1. Who We Are

Pelagion Marketing is a marketing consultancy and coaching business operated by Jemma Wright. We provide strategic marketing services to businesses and organisations, and we run Pelagion Pioneers — a group coaching programme for professionals and business leaders.

For the purposes of UK data protection law, Pelagion Marketing is the data controller.

Contact Details

• Address: Pelagion Marketing, Colonial House, Swinemoor Lane, Beverley, East Yorkshire, HU17 0LS
• Email: hello@pelagionmarketing.com
• Website: com
• ICO Registration Number: ICO00013897330

2. What Personal Data We Collect

Depending on how you interact with us, we may collect the following categories of personal data:

Identity & Contact Data

• Full name
• Email address
• Phone number (if provided)
• Business name and job title (if provided)
• Postal address (billing or correspondence)

Financial Data

• Payment card details (processed securely by Stripe — we do not store card data ourselves)
• Bank account details for Direct Debit payments (processed securely by GoCardless)
• Billing address and transaction history

Programme & Coaching Data

• Information you share during coaching sessions or in the Pelagion Pioneers community
• Marketing goals, business challenges, and strategic notes shared with us in the course of coaching
• Communications with us via email or the private Facebook group

Technical & Usage Data

• IP address
• Browser type and version
• Pages visited on our website and time spent on them
• Referral source (how you found our website)

Marketing & Communications Data

• Your preferences regarding receiving marketing communications from us
• Records of your consent to receive emails

We do not collect any special category data (such as health information, political opinions, or biometric data) and ask that you do not share such information with us unless strictly necessary.

3. How We Collect Your Data

We collect personal data through the following means:

• Contact and enquiry forms on our website (pelagionmarketing.com)
• The Pelagion Pioneers waitlist signup form
• Direct email correspondence (via Microsoft Outlook)
• Payment and subscription sign-up via Stripe or GoCardless
• Our CRM system, HubSpot, where we manage client and prospect records
• The private Pelagion Pioneers Facebook group (managed by Meta)
• Google Analytics, which automatically collects technical data about visitors to our website

4. Why We Process Your Data and Our Lawful Basis

Under the UK General Data Protection Regulation (UK GDPR), we must have a lawful basis for processing your personal data. The table below sets out our purposes and the lawful basis we rely on for each.

Where we rely on legitimate interests as our lawful basis, we have carried out a balancing test and are satisfied that our interests do not override your rights and freedoms. You have the right to object to processing based on legitimate interests — see Section 9 for details.

5. Marketing Communications

We will only send you marketing emails if you have given us your explicit consent to do so, for example by signing up to our waitlist or opting in to our mailing list. We use Microsoft Outlook and HubSpot to manage and send marketing communications.

You can withdraw your consent and unsubscribe from marketing emails at any time by clicking the unsubscribe link in any email we send, or by contacting us at hello@pelagionmarketing.com. Withdrawing consent does not affect the lawfulness of any processing carried out before you withdrew consent.

6. Third Parties We Share Your Data With

We do not sell your personal data. We may share your data with the following trusted third-party service providers who process data on our behalf, only for the purposes set out in this policy:

• Microsoft (Outlook): Email communication. Transfers covered by: EU/UK standard contractual clauses. Privacy policy: microsoft.com/en-us/trust-center
• HubSpot: CRM and marketing automation. Transfers covered by: EU/UK standard contractual clauses. Privacy policy: legal.hubspot.com/privacy-policy
• Stripe: Payment processing. Transfers covered by: EU/UK standard contractual clauses. Privacy policy: stripe.com/gb/privacy
• GoCardless: Direct Debit payment processing. Transfers covered by: UK-based operations. Privacy policy: gocardless.com/privacy
• Google Analytics: Website analytics. Transfers covered by: EU/UK standard contractual clauses. Privacy policy: policies.google.com/privacy
• Meta (Facebook): Pelagion Pioneers community group. Transfers covered by: EU/UK standard contractual clauses. Privacy policy: facebook.com/privacy

All third-party processors are required to handle your data securely and in accordance with applicable data protection law. We will not share your data with any third party for their own marketing purposes.

