Privacy Policy

Section 01

Who we are

Nexus Blueprint is the trading name of Crimsonbase IT Ltd, a company registered in England and Wales, based in Brighton, East Sussex.

For the purposes of UK data protection law, Crimsonbase IT Ltd (trading as Nexus Blueprint) is the data controller — meaning we decide how and why your personal data is processed.

Contact details:
Crimsonbase IT Ltd (trading as Nexus Blueprint)
Brighton, East Sussex
Email: [email protected]
Tel: 07550 018283
Website: www.nexusblueprint.co.uk

Section 02

What information we collect

We only collect personal information that you choose to give us. This may include:

When you use our contact form or email us:

• Your name
• Your email address
• Your phone number (if provided)
• Your business name (if provided)
• The content of your message or enquiry

When you become a coaching or mentoring client:

• Your name and contact details
• Information about your business and professional background
• Notes and records from our sessions
• Any documents, plans or materials you share with us
• Billing and payment information (processed securely — see Section 5)

When you sign up to our newsletter or mailing list:

• Your email address
• Your name (if provided)

When you visit our website:

• We may collect anonymised technical data such as browser type and pages visited through cookies (see Section 8)
• We do not collect any personally identifiable information automatically without your knowledge

We do not collect any special category data (such as health information, ethnicity or political views) unless you volunteer it as part of your coaching relationship, in which case it is handled with the strictest confidence.

Section 03

How we use your information

We use the information you provide us for the following purposes:

• To respond to your enquiry — when you contact us through our website or by email
• To deliver coaching and mentoring services — including keeping session notes and tracking progress against your goals
• To manage our business relationship — including sending invoices and processing payments
• To send you our newsletter — only if you have explicitly opted in, and only about topics relevant to business coaching, mentoring and growth
• To improve our website and services — using anonymised analytics data
• To comply with legal obligations — including keeping financial records as required by HMRC

We will never use your information for unsolicited marketing, sell it to third parties, or share it with anyone who doesn't need it to help us deliver our service to you.

Section 04

Our legal basis for processing

Under UK GDPR, we need a lawful basis for processing your personal data. We rely on the following:

• Contract — where processing is necessary to deliver the coaching or mentoring services you have engaged us for
• Legitimate interests — for responding to enquiries and managing our business relationship, where our interests do not override your rights
• Consent — for sending our newsletter and marketing communications. You can withdraw this consent at any time by unsubscribing
• Legal obligation — for keeping financial and business records as required by law

Section 05

Who we share your information with

We do not sell, rent or trade your personal information. We may share it only in the following limited circumstances:

• Service providers — such as our email provider or payment processor, who process data on our behalf and are bound by their own data protection obligations
• Professional advisers — such as our accountant, strictly as needed for legal or financial compliance
• Legal requirements — if we are required to disclose information by law or to protect the rights, safety or property of ourselves or others

Where we use third-party tools (such as email marketing platforms or payment processors), we choose providers who comply with UK GDPR and hold your data securely.

All information shared within a coaching or mentoring relationship is treated as strictly confidential. We will not disclose what is discussed in sessions to any third party without your explicit consent, except where we have a legal or safeguarding obligation to do so.

Section 06

How long we keep your information

We keep your information only for as long as necessary:

• Enquiry data — if you contact us but do not become a client, we will retain your information for up to 12 months in case you get back in touch, after which it is securely deleted
• Client records — we retain session notes and records for up to 3 years after our coaching relationship ends, in line with professional practice standards
• Financial records — invoices and payment records are kept for 7 years as required by HMRC
• Newsletter subscribers — we retain your details for as long as you remain subscribed. You can unsubscribe at any time

When your data is no longer needed, we delete or anonymise it securely.

Section 07

Your rights

Under UK data protection law, you have the following rights:

• Right to access — you can ask us for a copy of the personal data we hold about you
• Right to rectification — you can ask us to correct any inaccurate information
• Right to erasure — in certain circumstances, you can ask us to delete your personal data
• Right to restrict processing — you can ask us to limit how we use your data
• Right to data portability — you can ask for your data in a structured, machine-readable format
• Right to object — you can object to processing based on legitimate interests or for direct marketing
• Right to withdraw consent — where we rely on consent, you can withdraw it at any time

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) — the UK's data protection regulator — at ico.org.uk or by calling 0303 123 1113.

Section 08

Cookies

Our website may use cookies — small text files stored on your device — to help it function and to understand how it is being used.

Strictly necessary cookies are required for the website to work and cannot be switched off. They do not store any personally identifiable information.

Analytics cookies help us understand how visitors use our site (for example, which pages are most visited). We use this information in aggregate form only — it does not identify you personally. Where we use analytics tools, we have configured them to anonymise IP addresses.

You can control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. Note that disabling cookies may affect how the website functions.

We do not use any advertising or tracking cookies, and we do not allow third-party advertisers to place cookies on our website.

Section 09

Keeping your information secure

We take the security of your personal data seriously. We use appropriate technical and organisational measures to protect it against unauthorised access, loss or disclosure. These include:

• Using secure, encrypted email and file storage
• Password-protecting devices that hold client information
• Using reputable, GDPR-compliant third-party services
• Limiting access to personal data to only those who need it

No method of transmission over the internet is 100% secure. While we do everything we reasonably can to protect your data, we cannot guarantee absolute security. If you have concerns about sharing sensitive information, please contact us to discuss a secure alternative.

Section 10

Changes to this policy

We may update this Privacy Policy from time to time — for example, if the law changes or if we change how we operate. Any updates will be posted on this page with a revised "last updated" date at the top.

We encourage you to review this policy periodically. If we make significant changes, we will notify active clients by email.

Section 11

How to contact us

If you have any questions about this Privacy Policy, want to exercise your data rights, or have a concern about how we handle your information, please get in touch: