Privacy Notice

1. Who we are

This privacy notice explains how Claudia D. Thompson (“I”, “me”) collects and uses personal data when you visit my websites and interact with my services.​

I operate as a coach and consultant under my own name as part of Electric Visions Ltd.

Business name: Claudia D. Thompson, part of Electric Visions Ltd

Registered address: 9 Palmer Street, South Petherton, UK

Websites:

claudiadthompson.com

claudiadthompson.co.uk

thebusinessfabrik.com

thebusinessfabrik.co.uk

Contact email for privacy matters: [email protected]

2. What data I collect

I collect and process the following categories of personal data when you use my websites or services:

- Contact and enquiry data: name, email address, any information you include in an enquiry or message.

- Scorecard and assessment data: name, email address, and your responses to my scorecards or assessments (for example, business and team‑related questions and answers).

- Booking data: name, email address, and any information you provide when booking a discovery session via Microsoft 365 (including date and time of the booking).

- Marketing and communication data: your marketing preferences and information about which emails you open or click (via my CRM).

- Technical and usage data: IP address, browser type, device information, pages visited, time on site, and similar data collected through cookies and similar technologies (for example, Google Analytics, Meta Pixel and other tracking technologies).

- Future course / membership data (when available): name, email address, login details and content relating to your participation in my programmes and courses.

I do not intentionally collect data about children and my services are not directed at anyone under 18.​

3. How I use your data and lawful bases

I only use your personal data when the law allows me to and I must have a lawful basis under UK GDPR for each purpose. I use your data for the following purposes:

- Responding to enquiries

Data used: contact/enquiry data.

Purpose: to respond to your questions, provide information about my services, and follow up on enquiries.

Lawful basis: legitimate interests – it is in both our interests that I can respond to your enquiry and keep a record of the conversation.

- Delivering coaching, programmes, assessments, and memberships

Data used: contact data, assessment data, booking data, and (once available) course/membership data.

Purpose: to provide the services you have requested or purchased, including assessments and follow‑up materials.

Lawful basis: contract – processing is necessary to deliver a service you have asked for or are about to enter into.​

- Sending marketing emails and newsletters

Data used: name, email address, marketing and communication data, assessment/scorecard context (for relevant follow‑ups).

Purpose: to send you newsletters, updates, offers and resources about building team structures and culture so you can step back from the business.

Lawful basis: Consent – where you actively opt in to receive marketing (for example, when signing up to a newsletter or downloading a scorecard).

Legitimate interests – in some B2B contexts, where you give me your details in a business capacity and would reasonably expect relevant follow‑up communications.​

You can opt out of marketing emails at any time by clicking the unsubscribe link in any email or by emailing [email protected].​

- Analytics and site performance

Data used: technical and usage data collected via cookies and similar technologies.

Purpose: to understand how visitors use my websites, improve content and user experience, and measure performance.

Lawful basis:

Consent – for non‑essential analytics cookies where required by UK e‑privacy rules.

Legitimate interests – in operating an effective and secure website, where anonymised or strictly necessary analytics are used.

- Running ads and retargeting

Data used: technical and usage data, cookie and tracking data, limited contact data where matched by advertising platforms.

Purpose: to run and measure online advertising, and show relevant ads to people who have visited my sites or engaged with my content (for example, via Meta/Facebook or other ad platforms).

Lawful basis: consent – through your acceptance of marketing/advertising cookies in the cookie banner, where this is required.

- Business administration and legal compliance

Data used: contact data, booking data, transaction‑related data (when purchases become available), and communication records.

Purpose: to maintain business records, manage accounts, and comply with legal obligations (for example, tax and accounting).

Lawful basis: legal obligation (for records I must keep) and legitimate interests in running and protecting my business.

4. Cookies and tracking technologies

My websites use cookies and similar technologies to:

- Make the sites work properly (necessary cookies).

- Remember certain preferences.

- Analyse how the sites are used (for example, Google Analytics).

- Run and measure online advertising, including retargeting (for example, Meta/Facebook Pixel, LinkedIn or other ad platforms as used).

When you first visit my websites, you will see a cookie banner giving you the option to accept or reject non‑essential cookies where this is supported by the technology I use. You can also change your browser settings to refuse cookies or to alert you when cookies are being set. Note that some parts of the websites may not function properly without certain cookies.​ More detailed information about the specific cookies in use may be added to this notice or provided in a separate cookie policy.

