NorthStar Consulting UK Logo
Book Strategy Session

Privacy

NorthStar Consulting UK Privacy Policy


Effective date: 12 February 2026

NorthStar Consulting UK (“NorthStar”, “we”, “us”, “our”) is committed to protecting and respecting your privacy.

This privacy policy explains how we collect, use, store and protect personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and, where applicable, the EU GDPR.

Data controller

NorthStar Consulting UK is the data controller for the purposes of applicable data protection legislation.

Contact details:
NorthStar Consulting UK
73 Holloway Road
London N7 8JZ
United Kingdom
Email: info@northstar-consulting-df1595.ingress-haven.ewp.live

Personal data we collect

We may collect and process the following categories of personal data:

• Name and contact details (such as email address and telephone number)
• Business information (company name, job title, business address)
• Project-related information provided in connection with consultancy services
• Information included in funding or grant applications
• Records of communications with us
• Marketing preferences
• Website usage information (where applicable)

We collect personal data directly from you, from your authorised representatives, or through lawful business interactions.

Lawful basis for processing

We process personal data under one or more of the following lawful bases:

Contractual necessity

Where processing is necessary to perform a contract with you or to take steps prior to entering into a contract.

Legitimate interests

Where processing is necessary for our legitimate business interests, including service improvement, client relationship management and business development, provided such interests do not override your fundamental rights.

Consent

Where you have provided clear consent, particularly for marketing communications.

Legal obligation

Where processing is necessary to comply with legal, regulatory, tax or accounting obligations.

You may withdraw consent at any time by contacting us.

How we use your data

We use personal data to:

• Provide consultancy, funding proposal and implementation services
• Communicate with you regarding ongoing or potential services
• Manage subscriptions and contractual relationships
• Deliver educational programmes, webinars or courses
• Send newsletters and updates where permitted
• Maintain internal business records
• Comply with legal and regulatory obligations

We do not sell personal data to third parties.

Marketing communications

If you enrol in our programmes, subscribe to our services or request information from us, you may receive communications related to our services.

Where required by law, we will obtain your consent before sending marketing communications.

You may unsubscribe at any time using the link provided in emails or by contacting us directly.

Payment information

We do not store or retain credit or debit card details.

Payments are processed securely by certified third-party payment providers who comply with recognised security standards.

Data sharing

We may share personal data with trusted third parties where necessary, including:

• Professional advisers such as lawyers and accountants
• IT service providers and cloud hosting providers
• Payment processors
• Grant bodies or funding authorities (where instructed by you)
• Regulatory or public authorities where required by law

All third parties are required to respect the security of personal data and process it in accordance with applicable law.

International data transfers

Where personal data is transferred outside the United Kingdom, we ensure appropriate safeguards are in place. These may include:

• Transfers to countries deemed adequate by the UK government
• Standard contractual clauses or other approved safeguards

Data retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting and reporting requirements.

Retention periods may vary depending on the nature of the data and the legal obligations applicable to us.

Data security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or disclosure.

Access to personal data is limited to those who have a legitimate business need.

Your rights

Under data protection law, you have the right to:

• Request access to your personal data
• Request correction of inaccurate or incomplete data
• Request erasure of your data in certain circumstances
• Request restriction of processing
• Object to processing based on legitimate interests
• Request data portability
• Withdraw consent where processing is based on consent

To exercise any of these rights, please contact us using the details above.

Right to complain

If you believe your data has been handled unlawfully, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

Information Commissioner’s Office
www.ico.org.uk

We encourage you to contact us first so we can address your concerns.

Changes to this policy

We may update this privacy policy from time to time to reflect legal or operational changes. The latest version will always be available on our website.

Scroll to Top