Privacy Policy

Emma Rose Elevates (trading name) (“we”, “us”, “our”) respects your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use and protect your personal data when you interact with our services, whether you are located in the UK or elsewhere in the world. This policy is written with UK data protection law in mind (UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018).

Last updated: 10 April 2026

1. Who we are and how this policy applies

Data controller. For the purposes of the UK GDPR and the Data Protection Act 2018, the data controller is the UK-based sole trader operating this website and providing the services described. If we work with clients in the European Economic Area (EEA) or other countries, we may also be considered a controller under local laws (including the EU GDPR).

Children. Our services are not directed at children and we do not knowingly collect personal data relating to anyone under 18 years old.

2. The personal data we collect

The type of information we collect about you depends on how you interact with us. We may collect and process the following categories of personal data:

  • Identity and contact data – such as your name, job title, company name, postal address, email address, telephone number, and country of residence.

  • Business and engagement data – details about your organisation, the services you have purchased or enquired about, your preferences, feedback and communications with us.

  • Payment and transaction data – limited billing details, such as invoicing information, VAT or tax numbers (where applicable), payment method details processed via our payment providers, and records of payments made to and from you.

  • Technical and usage data – when you visit our website, we may collect information such as your IP address, browser type and version, time zone setting, device identifiers, pages you visit, and how you interact with our content. This may be collected through cookies and similar technologies.

  • Marketing and communications data – your preferences in receiving marketing from us and your communication preferences, together with records of consent where relevant.

  • Any other information you choose to provide – for example in emails, calls, discovery sessions or project documentation that may incidentally contain personal data.

We do not intentionally collect or process special categories of personal data (such as health information, political opinions or religious beliefs) or information relating to criminal convictions, and we ask that you do not provide this information to us unless we specifically request it and there is a lawful basis to do so.

3. How we collect your data

  • Direct interactions – you may give us your data by filling in forms on our website, booking a call, subscribing to our content, corresponding by email, phone or social media, or when we enter into a contract.

  • Automated technologies – when you interact with our website or emails, we may automatically collect technical and usage data using cookies, server logs and similar technologies.

  • Third parties and publicly available sources – we may receive personal data about you from analytics providers, payment and invoicing providers, social media platforms, referral partners or other individuals within your organisation, as well as from publicly available sources such as professional networking sites or company websites.

4. How and why we use your personal data

We will only use your personal data when the law allows us to. Most commonly, we use your information for the following purposes:

  • Providing and managing our services – to deliver our services to you, manage projects, process payments, and perform our contract with you or your organisation.
  • Responding to enquiries – to communicate with you when you contact us, request information, book a consultation or download resources.
  • Managing our relationship – to send administrative information such as updates to our terms or policies, and to ask for feedback or testimonials.
  • Improving our website and services – to analyse how visitors use our website, content and services so we can troubleshoot, secure and enhance them.
  • Marketing and business development – to send you relevant updates, content or offers where you have requested them or where we are otherwise permitted by law, and to identify and nurture prospective clients.
  • Legal and regulatory compliance – to keep appropriate records, respond to legal requests, prevent fraud and protect our rights and the rights of others.

We will not use your personal data for purposes that are materially different from, or incompatible with, those described in this policy without informing you and, where necessary, obtaining your consent.

5. Our legal bases for processing (UK & global)

Under the UK GDPR, EU GDPR (where applicable) and similar laws, we must have a lawful basis to process your personal data. Depending on the context, we rely on one or more of the following legal bases:

  • Performance of a contract – where processing is necessary to enter into or perform a contract with you or your organisation, or to take steps at your request before entering into such a contract.
  • Legitimate interests – where processing is necessary for our legitimate business interests (or those of a third party) and your interests and fundamental rights do not override those interests. This may include running and developing our business, improving our services, and communicating with you in a professional context.
  • Consent – where you have clearly agreed to our processing for a specific purpose (for example, subscribing to certain marketing communications). You can withdraw your consent at any time.
  • Legal obligation – where we need to comply with a legal or regulatory obligation, including tax, accounting and reporting obligations.
  • Vital interests or public task – in rare cases, we may process data to protect someone’s vital interests or to perform a task carried out in the public interest, where this is required by applicable law.

6. When we share your personal data

We do not sell or rent your personal data. We may share your information with the following recipients, where necessary and appropriate:

  • Service providers – trusted third parties who provide services to us such as website hosting, email delivery, CRM and project management tools, analytics, accounting and payment processing. These providers act as processors and may only process your data on our instructions.
  • Professional advisors – including lawyers, bankers, auditors and insurers, where this is necessary for the services they provide to us.
  • Business transfers – if we restructure, merge, sell or otherwise transfer part or all of our business, personal data may be transferred to the new owner as part of that transaction.
  • Law enforcement and regulators – where we are required to disclose your personal data by law, court order or other legal or regulatory process, or to protect our rights or the rights of others.

Where we share personal data with third parties, we seek to ensure that they respect the security of your data and treat it in accordance with applicable data protection laws, including by entering into appropriate data processing or data sharing agreements where required.

7. International transfers

We are based in the UK but we work with clients and service providers around the world. This means your personal data may be transferred to, stored in and processed in countries outside the UK and the EEA, including locations that may have different data protection standards from those in your home country.

Where we transfer personal data from the UK or EEA to a country that has not been deemed to provide an adequate level of protection by the UK Government or European Commission, we will implement appropriate safeguards, such as using standard contractual clauses or equivalent mechanisms, or relying on other lawful transfer grounds, to help ensure that your personal data remains protected.

8. Cookies and tracking

We use cookies and similar technologies to operate our website, remember your preferences, and gather analytics. You can control cookie settings through your browser and via any cookie banner or preference centre on our site. Disabling certain cookies may affect functionality.

9. Data retention

We retain personal data only as long as necessary for the purposes set out in this policy, including for legal, tax, and accounting requirements. Typical retention examples:

  • Client records and coaching notes - retained while you are a client and for up to 7 years after the end of the client relationship.

  • Financial and invoicing records - retained for 6–7 years to meet tax and regulatory obligations.

  • Marketing consent and preferences - retained until you withdraw consent or unsubscribe.

10. Your rights

Under UK data protection law you may have the right to:

  • Access the personal data we hold about you.

  • Request correction of inaccurate or incomplete data.

  • Request erasure of your data (where we are not required to keep it for legal reasons).

  • Request restriction of processing or to object to processing for direct marketing and certain legitimate interests.

  • Request portability of your data in a commonly used, machine-readable format where processing is based on consent or contract.

  • Withdraw consent to processing where processing is based on consent.

To exercise your rights, contact us at [email protected]. If you are unsatisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) (ico.org.uk).

11. Security

We implement reasonable organisational and technical measures to protect personal data against unauthorised access, loss, misuse, or alteration. While we strive to protect your data, no internet or email transmission is completely secure. Please take care when transmitting personal information.

12. Recording sessions

We will only record audio/video sessions if you explicitly consent to the recording at the start of the session or via a separate written consent. Recorded sessions will be stored securely and retained only as long as necessary. You may request deletion at any time subject to legitimate retention needs.

13. Marketing communications

We will only send marketing emails where you have consented or where we have a legitimate interest and you have not opted out. You can opt out at any time by clicking the unsubscribe link in any marketing email or by contacting us at [email protected].

14. Children

Our services are not intended for children under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without verifiable parental consent, we will take steps to delete that data.

15. Changes to this policy

We may update this policy from time to time. We will publish the updated policy on our website with a new effective date. We recommend you check this page regularly for any changes.

16. Contacts and complaints

If you have questions about this Privacy Policy or want to exercise your rights, contact us at:

Email: [email protected]

Post: 28-30 Bina Gardens, London SW50LA

If you have unresolved concerns, you can lodge a complaint with the Information Commissioner’s Office (ICO) in the UK: https://ico.org.uk.