Legal

Privacy policy

How we collect, use and protect your personal data

Last updated: April 2026

Who we are

Workplace Mindfulness is a trading name of Workplace Mindfulness Limited, a company registered in England under company registration number 15394075. Our registered address is Room S2 Sedan House, Stanley Place, Chester, England, CH2 2LU. Our website address is www.workplacemindfulness.co.uk.

We are the data controller for the personal data we collect through our website and services. If you have any questions about how we handle your data, please contact us at ja****@*********************co.uk.

What information we collect

We may collect and process the following personal data:

  • Contact information – your name, email address and phone number, provided when you complete our website contact form or register for a webinar.
  • Organisation details – the name of your employer or organisation, where you choose to provide it.
  • Technical data – your IP address, browser type and version, operating system, referral source, pages visited, time spent on pages, and other browsing behaviour collected via cookies and similar technologies.
  • Communication data – any information you include in emails or messages you send to us.

We do not collect any special category (sensitive) personal data.

In some cases, we may obtain your business contact details (such as your name, job title, email address and organisation) from publicly available sources or third-party data providers such as Apollo.io, for the purpose of legitimate business outreach. Where we do so, we will inform you of the source of your data when we first contact you.

How and why we use your information

We only process your personal data when we have a lawful basis to do so. The table below sets out the purposes for which we use your data and the legal basis we rely on in each case.

Purpose Lawful basis
Responding to your enquiries Legitimate interest (to respond to prospective clients)
Delivering webinars and sending recordings Performance of a contract / pre-contractual steps
Sending marketing emails about our workshops, courses and webinars Consent, or legitimate interest (for existing clients)
Analysing website usage to improve our site Consent (via cookie banner)
Business prospecting and outreach using publicly available contact data Legitimate interest (to market our services to relevant organisations)

Cookies

Our website uses cookies to distinguish you from other visitors and to understand how you use our site. We use the following types of cookies:

  • Strictly necessary cookies – required for the site to function. These cannot be switched off.
  • Analytics cookies – help us understand how visitors interact with our site (e.g. pages visited, time on site). We use these to improve our website.
  • Marketing / tracking cookies – used to deliver relevant content and measure the effectiveness of our campaigns (e.g. LinkedIn Insight Tag).

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect website functionality.

Who we share your data with

We do not sell your personal data to any third party. We may share your data with the following categories of service providers who process data on our behalf:

  • Webinar platforms – such as Zoom, Microsoft Teams or Google Meet, to host and deliver online events.
  • Mailchimp (Intuit Inc., US) – our email marketing platform, used to send you updates, newsletters and webinar recordings.
  • Website hosting and analytics – to operate and monitor our website.
  • LinkedIn – via the LinkedIn Insight Tag for campaign analytics.
  • Marketing agencies – acting on our behalf to assist with website management, SEO, paid advertising and general marketing activity, and who may process personal data in the course of delivering those services.

All third-party processors are required to handle your data in accordance with UK data protection law. We do not permit them to use your data for their own marketing purposes.

International transfers

Some of our third-party service providers — including Mailchimp (Intuit) and LinkedIn — are based in the United States. Where your data is transferred outside the UK, we ensure appropriate safeguards are in place, such as UK International Data Transfer Agreements or transfers to countries with an adequacy decision, to protect your personal data.

How long we keep your data

We retain your personal data only for as long as necessary for the purposes set out in this policy:

  • Enquiry data – up to 24 months after your last interaction with us, unless you become a client.
  • Client data – for the duration of our business relationship and up to 6 years afterwards (to meet legal and accounting obligations).
  • Marketing data – until you unsubscribe or withdraw consent.
  • Cookie data – in accordance with the retention periods of each cookie (typically up to 24 months).

Your rights

Under UK data protection law, you have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to ask us to delete your personal data in certain circumstances.
  • Right to restrict processing – to ask us to limit how we use your data.
  • Right to data portability – to receive your data in a structured, machine-readable format.
  • Right to object – to object to processing based on legitimate interest, including direct marketing.
  • Right to withdraw consent – where we rely on consent, you may withdraw it at any time.

To exercise any of these rights, please email us at ja****@*********************co.uk. We will respond within one month.

Automated decision-making

We do not use any automated decision-making or profiling that produces legal effects or similarly significant effects on you.

Marketing and opting out

We may send you information about our mental wellbeing workshops, courses and webinars that we believe would be beneficial to your organisation. You can opt out of marketing communications at any time by:

Data security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction or alteration. These include the use of encrypted connections (SSL/TLS), access controls, and regular reviews of our security practices.

Complaints

If you are unhappy with how we have handled your personal data, we would like the chance to resolve this. Please contact us at ja****@*********************co.uk.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection:

Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
ico.org.uk  |  Helpline: 0303 123 1113

Changes to this policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this page periodically.