdrawal

7.8 Right to Lodge a Complaint

  • Contact the Information Commissioner’s Office (ICO):
    • Website: www.ico.org.uk
    • Helpline: 0303 123 1113
    • Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

7.9 How to Exercise Your Rights

Contact us:
Email: legal@problemsolvingcatalysts.co.uk

Include:

  • Your full name
  • Email address used for services
  • Specific right you wish to exercise
  • Any relevant details

Response Time:

  • We will respond within one month
  • May extend by two months for complex requests
  • We will explain any delays

Verification:

  • We may request ID to verify your identity
  • This protects your data from unauthorised access

No Fee:

  • Exercising your rights is free
  • We may charge reasonable fee for excessive or repeat requests

8. Security Measures

8.1 How We Protect Your Data

Technical Measures:

  • SSL/TLS encryption for all website data transmission
  • Secure password protection (hashed and salted)
  • Regular security updates and patches
  • Firewall and intrusion detection systems
  • Encrypted backups

Organisational Measures:

  • Access controls (staff only access data they need)
  • Staff training on data protection
  • Confidentiality agreements
  • Regular security audits
  • Incident response procedures

Payment Security:

  • PCI DSS compliant payment processing via Stripe
  • We do not store complete card details
  • Card data encrypted at all times

8.2 Your Responsibility

Keep Login Details Secure:

  • Use strong, unique passwords
  • Do not share account credentials
  • Log out after using shared devices

Report Security Issues:

  • Contact us immediately if you suspect unauthorised access
  • Email: legal@problemsolvingcatalysts.co.uk

8.3 Data Breaches

Our Commitment:

  • We will notify you within 72 hours if a breach affects your rights
  • We will notify the ICO as required by law
  • We will take immediate steps to mitigate harm

What We’ll Tell You:

  • Nature of the breach
  • Likely consequences
  • Measures we’re taking
  • Steps you can take to protect yourself

9. Cookies and Tracking Technologies

9.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us:

  • Remember your preferences
  • Understand how you use our site
  • Improve user experience
  • Provide relevant content

9.2 Types of Cookies We Use

Essential Cookies (Always Active):

  • Purpose: Website functionality, security, authentication
  • Examples: Session management, shopping cart, security
  • Legal Basis: Necessary for service delivery
  • Cannot be disabled: Required for website operation

Analytics Cookies (Optional):

  • Purpose: Understand website usage, improve performance
  • Provider: Google Analytics
  • Data Collected: Pages visited, time on site, referral source (IP anonymised)
  • Legal Basis: Consent
  • Privacy: https://policies.google.com/privacy

Marketing Cookies (Optional):

  • Purpose: Track effectiveness of marketing campaigns
  • Providers: Facebook Pixel, LinkedIn Insight Tag (if used)
  • Legal Basis: Consent
  • Opt-out: Via cookie banner or browser settings

Preference Cookies (Optional):

  • Purpose: Remember your settings and preferences
  • Examples: Language preference, cookie consent choices
  • Legal Basis: Legitimate interest

9.3 Cookie Duration

Session Cookies:

  • Deleted when you close your browser
  • Used for essential functions

Persistent Cookies:

  • Remain on device for set period (varies: 24 hours to 2 years)
  • Used for analytics and preferences
  • Google Analytics: 26 months

9.4 Managing Cookies

Cookie Banner:

  • You can accept or reject non-essential cookies via our cookie banner
  • Appears on first visit
  • You can change settings anytime

Browser Settings:

  • Most browsers allow you to:
    • Block all cookies
    • Block third-party cookies only
    • Delete cookies after browsing
    • Receive notification before accepting cookies

Browser-Specific Instructions:

  • Chrome: Settings > Privacy and Security > Cookies
  • Firefox: Options > Privacy & Security > Cookies
  • Safari: Preferences > Privacy > Cookies
  • Edge: Settings > Privacy > Cookies

Warning: Blocking essential cookies may prevent website functionality.

Google Analytics Opt-Out:

  • Install browser add-on: tools.google.com/dlpage/gaoptout

9.5 Third-Party Cookies

Embedded Content:

  • YouTube videos (if embedded): May set cookies
  • Social media share buttons: May set cookies if you interact

Our Policy:

  • We minimise third-party cookies
  • We only embed content necessary for user experience
  • Third-party cookies subject to their privacy policies

9.6 Do Not Track (DNT)

  • We respect browser DNT settings where supported
  • Note: DNT is not universally recognised by all websites

10. Children’s Privacy

10.1 Age Restriction

Our services are intended for adults aged 18 and over. We do not knowingly:

  • Collect data from children under 18
  • Market services to children
  • Allow children to book services

10.2 Parental Discovery

If we learn we have collected data from a child under 18:

  • We will delete it immediately
  • We will not use the data
  • We will not share the data

10.3 Parents/Guardians

If you believe your child has provided us with personal data:

  • Contact us immediately: legal@problemsolvingcatalysts.co.uk
  • We will delete the data promptly

11. Marketing Communications

11.1 Types of Marketing

Email Marketing:

