kathryn corrick - logo

strategy | data | capability building

book a free consultation

privacy notice

This notice was last updated on: February 2026
Related pages: third-party processors

This policy explains what personal information we (Kathryn Corrick) collect, how it is used and shared. Kathryn Corrick is a French registered entrepreneur and the use of your data is governed under French and EU regulations. The policy applies to users of this website, our customers and clients.

  1. privacy notice
    1. Children’s information
    2. What information we collect, use, and why
    3. Where do we get information from?
    4. your data protection rights
    5. Our lawful bases for the collection and use of your data
    6. How long do you keep data for?
    7. How is my information stored, transferred and kept secure?
    8. Security
    9. How might my personal information be shared?
    10. Legal requests
    11. Changes to this policy
    12. Complaints

Children’s information

Whilst visitors of all ages may navigate this site we do not intentionally collect information about people under 13 years old. You must be 13 years old or over to sign up or submit any personal information through our website (for example, to make a comment on a blog post). If you believe a person under 13 years old has provided us with their personal information, or have any concerns regarding this aspect of our policy, please get in touch.


What information we collect, use, and why

We collect or use the following information to provide and improve products and services for clients:

  • Names and contact details
  • Roles and organisations
  • Usage data (including information about how you interact with and use our website, products and services)
  • Information relating to compliments or complaints
  • Written records of meetings and decisions
  • Website user information

We collect or use the following personal information for the operation of client or customer accounts:

  • Names and contact details
  • Purchase or service history
  • Information used for security purposes
  • Marketing preferences
  • Technical data, including information about browser and operating systems

We collect or use the following personal information for information updates or marketing purposes:

  • Names and contact details
  • Marketing preferences

We collect or use the following personal information for recruitment purposes:

  • Contact details (eg name, address, telephone number or personal email address)
  • Your LinkedIn profile pages or other social media profiles you provide us
  • Employment and education history (eg CV, job application, employment references or secondary employment)

We collect or use the following personal information for dealing with queries, complaints or claims:

  • Names and contact details
  • Correspondence

Where do we get information from?

Information collected automatically
When you use our website we automatically collect information about your visit. This helps us understand how to improve our site and services. This data collection does not identify you personally.

We capture information such as your IP Address, operating system, screen display settings, browser type. We may approximate your location from your device using a combination of your IP address or through the GPS, Bluetooth or WiFi connection information used by your device.
The data is stored, managed and only accessible by us.

We use automatically collected device information to:

  • protect the website from spam and to keep the website secure
  • ensure that the user experience is delivered in a form suited to the software your device is using
  • assist in providing support to you should you have difficulty accessing or participating on the site
  • anonymise statistics – for use in research purposes, for example to determine the percentage of our users in a specific country who use a certain type of browser.

Information you provide
We collect information you provide to us when you register details on our website, such as to make a blog post comment or opt-in to receive a newsletter, or contact us. This includes:

  • if we meet face to face, by phone or on social media
  • if you provide information to us when we do business with each other, this can include invoice, billing and payment details
  • if you apply for a job, if we contract or employ you.

Information provided by others
We collect information about you from other people and organisations when:

  • They recommend you or include you in communications with us
  • Via social media accounts of another user if your settings permit it. For example, if you are their friend on Facebook and haven’t limited that feature.
  • Through publicly available information and online business networks, for example: LinkedIn

your data protection rights

Under EU data protection law, we must have a “lawful basis” for collecting and using your personal information. Which lawful basis we rely on may affect your data protection rights which are set out in brief below. You can find out more about your data protection rights and the exemptions which may apply on the CNIL’s website:

  • Your right of access – You have the right to ask us for copies of your personal information. You can request other information such as details about where we get personal information from and who we share personal information with. There are some exemptions which means you may not receive all the information you ask for.
  • Your right to rectification – You have the right to ask us to correct or delete personal information you think is inaccurate or incomplete.
  • Your right to erasure – You have the right to ask us to delete your personal information.
  • Your right to restriction of processing – You have the right to ask us to limit how we can use your personal information.
  • Your right to object to processing – You have the right to object to the processing of your personal data.
  • Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you.
  • Your right to withdraw consent – When we use consent as our lawful basis you have the right to withdraw your consent at any time.

