top of page
Privacy Policy

Last Update: August 20th, 2023


This privacy policy (“Privacy Policy”) describes the collection of personal information by Simon Wynn Consulting, an independent consulting organization (“Simon Wynn Consulting”, “we,” “us”, or “our”) from users (“you”, “your”, “Client”, “Clients”) of our website at (our “Site”) along with other services provided by us and on which a link to this Privacy Policy is displayed (collectively, our “Services” or “Consulting Services”). 

This Privacy Policy also describes your rights as a data subject to inquire about your personal information that we process and describes certain rights that you, as the data subject, have regarding this information.

For the purposes of EU, United Kingdom, and Swiss data protection laws, Simon Wynn Consulting is a data controller (i.e., the organization that is responsible for and controls the processing of your personal information). 
Please read this Privacy Policy carefully to understand our practices regarding your personal information and how we will use it. By accepting this Privacy Policy, you agree to the collection, storage, use, and disclosure of your personal information as described in this Privacy Policy.

Contacting us

If you have any questions or comments about this Privacy Policy, please contact us using the following contact information:

Simon Wynn Consulting:

What information do we collect?

We use your personal information to carry out the obligations arising from providing our Services, namely, to provide this Site and its functionality, and to provide our Consulting Services to you. This section describes the types and categories of personal information we may collect, and how we may use that information. 

Information you provide us directly

We collect personal information that you provide when you use the ‘Contact’ form on our Site, when you interact with our blog,  and when you use our Services. We use this personal information in a variety of ways, and this personal information includes the following:

  • If you engage and use our Consulting Services as a Client, we may store email correspondence, notes, files and other documentation containing your personal information;

  • When you complete the ‘Contact’ form on the Site, we retain and use your first and last name, e-mail, and phone number to contact you regarding our Services, and to keep records of when we contacted you;

  • If you comment on, or otherwise interact with a blog post, you will be required to create an account on the Site or login using Google or Facebook. We only receive your first and last name, and email, when you do this;

  • Through your use of the blog section of our Site, we collect any comments, replies, hyperlinks of other content you provide (“User Generated Content”).

Automatically collected information

When you visit our Site, some information is collected automatically and is not provided directly by you. For example, when you access our Site, we automatically collect your browsers Internet Protocol (IP) address, your browser type, the nature of the device from which you are visiting the Service (e.g., a personal computer or a mobile device), the identifier for any handheld or mobile device that you may be using, the web site that you visited immediately prior to accessing our Site, the actions you take on our Site, and the content, features, and activities that you access and participate in on our Site. 

We may collect this information passively in our server logs. We may also collect information passively using technologies such as cookies, clear image files, or Javascript tags, as described in the section “Cookies and Similar Technologies” in this Privacy Policy.  We use passively-collected information to administer, operate, and improve our Site. If we link or associate any information gathered through passive means with personal information, or if applicable laws require us to treat any information gathered through passive means as personal information, we treat the combined information as personal information under this Privacy Policy. Otherwise, we use and disclose information collected by passive means in aggregate form or otherwise in a non-personally identifiable form.

Cookies and similar technologies 

We use cookies and similar technologies to enable the Site to function, and gain insights into your usage of the Site, and to distinguish you from other users of the Site. Cookies are small files that allow for personalization of the Site by saving your information such as user ID and other preferences. The Site also uses a related technology called local storage which allows preferences and cached information to be stored locally on your computer or mobile device. 

Also, please be aware that third parties, such as the sites or services provided by third parties (“Third-Party Sites”) that may be linked to from the Site, may set cookies or use other means of passively collecting information about your use of their services, Third-Party Sites or content. We do not have access to, or control over, these third-party means of passive data collection. For more information, please refer to our cookie policy at: 


Collection and processing of sensitive information

The Site does not collect or process ‘sensitive information’, defined as data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation. As such, you should not provide any such information as part of your use of our Services, as part of any correspondence, in any User generated Content you provide in blog posts, or by any other means with your use of our Services.

