Privacy policy.
PRIVACY POLICY
Last updated: March 2025
Cahoot Inc CIC (trading as Cahoot CIC) is committed to protecting your privacy and handling your personal information responsibly. This policy explains what data we collect, how we use it, and your rights under UK GDPR.
If you have any questions, please contact:
enquiries@cahoot.org.uk
⭐ 1. WHO WE ARE
Cahoot Inc CIC (trading as Cahoot CIC)
Registered in England and Wales
Registered Office: Broomhill Methodist Church, Fulwood Road, Sheffield S10 3BD
Email: info@cahoot.org.uk
We act as the Data Controller for the personal information we collect.
⭐ 2. PERSONAL DATA WE COLLECT
Information you provide directly
We may collect:
Your name
Email address and phone number
Organisation name and role
Information shared through enquiry forms, calls, or emails
Documents you provide during consultancy work (e.g., plans, reports, internal documents)
Information collected automatically (if analytics are enabled)
If activated in future, we may collect:
device type
browser type
pages visited
time on site
Analytics are currently disabled on this website.
⭐ 3. HOW WE USE YOUR PERSONAL DATA
We process your information to:
respond to enquiries
deliver consultancy, mentoring, or training services
manage projects and client communication
maintain business and financial records
improve our services and website
We do not use your personal data for unsolicited marketing.
⭐ 4. LAWFUL BASES FOR PROCESSING
We rely on the following lawful bases under UK GDPR:
Contract
When we need your information to provide services you have requested.
Legitimate Interests
For activities such as:
responding to enquiries
managing client relationships
improving site functionality
protecting our systems from misuse
We always balance our interests with your rights.
Legal Obligation
For example, retaining financial records for HMRC.
⭐ 5. HOW LONG WE KEEP YOUR DATA
We use industry-standard retention periods:
General enquiries: kept for up to 12 months
Project files and documentation: retained for 3 years after the work ends
Emails: stored for up to 2 years, unless actively required for ongoing work
Financial and invoicing records: retained for 6 years (legal requirement)
Contracts or agreements: retained for 6 years
After these periods, information is securely deleted or anonymised.
⭐ 6. SHARING YOUR DATA
We do not sell or trade your personal data.
We may share information with trusted third-party processors who help us operate our business:
Google Workspace (email and document storage)
Squarespace (website hosting)
Accounting software (e.g. Xero, QuickBooks)
Calendly (if used for scheduling)
These processors only use your data under our instruction and meet GDPR standards.
⭐ 7. INTERNATIONAL TRANSFERS
Some of our processors operate outside the UK (e.g. Google).
Where this occurs, appropriate safeguards are in place, such as:
Standard Contractual Clauses (SCCs)
UK Addendum agreements
Adequacy decisions
These ensure your data is protected to UK GDPR standards.
⭐ 8. YOUR RIGHTS
You have the right to:
access your personal data
correct inaccurate information
request deletion
restrict or object to processing
request a copy in a portable format
withdraw consent (if ever applicable)
complain to the Information Commissioner’s Office (ICO)
To exercise your rights, contact:
info@cahoot.org.uk
ICO website: https://ico.org.uk/
⭐ 9. COOKIES AND TRACKING TECHNOLOGIES
This website currently uses essential cookies only.
If analytics or non-essential cookies are introduced in future, a consent banner will appear in line with PECR requirements.
See our Cookies Policy for full details.
⭐ 10. SECURITY
We take appropriate steps to protect your information, including:
secure access controls
encryption offered by our service providers
regular updates and security patches
No method of transmission is completely secure, but we follow industry standards to minimise risk.