7. International Data Transfers

Some of our third-party service providers are based outside the UK. Where your data is transferred outside the UK, we ensure appropriate safeguards are in place, including the use of the UK International Data Transfer Agreement (IDTA) or equivalent standard contractual clauses, or transfers to countries recognised by the UK as providing an adequate level of protection.

8. How Long We Keep Your Data

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements.

• Enquiry and contact data: 2 years from last contact, unless you become a client
• Waitlist data: Until the programme launches and you have either joined or been notified, then 12 months
• Client and coaching records: 6 years from the end of the contract (for legal and accounting purposes)
• Financial and payment records: 7 years (statutory requirement under UK tax law)
• Marketing consent records: For the duration of the relationship plus 2 years
• Website analytics data (Google Analytics): Up to 26 months (as configured in our GA account)

Where data is no longer required, it will be securely deleted or anonymised.

9. Your Rights Under UK GDPR

Under UK data protection law, you have the following rights:

• Right of access: You can request a copy of the personal data we hold about you (a Subject Access Request).
• Right to rectification: You can ask us to correct inaccurate or incomplete data we hold about you.
• Right to erasure: You can ask us to delete your personal data where there is no compelling reason for us to continue processing it.
• Right to restriction: You can ask us to restrict processing of your data in certain circumstances, for example while a dispute is resolved.
• Right to data portability: Where we process your data by automated means based on your consent or a contract, you can ask us to provide your data in a structured, machine-readable format.
• Right to object: You have the right to object to processing based on legitimate interests, including profiling, and to processing for direct marketing purposes.
• Right to withdraw consent: Where we rely on consent, you can withdraw it at any time. This will not affect the lawfulness of processing before withdrawal.
• Rights related to automated decision-making: You have the right not to be subject to decisions made solely by automated processing that significantly affect you. We do not currently carry out solely automated decision-making.

To exercise any of these rights, please contact us at hello@pelagionmarketing.com. We will respond within one calendar month. We may need to verify your identity before processing your request. There is no charge for exercising your rights in most circumstances.

10. Cookies

Our website uses cookies — small text files stored on your device — to help us understand how visitors use our site and to improve your experience.

Types of cookies we use:

• Essential cookies: Necessary for the website to function correctly
• Analytics cookies: Google Analytics cookies that help us understand visitor behaviour (e.g. pages visited, time on site). These are only set with your consent.
• Third-party cookies: Set by embedded content or third-party tools such as Meta (Facebook). These are subject to their respective privacy policies.

You can manage your cookie preferences through the cookie consent tool on our website, or by adjusting your browser settings. Please note that disabling certain cookies may affect the functionality of our site. For more information about cookies, visit www.aboutcookies.org.

11. Children’s Privacy

Our services are intended for business professionals and are not directed at children under the age of 18. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

12. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures include password protection, encrypted communications, and restricted access to personal data within our business.

While we take every reasonable step to protect your data, no method of transmission over the internet is completely secure. If you have concerns about the security of your data, please contact us.

13. Links to Other Websites

Our website may contain links to third-party websites. This privacy policy applies only to pelagionmarketing.com. We are not responsible for the privacy practices of any third-party sites and encourage you to read their privacy policies before providing any personal data to them.

14. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes, we will update the “Last updated” date at the top of this policy and, where appropriate, notify you by email.

We encourage you to review this policy periodically. Continued use of our services after changes have been published constitutes your acceptance of the updated policy.

15. How to Make a Complaint

If you have any concerns about how we handle your personal data, please contact us first so we can try to resolve the matter:

• Email: hello@pelagionmarketing.com
• Post: Colonial House, Swinemoor Lane, Beverley, East Yorkshire, HU17 0LS

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection:

• Website: org.uk
• Helpline: 0303 123 1113
• Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

16. Contact Us

If you have any questions about this privacy policy, wish to exercise your data protection rights, or have any concerns about how your personal data is handled, please get in touch:

• Data Controller: Jemma Wright, Pelagion Marketing
• Email: hello@pelagionmarketing.com
• Address: Colonial House, Swinemoor Lane, Beverley, East Yorkshire, HU17 0LS
• Website: com

This privacy policy was prepared in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It should be reviewed at least annually or whenever there is a material change to how personal data is processed.