Privacy policy

Yes, it’s another privacy policy you’re being asked to read but we have to have one and we do care about you and the data that we hold about you and we’re trying to do the right thing.

We will not share, sell or rent any information we hold about you. Your data is precious, you gave it to us for a particular purpose and we treat it with respect and care.

Who we are

The Business Locksmith is a consultancy and provides a range of support to businesses.

We are based in Milton Keynes, which is way way more than the city of roundabouts and concrete cows, we are also a city of trees, wide green verges, culture, and fantastic people and businesses. Our address is 29, Oxford Street, Wolverton, Milton Keynes, MK12 5HP.

Our data controller

The Business Locksmith is registered with the Information Commissioner’s Office (ICO)  – our registration number is 000010096964 and Yvette Lamidey is the data controller.

Why do we collect data?

Frankly, without data it would be really hard to work with clients and communicate with them. We also share useful information to ‘our list’, we know it’s useful because people write to us and tell us and so to send the information out we need to hold some simple data about the people we send it to.

When working with you:

  • There is usually data gathered at the ‘getting to know each other’ stage prior to agreeing a contract
  • During the course of the contract, there will be a range of different projects and activities and further data is collected as we progress and deliver the services we have agreed.
  • To keep in touch with after the contract has ended – we abandon clients at the end of a project. We like to keep in touch and hear how their business is doing.

Where you have given us your consent:

  • To send our regular business tips, blogs, and thought pieces
  • To send occasional invitations to our events
  • To deal with enquiries made through our website.

To comply with requirements:

  • Such as legal and regulatory requirements
  • Where you exercise your rights under data protection and make information requests

What do we collect?

From our website, we only collect the information you submit when you complete the contact form or email us directly.

We do collect cookie information from Google Analytics which tells us about the pages you visit on the website, how long you spend on a page and so on  – the cookies don’t tell us who you are but its useful for us to understand how people use the website and help us improve your experience and the resources we provide. Cookies don’t tell us who you are, and of course, you can always switch cookies off.

Most of the data that we collect, other than client data, is from the business cards you’ve given us with the knowledge that it will be used to contact you. So quite simply if you don’t want us to store that information or contact you – even if we might be able to do some great things together or have some great conversations over coffee and cake – then please don’t give your card to us.

The sort of personal information we collect is:

  • Name
  • Job title
  • Organisation name
  • Contact information such as email addresses and telephone numbers
  • Business address
  • Twitter name
  • Website address

How long will the information be kept?

Quite simply as long as its needed and for as long as it’s up to date. If emails bounce back to us because you changed your email address we will delete you from our system. But if you tell us that your email address has changed we’ll overwrite it with the new one.

There are legal requirements for certain types of data and so we will keep the data for as long as legally required.

Client data is only held as long as we have agreed in any relevant contract, or if there is a legal requirement to keep it for longer. After that, we only keep contact details so that we can keep in touch and send you any information we think will be useful to you. And of course, you can opt out of receiving that information at any time.

Who else has access to your information?

From time to time we might work with some associates who have access to your data but that will only be with your consent as part of the agreement between us, these associates will always be required to keep the data safe and will never use it for their own purposes.

And we do work with the wonderful people at Digitally Engaged who send out the business tips, blogs and thought pieces on our behalf. They only hold the names and email addresses of anyone we send this information to. They have their own privacy policy and will never use the data for their own purposes and are required to keep your data safe.

And if you don’t want to hear from us?

  • At the bottom of the business tips, blogs and thought pieces there’s a little button labeled ‘unsubscribe’ I won’t be offended if you click it. I know it sometimes feels as if there are too many emails and things to read or what I’ve been writing about might not be relevant to you any more. So if you unsubscribe we’ll take you off the list straight away. That’s all managed directly by Digitally Engaged so there’s no time delay.
  • If you email, call or write to me and say ‘thank you but no thank you’ or words to that effect I’ll delete you from my records and tell Digitally Engaged straight away so they delete from the records they hold too.

It’s your data and your choice, always.

And if you think that the data we hold is out of date then please email us straight away and we’ll correct it

If you want to know what data we hold about you it is your right to ask for this and we’ll provide the information to you.

Links to other websites

We don’t have many of these but please note this privacy policy only applies to our website and you would need to read the privacy policy of the linked website if you want to know how they will handle your personal data.

Transferring your data outside of Europe

It is possible that our data is held on servers that are outside of Europe, especially where cloud services and SAAS are used. And that’s because our web and/or email hosting company and/or data storage company might from time to time use servers that are not in Europe. Whilst these countries may not be covered by GDPR the organisations usually sign up to an equivalent code or are covered by other data protection legislation.

If you submit personal data to us you are agreeing that this data can be transferred out of the UK for storage or processing and we will always take steps to ensure your data is still protected and that security measures are in place.

Updating the policy

GDPR is new legislation and as sure as eggs are eggs there will be changes because something isn’t working properly, more clarity is needed or case law changes things and that means we, and everyone else, will have to update the privacy policy we use. It’s a pain but it has to be done.

We are signed up to the ICO newsletters and are members of the FSB who send out really useful information for business owners so we’ll know what we have to do and when.

By using our website you are agreeing to be bound but this policy.

If you have any questions or concerns about this policy please email

Thank you for reading this privacy policy.