Privacy Policy

Last updated: 12 February 2026

1. Introduction

Data Science Partners Ltd ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, use our services, or otherwise interact with us.

We are a data science consulting company registered in the United Kingdom. We act as a data controller for the personal data we process. This policy applies to all personal data processed by us, whether collected online or offline.

2. Information We Collect

We may collect and process the following categories of personal data:

2.1 Information You Provide Directly

  • Contact information: name, email address, phone number, and company name when you submit our contact form or correspond with us.
  • Project information: details about your business, data challenges, and requirements that you share during consultations or project engagements.
  • Contractual information: billing details, company registration information, and other data necessary for service delivery.

2.2 Information Collected Automatically

  • Technical data: IP address, browser type and version, operating system, device type, screen resolution, and time zone settings.
  • Usage data: pages visited, time spent on pages, navigation paths, referral sources, and interactions with site features.
  • Cookie data: information collected through cookies and similar technologies (see Section 8 below).

3. How We Use Your Information

We process your personal data for the following purposes:

  • Service delivery: to provide data science consulting, ad hoc solutions, and bespoke product development services as agreed with you.
  • Communication: to respond to your enquiries, provide updates on projects, and send relevant information about our services.
  • Website operation: to administer, maintain, and improve our website, and to ensure content is presented effectively.
  • Security: to protect our website, systems, and users from fraud, abuse, and unauthorised access.
  • Legal compliance: to comply with applicable laws, regulations, and legal processes.
  • Analytics: to understand how visitors use our website so we can improve the user experience.

4. Legal Basis for Processing

We process your personal data on the following legal bases under UK GDPR:

  • Consent: where you have given clear consent for us to process your personal data for a specific purpose (e.g. performance and advertising cookies).
  • Contract: where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legitimate interests: where processing is necessary for our legitimate business interests (e.g. improving our services, responding to enquiries), provided these do not override your rights and freedoms.
  • Legal obligation: where processing is necessary to comply with a legal obligation to which we are subject.

5. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data. We may share your data with the following categories of third parties, only as necessary:

  • Cloud service providers: we use Amazon Web Services (AWS) to host our website and deliver email communications. Data may be processed in AWS data centres within the EEA/UK.
  • Analytics providers: we may use analytics tools to understand website usage patterns. These providers process data on our behalf.
  • Security services: we use Google reCAPTCHA to protect our contact form from spam and abuse. Google may process certain data as described in their privacy policy.
  • Professional advisors: our lawyers, accountants, and insurers where necessary for legal, financial, or insurance purposes.
  • Legal authorities: where we are required to do so by law, regulation, or legal process.

6. International Data Transfers

Where we transfer personal data outside the United Kingdom, we ensure appropriate safeguards are in place in accordance with UK GDPR. This may include:

  • Transferring to countries that the UK Government has deemed to provide an adequate level of data protection.
  • Using specific contracts approved for use in the UK (such as the International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses).

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Contact form submissions: retained for up to 12 months after your last interaction, unless a business relationship is established.
  • Client project data: retained for 6 years following completion of a project, in line with UK statutory requirements for business records.
  • Website analytics data: retained for up to 26 months, after which it is automatically deleted or anonymised.
  • Cookie data: retained in accordance with the cookie lifetimes described in Section 8.

8. Cookies

Our website uses cookies and similar technologies to enhance your experience. We use the following types of cookies:

8.1 Essential Cookies

These are necessary for the website to function correctly. They enable core functionality such as security, session management, and accessibility. These cookies do not require consent and cannot be disabled.

8.2 Performance Cookies

These cookies help us understand how visitors interact with our website by collecting information about pages visited, time spent, and any errors encountered. All data is aggregated and anonymised. These cookies are only set with your consent.

8.3 Advertising Cookies

These cookies may be set by third-party advertising partners to build a profile of your interests and show you relevant content on other sites. These cookies are only set with your consent.

You can manage your cookie preferences at any time through your browser settings. Please note that disabling certain cookies may affect website functionality.

9. Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it, including:

  • Encryption of data in transit using TLS/SSL.
  • Secure cloud infrastructure with access controls and monitoring.
  • Regular security assessments and updates to our systems.
  • Limiting access to personal data to authorised personnel only.
  • Secure handling and disposal of data that is no longer required.

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

10. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access: you can request a copy of the personal data we hold about you.
  • Right to rectification: you can ask us to correct any inaccurate or incomplete data.
  • Right to erasure: you can request that we delete your personal data, subject to certain exceptions.
  • Right to restrict processing: you can ask us to limit how we use your data in certain circumstances.
  • Right to data portability: you can request your data in a structured, commonly used, machine-readable format.
  • Right to object: you can object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please contact us using the details in Section 12.

11. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without appropriate consent, we will take steps to delete that data promptly.

12. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data rights, or have concerns about how we handle your personal data, please contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection, at ico.org.uk.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. Any changes will be posted on this page with an updated revision date. We encourage you to review this page periodically.