Privacy Policy

At A Bird’s Eye View Ltd (“we, “us”, “our”) we are dedicated to safeguarding and preserving your privacy and to protecting your personal data. In compliance with applicable legislation, this privacy policy explains how A Bird’s Eye View collects and treats any personal information we obtain about you when you visit our site, you communicate with us or when we have received your personal data in the conduct of our business. It also informs you about your privacy rights and how the law protects you.

The Basis For Processing Personal Data:

The following sections explain how and why we process your personal data, as well as the legal basis on which this processing is carried out when we conduct our business and deliver our services to clients.

Communicating with you

We may process personal data in order to provide you with, or inform you about, our various strategic marketing and consultancy services.

Where you are someone who is interested in our services, or where you work for and on behalf of a client or a third party with whom we might, or choose to, collaborate with in providing our services, you may contact us with a question in connection with our services and/or request information from us, or simply be providing us with information which requires a polite response and in these circumstances we may process your personal data in order to communicate with you.

We may also need to notify you of improvements or changes that may affect our services and where you work for a client or third party partner we may also use your personal information to send you invoices, statements, or (where applicable) payment reminders.

The legal basis on which we process an individual’s personal data in these circumstances is our respective legitimate interests in providing and receiving business related information in order to manage and operate our respective businesses in a responsible manner.

Delivering our services

Where we provide our clients with strategic insight and research work (for example related to their stakeholders and/or customers and which may involve us conducting interviews and/or being involved in focus groups with research participants), we do so directly and/or by working with  selected third party partners. When we carry out such work it may be necessary to process personal data in order for us to deliver our services to our client.

The legal basis on which we process any personal data related to an individual in these circumstances is on the written instructions of our clients who have the necessary consents from the individuals involved (which are collected by our client or a third party acting on instructions from our client).

Where we generate strategic insight and research work ourselves or in partnership with other third parties, we do so working with selected third party providers. Such research is conducted on an anonymised basis using the third party services of Survey Monkey. An individual’s personal data is only shared with us if the individual has explicitly consented to that personal data being shared with us solely for the purposes of the research (such as providing us with express permission to follow-up with additional questions, or to receive the findings of the research to which they have contributed).

Business development, referrals and marketing

In a business-to-business context, we may engage with individuals in connection with our services and we may use contact details for such purposes.

The legal basis we rely on for making contact and processing such personal data is our shared legitimate interests in doing business.

Making our website better

When you visit our website ( we may process your personal data to help us improve your user experience. We use various cookies to help us improve our website (for more information on our use of cookies, please see our Cookies Policy) and may share such personal data with the third party analytics and search engine providers. We do this to find out things (such as the number of visits to the various parts of the website) that assist us in the improvement and optimisation of our website. For example, we use Google Analytics to collect standard internet log information and details of visitor behaviour patterns. This information is only processed anonymously (i.e. in a way which does not personally identify you). It is held for 14 months and then automatically deleted.

We may also process personal data for the purposes of making our website more secure, and to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.

The legal basis on which we process personal data in these circumstances is our legitimate interest to provide individuals with the best customer experience we can, and to ensure that our website is kept secure.

Categories of Information We Collect and Hold:

When we are in contact with you in relation to our services (which is usually by email or telephone) we may collect the information you provide to us, which in addition to any relevant work-related content that you share with us, may include personal information such as your name, email address, mobile or direct dial telephone number, your title within and the name of the company for which you work.

When you visit our website we make use of log files and may automatically collect technical information (including Internet Protocol (IP) addresses, browser specifications, date/time stamps and operating system and/or platform details) and other information about your visit (such as full Uniform Resource Locators (URL), clickstream activity to, through and from our website, length of visits to certain pages, page interaction information and methods used to browse away from a page).

If you do business with us, we also collect and keep your business details, and records of the contracts we sign with you, the invoices we send you and the payments you make.

Categories of Recipients of Personal Data:

The details in our privacy policy relating to third parties other than A Bird’s Eye View are for information only. We are not responsible for the privacy policies or practices of third party recipients of your personal data. Where third parties are recipients of your personal data from us, please ensure that you read any information those third parties provide about how, why and the legal basis for, their processing of such personal data and make your own enquiries in respect of them.

