top of page

PRIVACY POLICY

​

Last updated: 1st September 2025

​

Quick summary:

We collect only what we need to provide you with great service.

Your data is secure, never sold, and you control how long we keep it.

​

INTRODUCTION

​​

Nine Yards PA Services is committed to protecting your personal information and using it responsibly. This policy explains what data we collect, how we use it, and your rights under UK data protection law (UK GDPR and Data Protection Act 2018).​


WHO ARE WE?

Nine Yards PA Services is the data controller and is responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice). We provide consultancy, administration support, and digital resources under the brands Nine Yards PA Services, The Calm PA and The Calm PA Hub .

Our full contact details are:
 

  • Nine Yards PA Services, 19B The Circle, Dilton Marsh, Westbury, Wiltshire BA13 4BZ.

  • Email address: help@nineyardspa.co.uk


We are registered with the ICO data regulator under reference ZA522835.

You can contact them directly by visiting www.ico.org.uk

It is very important that the information we hold about you is accurate and up to date.

Please let us know if at any time your personal information changes by emailing us at help@nineyardspa.co.uk

DATA WE COLLECT

We may collect and process the following information when you interact with us:

​​

  • Personal details: name, email, company, job title, contact details, and social media profile handles (when relevant).​

  • Communications: Emails, enquiries, plus newsletter sign-ups and interactions.

  • Purchase and project information: Order details, invoices, service history.

  • Suppliers and partners: Correspondence, contracts, payment details (if applicable).

  • Payment and billing details (processed securely by our payment providers – we do not store card details).

  • Digital interactions (emails, website enquiries, downloads, feedback)


HOW WE USE YOUR DATA (AND WHY)

We only use your data where there is a lawful basis under UK GDPR, such as:

​​

  • To perform a contract - providing consultancy services or resources you’ve requested.​

  • To meet legal obligations - e.g. keeping financial records for HMRC.

  • Legitimate interests - managing and improving our services without overriding your privacy.

  • Consent - for marketing communications, which you may opt out of anytime.


COOKIES AND TRACKING

Our website uses cookies for functionality and analytics. For details of what cookies we use and how you can manage them, please see our Cookie Policy.


DATA STORAGE AND SECURITY
 

  • Data is stored securely using trusted UK and international providers.

  • Access is restricted to only those who need it.

  • We regularly review our systems for security and data protection compliance.

  • We only keep data for as long as necessary (see “How Long We Keep Your Data”).


INTERNATIONAL TRANSFERS

Some of our service providers may process data outside the UK/EEA (for example, in the US). We only use providers that have appropriate safeguards in place, such as:

​

  • UK adequacy regulations; or

  • Standard contractual clauses approved by the UK.


HOW LONG WE KEEP YOUR DATA

We retain data only as long as needed for the purpose collected:

 

  • Client and project data – for up to 7 years (to comply with accounting rules).

  • Mailing list subscriptions – until you unsubscribe.

  • Enquiries – for up to 12 months, unless you become a client.

​

After this, data is securely deleted.

WHO WE SHARE DATA WITH

We do not sell or share your data for marketing. We may share data with:

​

  • Service providers (e.g., payment processors, cloud platforms) who support our business.

  • Invoice or finance partners for billing purposes.

  • Legal authorities if legally required.


YOUR RIGHTS

Under UK GDPR, you have the right to:

​

  • Access the data we hold about you.

  • Correct inaccuracies in your data.

  • Request deletion of your data (in certain cases).

  • Restrict or object to certain processing.

  • Withdraw consent (where processing is based on consent).

  • Data portability (receive your data in a reusable format).

​

To exercise any of these rights, contact us at: help@nineyardspa.co.uk

If you are unhappy with how we handle your data, you can complain to the ICO: www.ico.org.uk

​​

UPDATES TO THIS POLICY

 

We review and update this policy at least annually, or sooner if our practices or legal requirements change. The most recent version will always be published on our website.

​

bottom of page