Privacy Policy
Effective Date: 18/03/2025
At Kendrey Mediation, we take your privacy seriously. This policy explains how we collect, use, and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and, where applicable, the EU GDPR.
1. Who We Are
Kendrey Mediation is a legal mediation service based in the UK and our Mediator Christopher Wright is also based in the UK. You can contact us regarding this policy at:
Email: [Insert contact email]
Phone: [Insert phone number]
Address: [Insert business address]
2. What Personal Data We Collect
We may collect the following personal information when you interact with our website or services:
- Name, email address, and phone number (if you contact us or complete a form)
- Information relevant to your enquiry or case
IP address, browser type, and other technical data (via cookies) - Any other data you choose to provide voluntarily
3. How We Use Your Data and Legal Bases
We process your personal data for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Responding to enquiries | Legitimate interests / Consent |
| Providing mediation services | Performance of a contract |
| Communicating with you about services | Legitimate interests |
| Improving website performance | Consent (via cookies) |
| Fulfilling legal or regulatory duties | Legal obligation |
4. Data Retention
We only keep your data for as long as necessary for the purposes listed above. In general:
Enquiry data: up to 12 months
Client data: up to 7 years (for legal and regulatory compliance)
Website analytics data: up to 26 months
We regularly review our retention periods and securely delete data that is no longer needed.
5. Sharing Your Information
We do not sell your personal information. We may share it with trusted third parties only when necessary, including:
- Service providers who help us run our website (e.g., hosting, analytics)
- Legal or regulatory authorities, if required by law
We ensure all third-party providers respect your data and comply with data protection laws.
6. International Data Transfers
Some third-party tools (e.g. Google Analytics) may transfer data outside the UK or EU. When this happens, we ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions.
7. Your Rights Under GDPR
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Request deletion of your data (in certain circumstances)
- Object to or restrict processing
- Withdraw consent (where consent is the basis)
- Lodge a complaint with the ICO (UK’s data protection authority)
- To exercise any of these rights, contact us at [Insert contact email].
8. How We Protect Your Data
We use appropriate technical and organisational measures to safeguard your personal information, including secure servers, encryption, and limited access controls.
However, no method of internet transmission is completely secure. We encourage you to take precautions when sharing personal information online.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the “Effective Date” above. Continued use of our website or services implies acceptance of the updated policy.