For operating our business and in order to provide our clients with our services, we use third party service providers who may process personal data on our behalf. These relate to the following areas:

Website content

Our website is built on the WordPress platform. is run by Automattic Inc. For more information about how WordPress processes personal data, please see Automattic’s privacy policy.

Conducting Research

We use third party services from Survey Monkey to conduct research. For more information about how Survey Monkey processes personal data, please see Survey Monkey’s privacy policy.

Security and performance

A Bird’s Eye View uses third party services from GoDaddy and Orcadia Design Ltd to host and help maintain the security and performance of the website.

The computer(s), mobile device(s) and office management software we operate use encryption technology to protect email traffic, communication and content in line with government guidelines. We also monitor emails sent to us, including file attachments, for viruses or malicious software.

Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

Storage, Access and Retention:

We operate our business with suitable technical and organisational measures to ensure appropriate levels of security in relation to the personal data we process. The following sections provide an overview of the measures we have taken.

Where we store your information

We will take all reasonable steps to make sure your personal data is treated securely and in agreement with this privacy policy. When you contact us by email or through our website, we store your information using Microsoft Office365. We also use accounts software Xero to store your information in relation to our client and financial accounts. We chose these systems partly for their commitment to security.

The information that we collect about individuals will be stored in (and will not be transferred outside the European Union (EU).

Whenever we transfer personal data out of the EU, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
  • Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.

If further information on the specific mechanism used by us when transferring an individual’s personal data out of the EU is required please contact us directly (please see below for our contact details).

Who has access to information about you

When we store information in our own systems, only the people who need it have access. Our management team have access to everything you have provided, but individual employees have access to only what is necessary for them to be able to do their job.

The steps we take to keep your information private

Where we store your personal information via third-party services, we restrict access only to people who need it through the use of encrypted passwords for access and content. The computers we use are all encrypted and protected by a passcode or fingerprint access. These computers ask for authentication whenever they are started or after 5 minutes of inactivity. Our mobile devices are also protected by a fingerprint, code and two-factor security.

How long do we keep your personal data

Where a client purchases services from us, we may retain data relating to that contract (which could include personal data) for a period of seven (7) years after the services were provided to the client, to ensure that we are able to assist with any questions or feedback in relation to our services or to enforce, or protect, or defend our legal rights.

Where we have processed an individual’s personal data for any other reason (such as where the individual has contacted us with a question in connection with our services) we will retain the individual’s data for 12 (twelve) months from such contact.

Your Rights:

Under certain circumstances, you have rights under data protection laws in relation to the personal data we hold about you. These include the:

  • Right to be informed– you have the right to know whether or not we are processing personal data that concerns you.
  • Right to access– you have the right to request a copy of any personal data we hold that concerns you and can check that we are lawfully processing it.
  • Right to rectification– you have the right to the correction of any personal data we hold that concerns you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide us.
  • Right to erasure– you have the right to have your personal data deleted or removed from our systems when there is no good reason for us to continue processing it; you also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (please see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with applicable laws.
  • Right to restriction of processing – you may request restriction to the processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  • Right to data portability – you have the right to receive your personal data in a structured, standard machine readable format and to have it transferred to you or another controller.
  • Right to object – you have the right to object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Should you wish to exercise any of these rights, please contact us by email (please see below for our contact details).

You can find out more about your rights (including your rights in relation to automated decision making and profiling) under the GDPR here.

Making a complaint

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues ( We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please do get in contact with us first (please see below for our contact details).

For the purposes of data protection laws, A Bird’s Eye View is a controller and is registered with the Information Commissioner’s Office (ICO) under number ZA462832.

Who we are and how to contact us

A Bird’s Eye View Limited is a company incorporated in England and Wales, with company number 09053223. Our registered office is: 1 Golden Court, Golden Court, Richmond, England, TW9 1EU.

Helena Wayth, Managing Director is responsible for our data protection compliance. You can contact her by email at:

If you want to request further information about our privacy policy, or exercise your legal rights as set out above, you can email us or write to us at the address above.

Changes to this privacy policy

We keep our privacy policy under regular review. This privacy policy was last updated on 30 April 2020.

Use of cookies by A Bird’s Eye View

You can read more about how we use cookies in our Cookies Policy.