The Edwards Practice Book a Discovery Call

Privacy Policy

How we collect, use, and protect your data.

Last updated: May 2026

1. Who We Are

The Edwards Practice Ltd (“TEP”, “we”, “us”, “our”) is a company registered in England and Wales. We operate the website theedwardspractice.com and provide fractional COO advisory services and digital products.

Data Controller: The Edwards Practice Ltd
Contact: mitch@theedwardspractice.com

We are committed to protecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. What Data We Collect

We collect personal data in the following ways:

Information you give us directly:

  • Name, email address, and company name when you fill in our contact form
  • Name and email when you book a discovery call through our scheduling tool
  • Name, email, and payment details when you purchase the Contract Confidence Kit or other products
  • Any information you include in messages sent to us

Information collected automatically when you visit our site:

  • IP address and approximate location
  • Browser type and device information
  • Pages visited, time spent, and referring website
  • Cookies and similar tracking technologies (see Section 7)

3. How We Use Your Data

We use your personal data for the following purposes, each with a lawful basis under UK GDPR:

To deliver our services and products (Contract performance)

  • Processing purchases of the Contract Confidence Kit
  • Scheduling and conducting discovery calls
  • Delivering advisory services under retainer agreements

To respond to your enquiries (Legitimate interest)

  • Replying to contact form submissions
  • Following up on discovery call requests

To send you relevant content and updates (Consent)

  • Email newsletters, insights, and product updates
  • You can unsubscribe at any time using the link in every email

To improve our website and services (Legitimate interest)

  • Analysing website traffic and user behaviour
  • Understanding which content and pages are most useful

To comply with legal obligations (Legal obligation)

  • Maintaining business records as required by law
  • Responding to lawful requests from authorities

4. Who We Share Your Data With

We do not sell your personal data. We share data only with the following categories of service providers who help us operate our business:

  • Website hosting: Cloudflare (hosts and serves our website through its global network)
  • Contact form: Formspree (processes contact form submissions and forwards them to us by email)
  • Analytics: Cloudflare Web Analytics (privacy-friendly, cookieless website usage data)
  • Scheduling: Calendly (processes discovery call bookings)
  • Payment processing: Lemon Squeezy, acting as our Merchant of Record (processes product purchases and digital delivery – we do not store your full payment card details)
  • Email marketing: our email marketing provider sends email communications you’ve opted into
  • AI-powered tools: We may use artificial intelligence tools (such as AI-assisted contract review or document analysis platforms) to help deliver our services more efficiently. These tools process data on our behalf, subject to strict confidentiality obligations. No personal data is used to train third-party AI models.

All service providers are bound by data processing agreements and are required to protect your data in accordance with applicable law. Some providers may process data outside the UK, in which case appropriate safeguards (such as Standard Contractual Clauses) are in place.

5. How Long We Keep Your Data

We retain your personal data only for as long as necessary for the purposes set out above:

  • Contact form enquiries: 2 years from last contact, unless a client relationship begins
  • Client records: 6 years after the end of the engagement (in line with UK statutory requirements)
  • Purchase records: 6 years for tax and accounting purposes
  • Email marketing subscribers: Until you unsubscribe, plus 30 days for processing
  • Website analytics data: Retained in aggregate by our analytics provider; no personally identifying analytics data is stored

6. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Access – Request a copy of the personal data we hold about you
  • Rectification – Ask us to correct inaccurate or incomplete data
  • Erasure – Ask us to delete your data (where there is no legal reason for us to keep it)
  • Restriction – Ask us to restrict how we process your data
  • Portability – Request your data in a structured, machine-readable format
  • Objection – Object to our processing of your data based on legitimate interest
  • Withdraw consent – Where processing is based on consent, withdraw it at any time
  • Automated decision-making – You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects

To exercise any of these rights, email us at mitch@theedwardspractice.com. We will respond within 30 days.

If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.

7. Cookies

Our website uses minimal cookies and similar technologies.

Essential cookies: Required for the website to function (e.g., session management, security). These cannot be disabled.

Analytics: We use Cloudflare Web Analytics, which measures website usage without setting cookies and without collecting personally identifiable information.

Third-party cookies: Our scheduling tool (Calendly) and payment processor (Lemon Squeezy) may set their own cookies when you interact with those features.

You can manage cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. Please note that disabling certain cookies may affect website functionality.

8. Third-Party Links

Our website may contain links to external sites (such as LinkedIn, Calendly, or Lemon Squeezy). We are not responsible for the privacy practices of those sites. We encourage you to read their privacy policies before providing any personal data.

9. Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. This includes using encrypted connections (HTTPS), secure payment processing through PCI-compliant providers, and limiting access to personal data to those who need it.

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

In the event of a personal data breach that poses a high risk to your rights and freedoms, we will notify you without undue delay in accordance with UK GDPR requirements. We will also report qualifying breaches to the Information Commissioner’s Office within 72 hours of becoming aware of the breach.

10. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated “Last updated” date. We encourage you to review this page periodically.

11. Contact Us

If you have any questions about this privacy policy or how we handle your personal data, contact us at:

Email: mitch@theedwardspractice.com
Company: The Edwards Practice Ltd