Last Updated: 16th March 2026

Welcome to stuartchapman.com ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data when you visit our website https://www.stuartchapman.com/ (the "Site") and tell you about your privacy rights and how the law protects you.

1. Important Information and Who We Are
   
   Controller
   For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, Stuart Chapman is the data controller and is responsible for your personal data.
   
   Contact Details
   
   
   1. Name: Stuart Chapman
   2. Email address: sjc@stuartchapman.com
      
      
2. The Data We Collect About You
   
   Personal data means any information about an individual from which that person can be identified. We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together as follows:
   
   
   1. Identity Data: Includes first name, last name, username, or similar identifier.
   2. Contact Data: Includes email address and telephone numbers.
   3. Technical Data: Includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this Site
   4. Usage Data: Includes information about how you use our website, products, and services.
   5. Marketing and Communications Data: Includes your preferences in receiving marketing from us and your communication preferences.
      
      
3. How We Collect Your Data
   
   We use different methods to collect data from and about you, including through:
   
   
   1. Direct interactions: You may give us your Identity and Contact Data by filling in forms or by corresponding with us by post, phone, email, or otherwise.
   2. Automated technologies or interactions: As you interact with our Site, we will automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies.
      
      
4. How We Use Your Personal Data (Legal Basis)
   
   Under the UK GDPR, we must have a lawful basis for processing your personal data. We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
   
   
   1. Performance of a Contract: Where we need to perform the contract we are about to enter into or have entered into with you (e.g., to provide a service you requested).
   2. Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., to keep our website updated and relevant, to study how customers use our services).
   3. Consent: Where you have given clear consent for us to process your personal data for a specific purpose (e.g., sending you a marketing newsletter). You have the right to withdraw consent at any time by contacting us.
   4. Legal Obligation: Where we need to comply with a legal or regulatory obligation.
      
      
5. Disclosures of Your Personal Data
   
   We may share your personal data with external third parties for the purposes set out in Section 4, including:
   
   
   1. Service Providers: Acting as processors based in the UK or internationally who provide IT and system administration services (e.g., website hosting, email delivery, analytics providers like Google Analytics).
   2. Professional Advisers: Including lawyers, bankers, auditors, and insurers.
   3. Legal Authorities: HM Revenue & Customs, regulators, and other authorities based in the UK who require reporting of processing activities in certain circumstances.
      
      
6. International Transfers
   
   Some of our external third parties (e.g., website hosts or analytics tools) may be based outside the UK, so their processing of your personal data will involve a transfer of data outside the UK.
   
   Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
   
   
   1. We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
      
      
   2. Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK (e.g., International Data Transfer Agreements or Addendums).
      
      
7. Data Security
   
   We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know.
   
   
8. Data Retention
   
   We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. By law, we have to keep basic information about our customers (including Contact, Identity, Financial, and Transaction Data) for six years after they cease being customers for tax purposes.
   
   
9. Your Legal Rights
   
   Under the UK GDPR, you have the right to:
   
   
   1. Request access to your personal data (commonly known as a "data subject access request").
   2. Request correction of the personal data that we hold about you.
   3. Request erasure of your personal data.
   4. Object to processing of your personal data where we are relying on a legitimate interest.
   5. Request restriction of processing of your personal data.
   6. Request the transfer of your personal data to you or to a third party (data portability).
   7. Withdraw consent at any time where we are relying on consent to process your personal data
      
      If you wish to exercise any of the rights set out above, please contact us at [Insert Contact Email Address]. We try to respond to all legitimate requests within one month
      
      
10. Complaints
    
    You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.