Combination lock and credit cards on a laptop keyboard, representing security and online privacy.

Privacy Policy

Your Privacy, Your Control

1. Who We Are

WJA provides forensic policy refinement and advisory services with a commitment to safeguarding your personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. What Data Do We Collect?

We collect only the data necessary for the purposes outlined below:

  • Identity & Contact Details – Name, email, phone number.

  • Professional Information – Information relevant to advisory services.

  • Website Usage Data – IP address, cookies, and analytics (where consented).

  • Client Communications – Information shared via consultations, forms, or correspondence.

3. How & Why We Use Your Data

Your data is used strictly for the following lawful purposes:

  • Service Provision & Client Engagement – To deliver tailored advisory services, respond to inquiries, and fulfil contractual obligations.

  • Legal & Regulatory Compliance – Where required for tax, accounting, or regulatory purposes.

  • Website & Service Improvement – To enhance the user experience (where consent has been provided).

  • Security & Fraud Prevention – To protect against unauthorised access or misuse.

I do not use your data for marketing unless you have explicitly consented.

4. Legal Basis for Processing

Under UK GDPR, I process your data on the following legal bases:

  • Contractual Necessity – To provide agreed services.

  • Legitimate Interests – To improve services, ensure security, and maintain business operations.

  • Legal Obligation – Where data retention is required by UK law.

  • Consent – For non-essential communications, cookies, or analytics.

5. How We Protect Your Data 🔒

I take data security seriously and implement the following measures:

  • Encryption & Secure Storage – All data is securely stored on encrypted UK-based servers.

  • Access Control – Restricted access to authorised personnel only.

  • Cybersecurity Best Practices – Measures aligned with UK Cyber Essentials and professional security standards.

  • Regular Audits & Risk Assessments – Continuous monitoring of data security threats.

6. Data Sharing & Third Parties

I do not sell or share your data for marketing purposes. Data is only shared when necessary with:

  • Service Providers – Secure hosting, IT security, or legal compliance services.

  • Legal & Regulatory Authorities – If required by UK law or legal obligation.

All third-party providers are contractually bound to UK GDPR compliance.

7. Data Retention & Your Rights

I retain your data only for as long as necessary for the purposes collected, in line with legal requirements.

Your Rights Under UK GDPR

You have the right to:
- Access – Request a copy of the data we hold about you.
- Correction – Request corrections to inaccurate data.
- Deletion (Right to be Forgotten) – Request erasure where legally applicable.
- Restrict Processing – Limit how your data is used under certain conditions.
- Withdraw Consent – Where consent is the basis for processing (e.g., marketing or cookies).

8. Cookies & Tracking Technologies

Cookies used are to enhance your website experience. You can manage preferences via browser settings or opt out of non-essential cookies at any time.

9. Contractual & Advisory Relationship

  • Engaging WJA does not establish a solicitor-client, fiduciary, or legal advisory relationship unless expressly agreed in writing.

  • Any policy reviews or forensic communication analysis provided do not constitute formal legal advice but are intended for strategic insight.

10. Complaints & Contact

If you have any concerns about how we handle your data, please email us at: chantalgerman@me.com

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at www.ico.org.uk.