Privacy Policy

 Mopex Consulting Ltd – Privacy Policy

Effective Date: December 2025

Mopex Consulting Ltd (“Mopex”, “we”, “our”, “us”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Information We Collect

We may collect and process the following categories of personal data:

  • Client contact details: names, job titles, email addresses, phone numbers.
  • Engagement data: project information, feedback, deliverables, and communications.
  • Website data: analytics, cookies, newsletter subscriptions, and enquiry forms.
  • Training and workshop data: attendance records, certification details, and evaluation forms.

2. How We Use Personal Data

We use personal data for the following purposes:

  • To deliver consultancy services and fulfil contractual obligations.
  • To manage client relationships and communications.
  • To improve our services, dashboards, and training programs.
  • To comply with legal, regulatory, and audit requirements.
  • To send marketing communications where consent has been provided.

3. Legal Basis for Processing

We process personal data under the following lawful bases:

  • Contractual necessity: to provide services under Master Services Agreements (MSAs) and Statements of Work (SOWs).
  • Legitimate interests: to improve services, maintain audit readiness, and ensure business continuity.
  • Consent: for newsletters, marketing communications, and optional engagement surveys.
  • Legal compliance: to meet obligations under tax, health & safety, and regulatory frameworks.

4. Data Sharing

We may share personal data with:

  • Trusted sub-processors such as Microsoft 365 and Power BI.
  • Regulators, auditors, or legal authorities where required by law.
  • We do not sell or share personal data for marketing purposes.

5. International Transfers

Where data is transferred outside the UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

6. Data Retention

  • Client project data: retained for [X years] to support audit and compliance.
  • Marketing data: retained until consent is withdrawn.
  • Training records: retained for the validity period of certifications.

7. Your Rights

You have the following rights under UK GDPR:

  • Right of access to your personal data.
  • Right to rectification of inaccurate data.
  • Right to erasure (“right to be forgotten”).
  • Right to restrict or object to processing.
  • Right to data portability.
  • Right to withdraw consent at any time.

8. Security Measures

We implement appropriate technical and organisational measures, including encryption, access controls, audit logs, and secure hosting. Regular reviews are conducted to ensure compliance and risk management.

9. Contact Us

For questions or to exercise your data rights, please contact:

Data Protection Lead
Mopex Consulting Ltd
Email: nick.mason@mopexconsulting.com
Address: Flat 5, 23 Blackborough House, Beatrice Court, Buckhurst Hill, Epping, IG9 6EA

10. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, regulation, or our business practices. Updates will be published on our website with the revised effective date.

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.