Privacy Policy

Westgate Sentinel Consulting Ltd (company number 17114844)
ICO Registration: [Pending — to be added on registration]
Huddersfield, West Yorkshire, United Kingdom
hello@westgatesentinel.co.uk

This policy explains how we collect and use personal data when you use westgatesentinel.co.uk or contact us. We process personal data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Effective date: 24 March 2026

1. Who is responsible for your data?

The data controller is Westgate Sentinel Consulting Ltd. We decide why and how your personal data is processed. For any privacy matter, contact us at hello@westgatesentinel.co.uk.

2. What personal data we collect

Depending on how you interact with us, we may process:

  • Contact and enquiry data — name, work email address, organisation name, message content, and (if you select one) your chosen service or bundle from our contact form.
  • Technical data — basic information that servers and our form provider may log when you use the site or submit the form (for example IP address, browser type, and timestamps), as needed to deliver the service securely and diagnose faults.

We do not ask for special category data (such as health information) via the website. Please do not send it unless we have agreed a secure channel as part of a formal engagement.

3. Why we use your data and lawful bases

We only use personal data when the law allows. The main bases that apply are:

  • Legitimate interests (Article 6(1)(f) UK GDPR) — to respond to B2B enquiries sent through the site, to operate and secure our website, and to manage our business relationship with you before a contract is in place. Responding to a business enquiry you have initiated is a legitimate interest of ours that we consider proportionate and not overridden by your rights. You may object to this processing at any time.
  • Contract (Article 6(1)(b)) — if you become a client, we will process personal data as necessary to perform our contract with you and related pre-contract steps.
  • Legal obligation (Article 6(1)(c)) — where we must retain or disclose information to comply with law (for example tax or regulatory requirements).

4. Who we share data with

We do not sell your personal data. We share it only when necessary:

  • Hosting and infrastructure — our static site and contact form are hosted on Cloudflare (Pages and Workers). Cloudflare may process technical data such as IP addresses and request metadata to deliver the site and route traffic. Cloudflare acts as a processor under contract. See Cloudflare’s privacy notice: cloudflare.com/privacypolicy. Contact form submissions are stored in Cloudflare KV storage within Cloudflare’s infrastructure and are not shared with any third-party email processing service.
  • Professional advisers — where required (for example accountants or lawyers), under confidentiality obligations.
  • Authorities — if we are legally required to disclose information.

5. How long we keep data

We keep personal data only as long as necessary for the purposes above. Enquiry emails and form submissions are typically kept for up to 24 months after our last meaningful contact unless we need to keep them longer for legal, contractual, or legitimate business reasons (for example active client work or a dispute). Technical logs retained by processors are subject to their retention policies, which we review periodically.

6. Your rights

Under UK GDPR you have the following rights, subject to conditions in law:

  • Access — ask for a copy of the personal data we hold about you.
  • Rectification — ask us to correct inaccurate or incomplete data.
  • Erasure — ask us to delete your data in certain circumstances.
  • Restriction — ask us to limit processing in certain circumstances.
  • Data portability — receive your data in a structured, commonly used format where processing is based on consent or contract and is automated.
  • Object — object to processing based on legitimate interests (including profiling), and to direct marketing (we do not use the enquiry form for marketing unless clearly stated).
  • Withdraw consent — if we ever rely on your consent for a specific purpose, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
  • Complain — you may complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk or by calling 0303 123 1113. We encourage you to contact us first so we can try to resolve your concern.

To exercise any right, email hello@westgatesentinel.co.uk with “Data protection request” in the subject line. We will respond within one month in most cases (we may extend for complex requests, as allowed by law).

7. Cookies and similar technologies

This site is largely informational. We do not use third-party advertising or analytics cookies on the pages we control. Our hosting or form provider may use strictly necessary technical cookies or similar mechanisms required for security, load balancing, or form operation. If we introduce optional cookies that need your consent, we will update this policy and provide a clear choice before they are set.

8. Security

We protect personal data using appropriate technical and organisational measures appropriate to the risk, including secure connections (HTTPS), access controls, and processor agreements. Details of how we protect information in our consultancy work are set out in our internal information security arrangements.

9. Children

Our services and website are aimed at businesses and adults. We do not knowingly collect data from children under 16 through this site.

10. Changes to this policy

We may update this policy from time to time. The effective date at the top will change when we do. Material changes will be highlighted where appropriate. Continued use of the site after changes means you acknowledge the updated policy.

11. Contact

Questions about this policy or your personal data: hello@westgatesentinel.co.uk