If you make a request, we must respond to you without undue delay and in any event within one month.

To make a data protection rights request, please contact us using the contact details in the footer of this website.

You can amend or delete your own information in the following ways:

  • If you registered to make a comment on the website, you can amend your details, edit or delete your comments on the website.
  • If you have opted in to receive an email newsletter we provide a link to unsubscribe in every email.
  • For all other amendments and requests for deletion, please use the contact details in the footer of this website to get in touch.

Note: When data is deleted it can take up to a maximum 180 days for it to be completely wiped from some third party services we use (see clause 6.1 of G Suite’s policy relating to this here). However, it will no longer be available or recoverable by us or any of the systems we use.

Our lawful bases for the collection and use of your data

Our lawful bases for collecting or using personal information to provide and improve products and services for clients are:

  • Contract – we have to collect or use the information so we can enter into or carry out a contract with you. All of your data protection rights may apply except the right to object.
  • Legitimate interests – where you are a customer we may use this lawful basis, where you’d reasonably expect us to get in touch beyond the direct contract – such as to update you with relevant news and information or new products or services that might be of interest to you. Where we use this basis we will test the purpose, necessity and balance of rights for using it.

Our lawful bases for collecting or using personal information for the operation of client or customer accounts are:

  • Contract – we have to collect or use the information so we can enter into or carry out a contract with you. All of your data protection rights may apply except the right to object.

Our lawful bases for collecting or using personal information for information updates or marketing purposes are:

  • Consent – we have permission from you after we gave you all the relevant information. All of your data protection rights may apply, except the right to object. To be clear, you do have the right to withdraw your consent at any time.
  • Legitimate interests – where you are a customer we may use this lawful basis, where you’d reasonably expect us to get in touch beyond the direct contract – such as to update you with relevant news and information or new products or services that might be of interest to you.
  • Contract – we have to collect or use the information so we can enter into or carry out a contract with you. All of your data protection rights may apply except the right to object.

Our lawful bases for collecting or using personal information for recruitment purposes are:

  • Contract – we have to collect or use the information so we can enter into or carry out a contract with you. All of your data protection rights may apply except the right to object.

Our lawful bases for collecting or using personal information for dealing with queries, complaints or claims are:

  • Contract – we have to collect or use the information so we can enter into or carry out a contract with you. All of your data protection rights may apply except the right to object.

How long do you keep data for?

We do not store your data longer than necessary. We regularly review our records to remove or anonymise data if it should no longer be retained. The criteria we use for this is:

  • do we still carry out the activities for the purposes the data was provided?
  • is this information still up to date?
  • are we required to keep this data for other regulatory purposes?
  • are there contractual requirements?

Some records we are required to retain by law for certain lengths of time. These include for tax and employment purposes.

How is my information stored, transferred and kept secure?

To manage our business we use a number of third party services who process your data on our behalf. This is for tasks such as to operate our email, host this website, manage documents. We keep an up to date list here.

These services cannot share your data with anyone. The website is hosted at WordPress.com. Where a third party supplier is not based in the EU, European Economic Area (EEA) or UK, or where data may be transferred outside the EEA, we have put in place agreements to ensure that your data is processed as per European law.

Security

If we are informed of a data breach we will contact the CNIL (the French information regulator) and those affected within 72 hours of discovery.

How might my personal information be shared?

Unless required by law (see Legal requests below), we don’t and won’t share your personal data with anyone without your consent. We use third parties to process your information on our behalf (see above) but these services cannot share your data with anyone.

We may retain and disclose your personal information if legally required to do so. For example, if required by law or by a Court order or if we believe that action is necessary to prevent fraud or cyber-crime or to protect Kathryn Corrick or the rights, property or personal safety of any person.

All such requests are assessed and we will challenge the basis of the request if it is not made by an officer with proper authority, the request lacks a proper statutory basis or appears too broad or vague as to its scope or purpose.

Changes to this policy

The date at the top of this page will be updated to reflect from when the changes are effective.

Complaints

If you think that the way in which we have processed your personal data infringes legislation concerning data protection, you may submit a complaint with the French information regulator (CNIL: cnil.fr/fr/plaintes) or in the EU Member State of your usual residence, your place of work.