  • Newsletters with tips and resources
  • New service and workshop announcements
  • Special offers and promotions
  • Relevant business content

Frequency:

  • Weekly newsletter (approximately)
  • Service announcements as relevant
  • We will not overwhelm you with emails

11.2 Legal Basis

Existing Clients (Soft Opt-In):

  • If you are an existing client, we may send marketing about similar services
  • Legal basis: Legitimate interest under PECR (Privacy and Electronic Communications Regulations)
  • You can opt out at any time

New Subscribers:

  • Marketing requires your explicit consent
  • Given via newsletter signup form or checkbox

11.3 How to Unsubscribe

Every Marketing Email Includes:

  • Clear unsubscribe link (bottom of email)
  • One-click unsubscribe process
  • No need to log in

Alternative Methods:

  • Email legal@problemsolvingcatalysts.co.uk with “Unsubscribe” in subject
  • Update preferences in your account settings (if applicable)

Processing Time:

  • Unsubscribe requests processed within 2 business days
  • You may receive emails already scheduled before we process your request

11.4 Transactional Emails

Service-Related Emails Continue:

  • Booking confirmations
  • Appointment reminders
  • Payment receipts
  • Service updates
  • Password resets
  • Terms and policy changes

Cannot Be Unsubscribed:

  • These are necessary for service delivery
  • Not considered marketing

11.5 Preferences

You can control:

  • Frequency of marketing emails
  • Types of content you receive
  • Communication channels (email only currently)

12. Links to Other Websites

12.1 Third-Party Websites

Our Website may contain links to:

  • Social media platforms (LinkedIn, Facebook, Twitter/X)
  • Partner websites
  • Resource websites
  • Payment processors (Stripe, Eventbrite)

12.2 Our Responsibility

We are NOT responsible for:

  • Privacy practices of third-party websites
  • Content on third-party websites
  • Security of third-party websites
  • Data collection by third-party websites

12.3 Your Responsibility

When clicking external links:

  • You leave our Website
  • Review their privacy policies
  • Understand their data practices
  • Proceed at your own risk

12.4 Social Media

If you interact with our social media:

  • Your interaction is governed by that platform’s privacy policy
  • We may see publicly available profile information
  • We do not control social media platform practices

13. Automated Decision-Making and Profiling

13.1 No Automated Decisions

We do not use:

  • Automated decision-making (decisions made solely by algorithms)
  • Profiling that produces legal effects or similarly significantly affects you
  • AI systems that make decisions about your eligibility for services

13.2 Human Involvement

All significant decisions about your services involve human review, including:

  • Accepting or declining service bookings
  • Assessing suitability for programmes
  • Handling refund requests
  • Responding to complaints

13.3 Analytics Only

We use analytics tools (e.g., Google Analytics) to understand website usage patterns, but this does not:

  • Make decisions about individual users
  • Affect your access to services
  • Influence pricing or offers

14. Changes to This Privacy Policy

14.1 Updates

We may update this Privacy Policy to reflect:

  • Changes in legal requirements
  • Changes to our services
  • New technologies or data practices
  • Feedback from data protection authorities

14.2 Notification

For Material Changes:

  • We will email registered users
  • We will display prominent notice on Website
  • We will provide at least 30 days’ notice where possible

Effective Date:

  • Changes take effect on the date specified
  • “Last Updated” date shown at top of policy
  • Previous versions available upon request

14.3 Your Acceptance

Continued use after changes:

  • Constitutes acceptance of updated policy
  • If you disagree, stop using services and contact us to delete your data

14.4 Review

We recommend reviewing this policy periodically to stay informed of how we protect your data.

15. Contact Us

15.1 Privacy Questions

For questions about this Privacy Policy or our data practices:

Email: legal@problemsolvingcatalysts.co.uk
Website: www.problemsolvingcatalysts.co.uk

15.2 Exercising Your Rights

To exercise any of your data protection rights (access, rectification, erasure, etc.):

Email: legal@problemsolvingcatalysts.co.uk
Subject Line: “Data Subject Request – [Your Request Type]”
Include: Your full name, email address, specific request details

15.3 Complaints

Contact Us First: We encourage you to contact us first with any concerns. We will investigate and respond within one month.

Information Commissioner’s Office (ICO): If you are not satisfied with our response, you have the right to lodge a complaint:

Website: www.ico.org.uk
Helpline: 0303 123 1113
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

16. Legal Framework

This Privacy Policy complies with:

  • UK General Data Protection Regulation (UK GDPR)
  • Data Protection Act 2018
  • Privacy and Electronic Communications Regulations (PECR) 2003
  • Consumer Rights Act 2015 (relevant provisions)

Data Controller: Problem Solving Catalyst
Jurisdiction: England and Wales

Last Updated: 6 February 2026
Version: 1.0

Problem Solving Catalyst
www.problemsolvingcatalysts.co.uk

This Privacy Policy is designed to meet UK GDPR and Data Protection Act 2018 requirements. It provides transparent information about data processing practices for a coaching and consulting business operating in the United Kingdom.