How do we use personal information? 

We collect personal information when you use the ‘Contact us’ form on our Site, when you interact with our blog, and when you use our Services as part of a consulting engagement. We use your personal information for the following purposes:

  • We use personal information to conduct correspondence with you regarding current or future Services engagements;

  • To maintain an account for you on the blog section of our site so that we can better manage the quality of posts, and provide you with a personalized service;

  • To maintain a record of our interaction with you, for other administrative purposes, and for any other purposes that we may disclose to you at the point at which we request your personal information, and pursuant to your acceptance of this Privacy Policy.

Legal basis for processing in the EU, UK and Switzerland

If you are a resident in the EU, UK or Switzerland, we need to inform you about the legal basis on which we collect and use your personal information.  In the EU, UK and Switzerland, the purposes for which we process your personal information are:

  • Where we need to perform the contract we are about to enter into or have entered into with you for our Services;

  • For the purposes of legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and 

  • Where we need to comply with a legal or regulatory obligation.

We use the performance of our contract with you as the legal basis for processing your personal information when you contract with us for Consulting Services, or if you create an account on the blog section of our site, and also if you submit User Generated Content to this blog. We use legitimate interest as the legal basis when we respond to inquiries from the ‘Contact’ form on our Site and from other correspondence not related to a current consulting contract, and when we analyze your usage of the Site to better understand our engagement with prospective clients. 

When do we share personal information?

Except as described in this Privacy Policy, we will not disclose the personal information that we collect as a result of your use of our Services to third parties without your consent. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:

  • Service Providers. We may disclose personal information to third-party service providers (e.g., cloud web-hosting providers, email providers, etc.) that assist us in our work. We limit the personal information provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such personal information;

  • User Generated Content. If you provide comments, or otherwise interact with our blog, your User Generated Content will be shared with our Service Providers in order to provide the Service. Also remember that if you chose to make your profile on our blog ‘public’, your User Generated Content will be available publicly, and as such you should use caution when you provide such content; 

  • To Protect our Interests. We also disclose personal information if we believe that doing so is legally required, or is in our interest to protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights or property of others, or otherwise to help protect the safety or security of our Site and other users of the Site;

  • To Comply with the Law. We may also disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.


Communication choices

If you receive emails from us, including marketing correspondence from us and notifications from blog posts you have interacted with, you may unsubscribe at any time by following the instructions contained within the email. You may also opt-out from receiving marketing email from us, and any other promotional communications that we may send to you from time to time by sending your request to us by email at:

Please be aware that if you opt-out of receiving emails from us, it may take up to ten business days for us to process your opt-out request, and you may receive an email from us during that period. Additionally, even after you opt-out from receiving emails from us, you will continue to receive administrative messages from us regarding your use of our Services, and business emails relating to current or prior engagement with our Consulting Services.

Rights to access

If you wish to access or amend any personal information we hold about you, you may contact us at If you request that we delete your personal information, we will do so within a reasonable period of time, but we may need to retain some of your personal information in order to satisfy our legal obligations, or where we reasonably believe that we have a legitimate reason to do so.

Links to external sites

The Site may contain links to other websites, products, or services that we do not own or operate. The Site also may contain links to Third-Party Sites such as social networking services, for example, if you want to share a blog post on Facebook or LinkedIn. Additionally, the blog section of our Site allows you to log in using an existing Facebook or Google account. If you choose to visit or use any Third-Party Sites or products or services available on or through such Third-Party Sites, please be aware that this Policy will not apply to your activities or any information you disclose while using those Third-Party Sites or any products or services available on or through such Third-Party Sites. We are not responsible for the privacy practices of these Third-Party Sites or any products or services on or through them. Additionally, please be aware that the Service may contain links to Web sites and services that we operate but that are governed by different privacy policies. We encourage you to carefully review the privacy policies applicable to any website or service you visit other than our Site before providing any personal information on them.

How long do we keep your personal information for?

Unless otherwise specifically stated elsewhere in this Privacy Policy, we will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.  

