Privacy Policy
Last updated: 30 June 2026
Blackthorne Stratton ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store and protect your personal data when you interact with us or use this website. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (PECR), and align our information security practices with the principles of the ISO/IEC 27001 information security management standard.
1. Data Controller
Blackthorne Stratton is the data controller responsible for your personal data. For any questions about this policy or how we handle your data, contact us at info@blackthornestratton.com.
2. Information We Collect
We may collect and process the following categories of personal data:
- Identity and contact details (name, email address, telephone number);
- Information you provide via our enquiry or recruitment forms, including your message, service of interest or position applied for;
- Professional background and qualifications where submitted for recruitment purposes;
- Technical data such as IP address, browser type and usage data collected via cookies and similar technologies.
3. How We Use Your Data & Lawful Basis
We process your personal data on the following lawful bases under UK GDPR:
- Consent — where you submit an enquiry or recruitment application;
- Legitimate interests — to respond to enquiries, provide our services, and operate and improve our business, provided your rights do not override these interests;
- Contractual necessity — to take steps at your request prior to entering into a contract;
- Legal obligation — to comply with applicable laws and regulatory requirements.
4. Data Sharing & Disclosure
Given the sensitive nature of our work, we maintain strict confidentiality. We do not sell your personal data. We may share data only with trusted service providers acting on our behalf under appropriate contractual safeguards, or where required by law, regulation, or a competent authority.
5. International Transfers
As we operate in London and worldwide, your data may be transferred outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as adequacy regulations or International Data Transfer Agreements, to protect your information.
6. Data Security
We implement appropriate technical and organisational measures aligned with ISO/IEC 27001 principles to protect personal data against unauthorised access, loss, alteration or disclosure. Access to personal data is restricted on a need-to-know basis, and we maintain ongoing review of our security controls.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting or reporting requirements. Enquiry and recruitment data is retained for a reasonable period and securely deleted when no longer required.
8. Your Rights
Under UK GDPR, you have the right to:
- Access the personal data we hold about you;
- Request rectification of inaccurate data;
- Request erasure of your data ("right to be forgotten");
- Restrict or object to processing;
- Data portability;
- Withdraw consent at any time.
To exercise any of these rights, contact us at info@blackthornestratton.com. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority, at ico.org.uk.
9. Cookies
Our website may use cookies and similar technologies to ensure functionality and analyse usage. You can manage cookie preferences through your browser settings. Essential cookies are necessary for the website to operate.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised "last updated" date.
11. Contact
For any privacy-related queries or to exercise your rights, please contact: info@blackthornestratton.com · +44 (0) 7301 578076 · London & Worldwide.