Data Protection Policy

Data Privacy

We manage three sets of GDPR data:

  1. Internal HR Data
  2. Customer contact information
  3. Potential customer contact information


Only the first set of data holds any sensitive personal Identifiable data, and access is strictly controlled. Our Account Management team holds limited personally identifiable customer information for the purpose of day-to-day updates and the delivery of our services. We are registered with the Information Commissioner’s Office (ICO), registration reference ZB459861.

Data Processing

All emails, documents and reports are held within Google Workspace European data centers.

  • AWS: AWS invoices all originate in the US, and our processing of CUR data also occurs in the US (North Virginia).
  • Google: Google invoices are held within Google European data centers.

Data Retention

All data is stored on Cloud SaaS or PaaS infrastructure, we hold no data on local servers or storage. 

Retention of billing data and recommendations reports is for up to 7 years after the lifetime of the contract with a given customer, subject to various UK legislative requirements. 

Once data is no longer required the data is deleted. 

Find out more about our policies by visiting our Privacy Policy or Cookies Policy

Essential cookies

Essential cookies enable core functionality such as page navigation. The website cannot function properly without these cookies; they can only be disabled by changing your browser preferences.

Performance cookies

Performance cookies help us to improve our website by collecting and reporting information on its usage (for example, which of our pages are most frequently visited).

Marketing cookies

We use third party cookies on our site to serve you with advertisements that we believe are relevant to you and your interests. You may see these advertisements on our site and on other sites that you visit.

This website uses cookies for analytics and an improved browsing experience.
Click Ok to accept