Privacy Policy

Last updated: 14 June 2026  ·  Effective from 19 June 2026

This privacy policy explains how I collect, use, store and protect your personal data when you visit my website or work with me. It is written to comply with UK GDPR and the Data (Use and Access) Act 2025.

1. Who I am (the data controller)

I am Jenna Elizabeth (“I”, “me”, “my”), a sole trader. I am the data controller responsible for your personal data.

You can contact me about anything in this policy, including data protection matters, at [email protected].

2. The data I collect

Depending on how you interact with me, I may collect:

  • Identity and contact details: your name, email address, phone number and business name, when you complete my enquiry quiz, booking or contact forms.
  • Information you provide: details about your business, your goals and the information you share when enquiring about or using my services.
  • Marketing data: your preferences for receiving marketing from me, where you have signed up to my email list.
  • Technical and usage data: your IP address, browser type, device information and how you use my website, collected through cookies and similar technologies (see section 8).
  • Advertising data: information collected via the Meta (Facebook) Pixel about your activity on my site, used to measure and improve my advertising.

3. How I collect your data

  • Directly from you, when you complete my quiz, contact or booking forms, sign up to my email list, or email me.
  • Automatically, through cookies and tracking technologies when you use my website.
  • From third parties, such as referrals, or analytics and advertising platforms (for example Meta).

4. Why I use your data and my lawful basis

Under UK GDPR I must have a lawful basis for using your personal data. The bases I rely on are:

Contract

  • To respond to your enquiry, provide quotes and deliver the services you have asked me to provide.

Legitimate interests

  • To run and grow my business, respond to enquiries, keep records, and measure and improve my website and advertising. Where I rely on legitimate interests, I have considered your rights and do not use your data in ways you would not reasonably expect.

Consent

  • To send you marketing emails (where you have signed up), and to set non-essential cookies. You can withdraw consent at any time.

Legal obligation

  • To meet my legal and regulatory obligations, such as keeping financial records.

5. Marketing

If you have signed up to my email list, I may send you content, updates and offers relevant to my services. Every email includes an unsubscribe link, and you can opt out at any time by clicking it or emailing me. I use GoHighLevel to manage my email marketing and contact records.

6. Who I share your data with

I do not sell your personal data. I share it only with trusted providers who help me run my business, and only as far as needed. These include:

  • GoHighLevel (CRM, forms, email marketing and booking).
  • Meta Platforms (Facebook and Instagram advertising and the Meta Pixel).
  • Other tools that support my business operations, such as scheduling, file storage and automation software.
  • Professional advisers and, where legally required, regulators or authorities.

Some providers may process data outside the UK. Where they do, I take steps to ensure your data is protected by appropriate safeguards, such as UK-approved data transfer agreements.

7. How long I keep your data

I keep your personal data only for as long as I need it for the purposes set out in this policy, or to meet legal obligations. Enquiry and client records are typically kept for the duration of our working relationship and for a reasonable period afterwards. Financial records are kept for at least six years as required by law. Marketing data is kept until you unsubscribe.

8. Cookies

My website uses cookies and similar technologies to help it function, to understand how visitors use it, and to support my advertising (including the Meta Pixel). Some cookies are essential; others, such as analytics and advertising cookies, are only set with your consent.

You can manage your preferences through the cookie banner when you visit, or through your browser settings.

9. How I keep your data secure

I take appropriate technical and organisational measures to keep your personal data safe and to protect it from accidental loss, unauthorised access, alteration or disclosure. The third-party platforms I use also maintain their own security measures.

10. Your rights

Under UK GDPR you have the right to:

  • Be informed about how your data is used.
  • Access the personal data I hold about you.
  • Have inaccurate data corrected.
  • Have your data erased in certain circumstances.
  • Restrict or object to how your data is used.
  • Data portability.
  • Withdraw consent at any time, where I rely on consent.

To exercise any of these rights, email me at [email protected]. I will respond within one month. I am permitted to carry out reasonable and proportionate searches when responding to a request.

11. How to make a data protection complaint

If you are unhappy with how I have handled your personal data, you have the right to complain. Please contact me first so I have the chance to put things right.

How to complain to me: send your complaint by email to [email protected], with “Data Protection Complaint” in the subject line. Please include your name, contact details and a description of your concern.

What happens next: I will acknowledge your complaint within 30 days of receiving it. I will look into it, keep you updated, and aim to resolve it as quickly as I reasonably can.

If you are still not satisfied: you have the right to complain to the Information Commissioner’s Office (ICO). I would ask that you give me the opportunity to resolve your complaint first, but this does not affect your right to contact the ICO at any time.

ICO contact details:

  • Website: ico.org.uk
  • Helpline: 0303 123 1113
  • Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

12. Changes to this policy

I may update this privacy policy from time to time. Any changes will be posted on this page with a revised “last updated” date.

This is the public-facing privacy policy. Remember to keep your separate internal data protection complaints procedure on file as your accountability record under the DUAA.