5. Who I share your data with

I share your personal data with carefully selected third‑party service providers who help me run my business and deliver my services. These providers act as processors on my behalf and only process your data following my instructions:

GoHighLevel (CRM and marketing automation platform): used for managing contacts, sending email campaigns and automations, and tracking email performance.

Microsoft 365 (booking and productivity tools): used for scheduling discovery sessions, email, calendar and document management.

Stripe (payment processor, when payments become available): used to process payments securely and manage transaction records.

Website and hosting providers, security and analytics providers: used to host the websites, provide technical support and security, and deliver analytics data.

Where possible, I choose providers who provide appropriate safeguards for personal data and who state that they comply with UK GDPR or equivalent standards.​ I do not sell your personal data to anyone.

6. International data transfers

Some of my service providers may be based outside the UK or may store data on servers outside the UK (for example, US‑based SaaS tools such as GoHighLevel or Stripe). When this happens, your personal data may be transferred to and processed in countries that may have different data protection laws than the UK.

Where such transfers occur, I aim to ensure that appropriate safeguards are in place, such as:

- The use of standard contractual clauses approved under UK data protection law.

- Reliance on adequacy regulations or equivalent mechanisms where available.

- Providers’ commitments to UK GDPR‑equivalent protections in their own terms and policies.​

You can contact me at [email protected] if you would like more information about international transfers and the safeguards in place.

7. How long I keep your data

I keep personal data only for as long as necessary for the purposes for which it was collected, and to meet legal, accounting or reporting requirements. As a guide:

- Enquiries and contact form submissions: typically kept for up to 2 years after our last interaction, in case of follow‑up and to understand past conversations.

- Newsletter and marketing subscribers: kept until you unsubscribe or I reasonably determine you are no longer engaging, plus up to 2 years for suppression records (to ensure I respect your opt‑out).

- Client and programme records (including assessment responses and session‑related notes): kept while you are a client and typically for up to 6 years after the end of our relationship, to maintain business records and for legal/statutory limitation periods.

- Booking data for discovery sessions: kept for up to 3 years after the booking, unless it becomes part of client records, in which case the client record period above applies.

- Financial records (including payment data when payments begin): kept for at least 6 years in line with UK tax and accounting requirements.

- Technical/analytics data: kept in line with the retention settings of each analytics platform (for example, Google Analytics default retention periods), typically between 14 months and 26 months, unless aggregated or anonymised for longer‑term analysis.

If you ask me to delete your data, I will either delete it or, where I must retain it for legal reasons, restrict its use to those purposes only.​

8. Your rights

Under UK data protection law, you have a number of rights in relation to your personal data, subject to certain conditions and exemptions.

You have the right to:

- Access: request a copy of the personal data I hold about you.

- Rectification: ask me to correct inaccurate or incomplete data.

- Erasure: ask me to delete your personal data in certain circumstances (the “right to be forgotten”).

- Restriction: ask me to restrict the processing of your data in certain circumstances.

- Objection: object to certain types of processing, including direct marketing (you can always opt out of marketing).

- Data portability: request that I transfer your personal data to you or another controller, where technically feasible and where the processing is based on consent or contract and carried out by automated means.

- Withdraw consent: where I rely on your consent (for example, for marketing emails or cookies), you can withdraw that consent at any time. This will not affect the lawfulness of processing before consent was withdrawn.​

You can exercise any of these rights by emailing [email protected]. I may need to verify your identity before responding to your request.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you are concerned about how your personal data is being used:​

Information Commissioner’s Office
ico.org.uk
Telephone: +44 (0)303 123 1113

I would appreciate the chance to deal with your concerns before you approach the ICO, so please contact me in the first instance if possible.

9. Security

I take reasonable technical and organisational measures to protect your personal data, including using reputable third‑party service providers, secure passwords and access controls, and encryption where appropriate. However, no system can be guaranteed 100% secure, and you share information with me at your own risk.

10. Changes to this privacy notice

I may update this privacy notice from time to time to reflect changes in my services, how I process data, or changes in the law. The updated version will be posted on my websites with a new “last updated” date. I encourage you to review this notice periodically.​

Last updated: 1 March 2026.