Privacy Policy


Too busy to read everything? We understand. Here are the most important bits you need to know:

  • How do we use your data and why? We use your personal data to understand how you interact with our website, send you information that you request and in some instances, promote our services to you through marketing activities. 
  • How do you exercise your data subject rights? Under the law, you have ‘data subject rights’ which are designed to protect your privacy. You’ll find out more about these rights below, but in brief, they include things like asking us to delete your data and getting a copy of it. You can exercise your rights by getting in touch with us anytime at
  • How do you opt-out of marketing? You can opt-out of email marketing using the link at the bottom of any email message we send you. 

Want to get in touch? You can email us anytime at

The Basics

Who are we?

We’re The Law Boutique Ltd. We’re a company that respects your privacy and is committed to protecting your personal data. If you have any questions about how we collect, use or share your data, please contact us at

We’re registered with the Information Commissioner’s Office (ICO) (registration no. ZA270513) as a data controller - this means we’re responsible for your personal data. The ICO is the UK supervisory authority for data protection issues (

When we collect and process your personal data, we’re regulated under the Data Protection Act 2018.

What is the purpose of this policy?

We’ve written this policy to make sure you have all the information you need about how we collect and process your personal data, and how we make sure it is kept safe. 

Who does this policy apply to? 

This policy applies to anyone that visits (‘Site’) . This might include our members, customers and anyone else that we process the personal data of. 

How can you complain?

We hope you never have to, but you can complain to us at any time using the details above. You also have the right to make a complaint at any time to the ICO, or any supervisory authority in the EU Member State where you live. We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us first. 

The Details

When do we collect your personal data? 

We use a few different methods to collect data from and about you. These include:

  • Direct interactions - such as when you use our services or visit our Site. 
  • Automated technologies or interactions  - where we automatically collect data about your equipment, browsing behaviour and patterns when you use our Site. Cookies and similar technologies might also be used to collect this information.

What personal data do we collect and why?

We collect personal data for a number of reasons, including to meet our legal obligations, manage our operations, improve our organisation and deliver our services to you. We’ve set out some examples below.

Do we collect special category data? 

We do not collect special category data from you. Special category data means details about things like your race or ethnicity, sex life, political opinions, information about your health etc. 

How long do we keep your data for? 

We won’t keep your personal data for any longer than we need it. We keep your data for the following reasons: 

  • To make sure we can do the things we said we would when we collected it
  • To meet our legal, accounting and reporting requirements

To decide what the fairest period is for keeping your data, we consider different factors, including: 

  • The amount, nature, and sensitivity of the personal data
  • The risk of harm to you that might be caused by unauthorised use or sharing of your personal data
  • The reasons we process your personal data
  • Whether we can achieve our purposes without processing your personal data
  • Any legal requirements we have to meet

Sometimes, we’ll anonymise your personal information (so that it can no longer be connected to you) for research or statistical purposes. If we do, we may keep the information for a long time, and we’re not required to let you know as it will no longer contain any information that could identify you as an individual. 

Do we use cookies and other tracking technologies? 

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer (if you agree). You can’t actually see cookies as they sit in the background of our Site, but they are likely present on most sites you visit. 

We may use cookies to set you apart from other users of our products or services. This helps us to provide you with a good experience, and also helps us to improve our services. You can find out more about the cookies we use in our Cookie Policy. 

What marketing activities do we conduct? 

We want you to know all about us, our services and our products. To do this, we undertake marketing activities which involve using your personal data - such as sending you newsletters via email.

You won’t receive marketing from us by email unless you’ve given us permission or you’ve used our services or products before. 

Third Parties

We sometimes collect and/or share personal data from third parties (provided we always have a lawful basis for doing so). We make sure all third parties keep your personal data safe and only use it in ways they’re allowed, and we also make sure that we get your consent before we share it for marketing purposes.

We’ve outlined below who those third parties are.

What about third party links on our Site?

These might include links to third party websites, plug-ins and applications. Clicking on those links might allow third parties to collect or share data about you. 

We don’t control these third party websites and aren’t responsible for their privacy information. When you leave our Site, we encourage you to read the privacy notice of every website you visit.

Do we transfer data outside of the EEA?

The personal data that we hold about you will be held in the UK and the European Economic Area (‘EEA’), but it might also be transferred to or stored outside the UK or EEA.

When we transfer your data to third parties outside the EEA, we make sure your data is safe. We do this by putting one of the following safeguards in place:

  • Only transferring it to a country the European Commission has decided has a suitable level of protection (known as an adequate country)
  • By putting in place a contract that make sure  the third party outside of the EEA promises to protect your personal data. We’ll also make sure supplementary security measures are put in place where necessary.

If you’re in the EEA or the UK, you can contact us at any time and we’ll let you know exactly what safeguards we’ve put in place for the transfer of your personal data outside the EEA or UK.

Your Rights

What are your rights and how do you exercise them? 

Under the data protection laws, you are entitled to the following rights:

We might ask you to give us information that helps us know that you are who you say you are. This is to make sure we keep yours and our other users’ personal data safe.

We try to respond to legitimate requests within one month of receiving them. Sometimes it might take us longer than a month if your request is complicated or you have more than one request. But don’t worry, we’ll make sure to let you know if we need more time and will keep you updated. 

If you want to exercise any of these rights, please get in touch with us at the details provided above. If you need more information about your rights, including the circumstances in which they apply to you, please see the ICO’s websites or contact us.

How can you withdraw your consent and opt-out of processing? 

You can opt-out of marketing at any time by: 

  • Using the unsubscribe link at the bottom of marketing emails and text we send you 
  • Contacting us at

When you opt-out of marketing, we won’t delete your data - just stop using your personal data for marketing purposes. If you want us to delete your data, please ask us.

Where we’re relying on your consent for other types of processing, you can ask us to withdraw your consent. Sometimes, we might not be able to continue offering you our services if you withdraw your consent. If that’s the case, we’ll let you know.


What security measures do we have in place? 

We will put in place security measures to stop your personal data from being accidentally lost, used or viewed in a way that it shouldn’t be. These methods include: 

  • Taking out any information from the data that could be used to identify you
  • Converting your data into a code that only we understand  
  • Making sure only the people that are allowed to see your data are given access to it
  • Making sure no one tampers or changes your data 
  • Making sure our systems are up-to-date, working, hardy and safe
  • Being able to get your data back quickly if there is an issue
  • Regularly testing our measures to make sure they’re still good enough

We have put in place processes to deal with any breaches of your personal data and we’ll let you know (and any regulatory body) about the breach when we need to.


How can you keep your data accurate? 

We will use reasonable effort to ensure that your personal data is accurate, complete and up-to-date, but please tell us if there are any changes!

What if we want to change the purpose for processing your data? 

We’ll only use your personal data for the purpose we collected it for, unless we reasonably think that we need to use it for another reason (and that reason matches the original purpose). If you want to find out more about these purposes, please get in touch with us. 

If we need to use your personal data for a purpose which is not related to the original one, we’ll let you know and explain the legal basis which allows us to do so.

Updates to this privacy policy

We understand that things change, so we’ll continue to review the effectiveness of this policy and make sure it’s achieving its goals. If you have any questions about this policy or how it works, please get in touch and we’d be happy to chat!