EU, UK and Swiss privacy rights

If you are located in the EU, the UK, or Switzerland, you have the following Data Subject Rights with respect to your personal information that we hold:

  • Right of access. The right to obtain access to your personal information.

  • Right to rectification. The right to obtain rectification of your personal information without undue delay where that personal information is inaccurate or incomplete. 

  • Right to erasure. The right to obtain the erasure of your personal information without undue delay in certain circumstances, such as where the personal information is no longer necessary in relation to the purposes for which it was collected or processed.

  • Right to restriction. The right to obtain the restriction of the processing undertaken by us on your personal information in certain circumstances, such as where the accuracy of the personal information is contested by you, for a period enabling us to verify the accuracy of that personal information.

  • Right to portability. The right to portability allows you to move, copy or transfer personal information easily from one organization to another. 

  • Right to object. You have a right to object to processing based on legitimate interests and direct marketing. 

  • Rights in relation to automated decision making and profiling. You have the right not to be subject to a decision that affects you based solely on automated processing. See the section ‘Automated Decision-making and profiling’ in this Privacy Policy for more information.​


If you wish to exercise one of these rights, please contact us using the information in the
‘Contacting us’ section of this Privacy Policy.

Automated decision-making and profiling

Automated decision-making refers to a decision that is taken solely on the basis of automated processing of your personal data, for example using software, artificial intelligence, or other rating or scoring algorithms. Profiling uses automated processing, which sometimes results in automated decision-making and, in some cases, does not. We do not perform any automated decision-making and profiling on your personal information.

What is our policy on children?

Children’s safety is important to us, and we encourage parents and guardians to take an active interest in the online activities of their children. Our Services are not directed to users under the age of 18, and we do not knowingly collect personal information from users under the age of 18. If we learn that we have collected personal information from a person under the age of 18 on our Services, we will delete that information as quickly as possible. If you believe that we may have collected any such personal information, please notify us at

Where do we store and process your personal information?

When Simon Wynn Consulting obtains personal information about you, we may process and store the information outside of the country in which you are located, including in the United States. The countries in which we process the information may not have the same data protection laws as the country in which you are located. If you are using the Site or our Services from the European Union (“EU”), the UK, Asia, or any other region with laws or regulations governing personal data collection, use, and disclosure, that differ from United States laws, please note that you are transferring your personal data to the United States which does not have the same data protection laws as the EU and other regions, and by providing your personal data you permit the use of your personal data for the uses identified above in accordance with the Privacy Policy. You consent to having your personal data transferred to and processed in the United States.

California privacy disclosures
Do Not Track Signals

Your web browser settings may allow you to automatically transmit a “Do Not Track” signal to websites you visit. Note, however, there is no industry standard as to what website and app providers should do when these signals are received. Accordingly, unless and until privacy regulations require us to do so, we do not monitor or take any action with respect to these “Do Not Track” signals. For more information on “Do Not Track,” visit


How do we secure your personal information?

To help protect your data, we use commercially reasonable steps to protect the data that we collect, including your personal information. The reasonable steps include protecting this data against accidental loss, unauthorized use, disclosure, and restricting access to personal information by our staff. The Site is hosted by a third-party hosting company that we have determined maintains adequate security controls and utilizes TLS encryption for all internet communication with the Service. 

We use various third party processors to enable us to provide our Services, and as part of our due-diligence, we review the security controls these processors have in place and ensure they meet industry standards appropriate for the type of data we collect.

You should keep in mind, however, that our Services utilize software, hardware, and networks, which from time to time require maintenance and experience problems beyond our control. Note that no data transmission over the public internet or encryption method can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information that you provide to us. You transmit information to us at your own risk.

Updates to this policy

We may occasionally update this Privacy Policy. When we do, we will also revise the “last updated” date at the beginning of the Policy. Your continued use of our Service after such changes will be subject to the then-current policy. We encourage you to periodically review this Privacy Policy to stay informed about how we collect, use, and disclose personal information.

bottom of page