top of page
Privacy Policy
This policy explains how Ozria Consulting ("Ozria Consulting", "we", "us", "our") collects, uses, discloses and protects personal data when you visit ozriaconsulting.com or interact with us via our website forms. It is written to comply with the UK GDPR and the Data Protection Act 2018. This policy applies to the new version of our website that will replace the current site.
1) Who we are (Controller)
Controller: Ozria Consulting Ltd
Registered address: Flat 31 37 Sea Road, Westgate-On-Sea, England, CT8 8FJ
Contact: hello@ozriaconsulting.com
ICO registration number: ZB960971
If you have questions about this policy or how we process personal data, contact us at the above email. You also have the right to complain to the Information Commissioner’s Office (ICO) (see §13).
2) What data we collect
We collect the following categories of information:
A. Data you provide directly
-
Contact form: name, work email, company name, job title/position, phone number, industry, your message, and file uploads (supporting documents you choose to attach).
-
Scorecard / assessment form: name, email, company details, role/department, answers to assessment questions, and any optional comments. (See Profiling in §8.)
-
Newsletter/marketing sign‑up: name, email, preferences/consents.
B. Data collected automatically
-
Device & usage: IP address, device type, browser, operating system, pages viewed, time on page, scroll/click events, referring URLs.
Collected via Wix (hosting/analytics) and Google Analytics 4 (GA4).
-
Cookies & similar tech: see §9 (Cookies).
C. Data from third parties (B2B context)
-
Business contact details from referrals, event registrations, or publicly available sources (e.g., LinkedIn) where permitted by law.
We do not ask for or intentionally collect special category data (e.g., health information) via the website. Please do not include such data in uploads or messages.
3) Why we use your data (purposes)
-
Respond to enquiries and provide information you request.
​
-
Deliver services and pre‑contract discussions with prospective clients.
​
-
Operate and secure the website, diagnose issues, and prevent abuse.
​
-
Improve content and user experience through analytics and performance metrics.
​
-
Run marketing campaigns, send newsletters/updates (if you opt‑in or where permitted by law).
​
-
Produce scorecard insights and follow‑up content tailored to your assessment results.
​
-
Comply with legal obligations and enforce our terms.
4) Our legal bases (UK GDPR)
We rely on the following lawful bases, depending on the activity:
​
-
Consent: for non‑essential cookies/analytics where required; marketing emails/newsletters; scorecard participation when not strictly necessary for pre‑contract steps. You may withdraw consent at any time (see §10 and §11).
-
Legitimate interests: to respond to B2B enquiries, operate and improve the website, protect security, and conduct limited B2B outreach relevant to our services. We conduct balancing tests to ensure your interests are not overridden.
-
Contract / pre‑contract: where processing is necessary to take steps at your request before entering into a contract (e.g., responding to a services enquiry, scheduling a demo, preparing a proposal).
-
Legal obligation: to meet record‑keeping, tax, and regulatory duties.
5) Who we share data with (recipients)
We never sell your personal data. We share information with trusted providers who help us run our site and communications:
We require processors to handle personal data securely and only according to our instructions.
6) How we protect your data (security)
We implement appropriate technical and organisational measures to protect personal data, including: TLS encryption in transit, role‑based access controls, least‑privilege, MFA for admin tools, audit logging, and staff confidentiality obligations. File uploads submitted via forms are scanned and access‑restricted. While no system is 100% secure, we continuously assess and improve our controls.
7) International transfers
Your data may be processed outside the UK/EEA by our providers (e.g., Wix, Google, email/CRM vendors). Where we transfer data internationally, we use appropriate safeguards such as UK International Data Transfer Addendum, EU Standard Contractual Clauses, and rely on adequacy decisions where applicable. Copies of relevant transfer mechanisms can be requested (subject to redactions).
8) Profiling & automated decisions (scorecard)
If you complete our scorecard/assessment, we derive an internal score or profile based on your answers to help us tailor follow‑up content and prioritise outreach. This does not produce legal or similarly significant effects for you. You can object to profiling at any time (see §11), and you may request human review of any decisions that meaningfully affect you.
9) Cookies & similar technologies
We use cookies, pixels, and local storage to:
-
Make the website work (strictly necessary cookies)
​
-
Measure performance and usage (analytics cookies)
​
-
Remember your preferences (functional cookies)
​
-
Support marketing (only if/when we run campaigns)
Consent: On your first visit, a banner explains non‑essential cookies and lets you accept/reject or manage preferences. You can change your choices anytime via [link/button to Cookie Settings].
Analytics: We use Wix Analytics and Google Analytics 4 (GA4) to understand how visitors use our site. GA4 does not store IP addresses and can be configured with features such as IP masking and reduced data retention. We endeavour to minimise personal data in analytics and disable Google Signals/Ad Personalisation unless we expressly state otherwise in this policy.
Data retention for GA4: 14 months
Managing cookies: You can also control cookies via your browser settings. Blocking some cookies may affect site functionality.
10) Marketing communications
If you opt‑in to receive marketing emails/newsletters, we will use your details to send updates about our services, insights, or events. You can unsubscribe at any time using the unsubscribe link in our emails or by contacting us (see §1). We will not send you marketing without a valid lawful basis.
11) Your rights (UK GDPR)
You have the following rights, subject to conditions and exceptions:
-
Access to your personal data
​
-
Rectification of inaccurate data
​
-
Erasure ("right to be forgotten")
-
Restriction of processing
-
Portability of data you provided to us
-
Object to processing based on legitimate interests (including profiling) and to direct marketing at any time
-
Withdraw consent where processing is based on consent (this does not affect prior processing)
To exercise your rights, email us at hello@ozriaconsulting.com. We may need to verify your identity before responding.
12) How long we keep your data (retention)
We keep personal data only as long as necessary for the purposes set out above and to comply with legal requirements. Typical retention periods:
13) Complaints
If you are unhappy with how we use your data, please contact us first so we can try to resolve it. You can also complain to the Information Commissioner’s Office (ICO):
ico.org.uk | Tel: 0303 123 1113 | Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, UK.
14) Children’s privacy
Our website and services are not directed to children and we do not knowingly collect data from anyone under 13. If you believe a child has provided personal data to us, please contact us so we can delete it.
15) Third‑party websites
Our site may link to other websites. We are not responsible for their content or privacy practices. Please review their privacy policies.
16) Changes to this policy
We may update this policy from time to time. When we make material changes, we will update the effective date and, where appropriate, notify you (for example, via the site banner/email).
17) Data map (what we process at a glance)
18) Contact us
For questions or to exercise your rights, contact:
Ozria Consulting
Email: hello@ozriaconsulting.com
Postal: Flat 31 37 Sea Road, Westgate-On-Sea, England, CT8 8FJ
bottom of page