Legal

Privacy Policy

Last updated: 14 May 2026

This Privacy Policy explains how EIS Consulting Ltd ("we", "us") collects and uses personal data when you use our website or contact us.

1. Who we are

EIS Consulting Ltd is the data controller for personal data collected through this website.

EIS Consulting Ltd. Registered in England and Wales. Company number: 08695848. VAT registration number: GB 173 8471 82.

Contact: contact@eisconsulting.co.uk | 01609 710142

Registered Office: Moat House, Northallerton, North Yorks. DL7 0LY

2. What data we collect

We may collect the following categories of personal data:

  • Identity and contact data: name, email address, telephone number, organisation name, job title (if provided).
  • Enquiry data: the content of messages you send us, including requirements and constraints you share.
  • Waitlist/sign-up data: information you submit via embedded forms (e.g. Legal/Accountancy waitlists).
  • Technical data: basic device and log information that may be produced by your browser and our hosting provider (typically minimal for static sites).

3. How we use your data

  • To respond to enquiries and provide information you request.
  • To manage waitlists (for example, to notify you when an offering launches).
  • To operate, secure, and improve the website (where applicable).
  • To keep records of business communications and decisions.

4. Legal bases (UK GDPR)

We process personal data under one or more of the following legal bases:

  • Legitimate interests: operating our business, responding to enquiries, maintaining service quality and security.
  • Consent: where you actively opt in (for example, certain waitlist communications). You can withdraw consent at any time.
  • Contract: where processing is needed to perform or prepare to enter into a contract for services.
  • Legal obligation: where we must comply with legal requirements.

5. Sharing your data

We may share personal data with trusted service providers who help us run the website and manage communications, for example:

  • Microsoft 365 services (for example, forms and list storage) used for waitlists and enquiries.
  • Email and collaboration tools used to communicate with you.
  • Our website hosting and deployment providers.

We do not sell personal data.

6. International transfers

Some of our suppliers may process data outside the UK. Where this happens, we use appropriate safeguards (for example, contractual protections) and choose providers that offer suitable security and compliance measures.

If you require UK-only processing for a specific engagement, please tell us and we will confirm what is possible before you share data.

7. Data retention

We keep personal data only for as long as necessary for the purposes described above, including to respond to enquiries, manage waitlists, and maintain appropriate business records. Retention periods may vary depending on the nature of the interaction and any contractual or legal requirements.

8. Security

We use appropriate technical and organisational measures to protect personal data. However, no website or transmission is completely secure. Please avoid sending sensitive information via website forms unless we have agreed a secure method.

9. Your rights

Under UK GDPR, you may have rights including:

  • Access to your personal data
  • Correction of inaccurate data
  • Deletion (in certain circumstances)
  • Restriction or objection to processing (in certain circumstances)
  • Data portability (in certain circumstances)
  • Withdrawal of consent (where consent is the legal basis)

To exercise your rights, contact us at contact@eisconsulting.co.uk. You also have the right to complain to the Information Commissioner's Office (ICO).

10. Cookies and embedded services

This website may include embedded services (for example, forms). These third parties may set cookies or collect usage data according to their own policies.

We do not currently use advertising cookies. If we add analytics or marketing tools in future, we will update this policy.

11. Behavioural analytics, Microsoft Clarity

This website uses Microsoft Clarity to understand how visitors interact with our pages. Clarity captures anonymised session recordings and heatmaps. Microsoft processes this data as our processor under the terms of the Microsoft Online Services Data Protection Addendum. No personally identifying information is intentionally captured. You can read Microsoft's privacy statement at https://privacy.microsoft.com/en-gb/privacystatement.

Under current UK ICO guidance, Microsoft Clarity used in its default configuration does not require a consent banner because it does not set cookies that identify individuals. We have configured Clarity in its default privacy-preserving mode and do not enable any feature that would change this position.

12. Third-party destinations and form processing

When you use the scorecard assessment tool (ScoreApp), you are transferred to a ScoreApp-operated environment at a separate domain. ScoreApp operates as an independent data controller for personal data you submit there. Their privacy policy governs that data. EIS Consulting receives output data from completed assessments under the terms of its ScoreApp subscription.

Waitlist and contact forms on this website are provided through Microsoft Forms (Microsoft 365). Microsoft processes form submission data as a data processor on behalf of EIS Consulting under the Microsoft Online Services Data Protection Addendum. Submitted data is stored in EIS Consulting's Microsoft 365 tenancy.

13. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top indicates when changes were made.