Legal

Privacy Policy

Effective 6 July 2026

Who we are

GMayers Services Ltd ("we", "I") is the data controller for personal data collected through this website. We are registered in England and Wales, Company No. 13817576, registered office: 4 Candwr Park, Ponthir, Newport, NP18 1HL. For anything related to your personal data, contact [email protected].

What we collect, and why

  • Contact form — your name, work email, company name, team size and a description of your situation. Used solely to respond to your enquiry and, if we both choose to proceed, to prepare for a diagnostic conversation. Lawful basis: legitimate interest in responding to enquiries you initiate.
  • Founder Reality Report opt-in — your first name and email, used to send you the report and occasional related emails. Lawful basis: consent. Every email includes an unsubscribe link, and unsubscribing stops all further contact.
  • People Dependency Map diagnostic — your email at the results gate, plus your diagnostic answers. Your answers are stored pseudonymously, and anonymised scores may be retained for benchmarking in a form that can no longer identify you. Lawful basis: consent, recorded at the point you give it. You can request a copy or erasure of your diagnostic data at any time via the link provided with your results.
  • Server logs — our hosting infrastructure and Cloudflare record IP addresses and request metadata for security and reliability. Lawful basis: legitimate interest in operating the site securely. Logs are rotated routinely.

What we don't do

We don't sell or rent your data. We don't run advertising or cross-site tracking. We don't send marketing email you haven't opted into.

Who processes your data for us

Your data is stored on our own servers hosted with our infrastructure provider in the UK/EEA. Cloudflare provides security and content delivery in front of the site. Email is delivered through our email service provider. Each acts as a processor under contract and only on our instructions.

How long we keep it

Contact enquiries are kept for as long as needed to handle the enquiry and any engagement that follows, then deleted. Mailing list data is kept until you unsubscribe. Diagnostic data is kept until you request erasure; anonymised benchmarking scores are retained indefinitely because they cannot identify you.

Client portal

Data inside the client portal is processed under the contract with each client, which governs its use, retention and confidentiality. This policy covers the public website; portal-specific terms are set out in your engagement agreement.

Cookies

This site sets only strictly necessary cookies: a CSRF token that protects form submissions, a session cookie if you log in to the client portal, and Cloudflare's security cookies. No analytics or marketing cookies are set, which is why there is no cookie banner.

Your rights

Under UK GDPR you can ask for access to, correction of, or erasure of your personal data; ask us to restrict or object to processing; and withdraw consent at any time where consent is the basis. Email [email protected] and we'll respond within one month.

If you're unhappy with how we've handled your data, you can complain to the Information Commissioner's Office (ICO) at ico.org.uk.

Changes to this policy

If this policy changes materially, the effective date above will be updated and, where we hold your email for an active purpose, we'll tell you directly.