Privacy Policy

1. About This Policy

Meridian Growth Partners Ltd ("MGP", "we", "us") is a personal development and consulting firm registered in England and Wales. This Privacy Policy sets out how we collect, use, store, and protect personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all individuals who interact with our website, engage our services, or correspond with us.

Our data protection contact can be reached at contact@tempestcircuit.com.

2. Data Controller

Meridian Growth Partners Ltd acts as the data controller for all personal data described in this policy. We determine the purposes and means of processing your personal data and are accountable for ensuring compliance with applicable data protection legislation.

3. Personal Data We Collect

We may collect and process the following categories of personal data:

• Identification data: Your full name, job title, professional qualifications, and employer or organisation name.
• Contact details: Email address, telephone number, and business address.
• Engagement data: Information you provide when enquiring about or registering for our programmes, including goals, professional background, and areas of interest.
• Financial data: Payment details and billing information necessary for processing transactions.
• Digital data: IP address, browser type, device identifiers, operating system, referral source, and browsing behaviour on our website.
• Communication records: Content of emails, messages, and notes from meetings or calls.

4. How We Use Your Data

We process your personal data for the following specific purposes:

• To respond to enquiries and conduct initial discovery conversations.
• To deliver executive coaching, leadership development, and organisational consulting services.
• To manage programme enrolments, scheduling, and administration.
• To process payments and maintain financial records.
• To communicate relevant insights, research, and updates where you have given consent.
• To analyse website performance, optimise user experience, and improve our digital presence.
• To fulfil our legal, regulatory, and contractual obligations.

5. Legal Grounds for Processing

We process personal data on the following lawful bases under the UK GDPR:

• Performance of a contract: Processing necessary to deliver services you have engaged us to provide, or to take steps prior to entering into a service agreement.
• Consent: Where you have freely given, specific, informed, and unambiguous consent — for example, subscribing to our newsletter or opting in to marketing communications.
• Legitimate interests: Processing necessary for our legitimate business interests, such as improving our services, protecting against fraud, and conducting business development — where these interests are balanced against your rights.
• Legal compliance: Where processing is necessary to comply with a legal obligation to which we are subject.

6. Data Sharing

We do not sell, rent, or trade your personal data. We may share your information with the following categories of recipients, only to the extent necessary:

• Service providers who support our operations (hosting, email, payment processing, analytics).
• Professional advisers, including solicitors and accountants, as required for business administration.
• Regulatory authorities or law enforcement, where legally compelled to do so.

All third-party processors are bound by data processing agreements that require them to handle data in accordance with UK GDPR standards.

7. Data Retention

We retain personal data for no longer than necessary to fulfil the purposes for which it was collected:

• Active client records: retained for the duration of the engagement plus 6 years thereafter.
• Prospective client enquiry data: retained for 18 months from the date of last contact.
• Newsletter and marketing data: retained until you withdraw consent or unsubscribe.
• Financial records: retained for 7 years in accordance with HMRC requirements.
• Website analytics: retained in aggregated, anonymised form for up to 24 months.

8. Your Rights

Under the UK GDPR, you have the following rights regarding your personal data:

• Right of access: Obtain confirmation of whether we process your data and request a copy of it.
• Right to rectification: Request correction of inaccurate or incomplete data.
• Right to erasure: Request deletion of your data where there is no lawful basis for continued processing.
• Right to restrict processing: Request that we limit the way we use your data in certain circumstances.
• Right to data portability: Receive your data in a structured, commonly used, machine-readable format.
• Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent: Where consent is the lawful basis, withdraw it at any time without affecting prior lawful processing.

To exercise any of these rights, please contact contact@tempestcircuit.com. We will respond within one calendar month.

9. International Transfers

Your data is predominantly stored and processed within the United Kingdom. Where international transfers occur (for example, through the use of cloud-based service providers), we ensure appropriate safeguards are in place, including standard contractual clauses approved by the UK ICO or reliance on adequacy decisions.

10. Security Measures

We take the security of your data seriously. Our measures include TLS encryption for data in transit, encrypted storage for data at rest, role-based access controls, multi-factor authentication for key systems, regular penetration testing, and ongoing staff training on data protection best practices.

11. Supervisory Authority

If you are dissatisfied with how we process your personal data, you have the right to complain to the Information Commissioner's Office (ICO). The ICO can be contacted at ico.org.uk or by telephone on 0303 123 1113.

12. Policy Updates

This policy may be updated to reflect changes in our practices, legal requirements, or operational needs. When material changes are made, the revised policy will be published on this page with an updated effective date.

13. Contact

For any questions or concerns about this Privacy Policy, please contact us:

Meridian Growth Partners Ltd
Email: contact@tempestcircuit.com