Privacy Policy
The Legacy Room Marketing Ltd
1. Purpose and Scope
This Privacy Policy sets out the manner in which The Legacy Room Marketing Ltd (“the Company”, “we”, “us”, or “our”) collects, processes, stores, protects, and discloses personal data in connection with the operation of its website located at thelegacyroom.co.uk (the “Website”), the provision of its digital products, educational materials, training programmes, consultancy services, agency services, and any related commercial activities.
This Privacy Policy applies to all visitors, users, customers, clients, applicants, and any other individuals whose personal data is processed by the Company, whether obtained directly or indirectly.
We process personal data in accordance with the United Kingdom General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018, and any applicable secondary legislation or regulatory guidance.
2. Data Controller
For the purposes of applicable data protection legislation, the data controller is:
The Legacy Room Marketing Ltd
Virtual Office 02 Group First House
12a Meadway
Padiham
Lancashire
United Kingdom
BB12 7NG
Contact Email: hello@thelegacyroom.co.uk
The Company is not currently registered with the Information Commissioner’s Office as a data controller.
3. Definitions
For the purposes of this Privacy Policy:
“Personal Data” means any information relating to an identified or identifiable natural person.
“Processing” means any operation performed on Personal Data, whether or not by automated means.
“Data Subject” means the individual to whom Personal Data relates.
“Website” means thelegacyroom.co.uk and any associated subdomains.
4. Categories of Personal Data Collected
4.1 Data Provided Directly by You
We may collect and process Personal Data that you voluntarily provide, including but not limited to:
Full legal name
Email address
Billing and correspondence address
Payment and transaction information (processed via third-party payment providers)
Business name, role, and professional details
Login credentials and account-related identifiers
Information submitted via contact forms, applications, questionnaires, assessments, or enrolment processes
Communications exchanged via email, messaging platforms, or other correspondence channels
Any information included in submissions, applications, or materials provided for review, training, or evaluation
4.2 Data Collected Automatically
When you access or use the Website, we may automatically collect:
Internet Protocol (IP) address
Browser type, version, and language settings
Device type, operating system, and technical identifiers
Referral source and navigation paths
Pages viewed, interactions, and dwell time
Date and time stamps
Such data is collected through cookies, server logs, analytics software, and similar technologies.
5. Lawful Basis for Processing
We process Personal Data only where a lawful basis exists under UK GDPR, including:
Performance of a contract, where processing is necessary to deliver products, services, or training requested or purchased
Legitimate interests, where processing is required for the operation, management, and development of our business, provided such interests are not overridden by your rights
Legal obligation, where processing is required to comply with applicable laws or regulatory requirements
Consent, where you have explicitly agreed to specific processing activities
Where consent is relied upon, you may withdraw it at any time without affecting the lawfulness of processing carried out prior to withdrawal.
6. Purposes of Processing
Personal Data may be processed for the following purposes:
Provision and administration of digital products, courses, training programmes, and consultancy services
Processing payments and managing financial transactions
Managing customer accounts and service delivery
Responding to enquiries and communications
Internal administration, record-keeping, and operational management
Monitoring Website usage and improving functionality, content, and performance
Marketing and promotional communications, where permitted
Protecting the security and integrity of systems and data
Preventing fraud, abuse, or unauthorised access
Establishing, exercising, or defending legal claims
Compliance with legal and regulatory obligations
7. Marketing Communications
We may send marketing communications relating to our products, services, or educational offerings where permitted by law or where you have opted in to receive such communications.
You may unsubscribe from marketing communications at any time by using the unsubscribe mechanism provided or by contacting us at hello@thelegacyroom.co.uk. Transactional or service-related communications may continue irrespective of marketing preferences.
8. Disclosure of Personal Data
We do not sell Personal Data.
We may disclose Personal Data to third parties where reasonably necessary, including:
Payment processors and financial service providers
Website hosting and infrastructure providers
Email marketing and communication platforms
Analytics and performance monitoring providers
Professional advisers, including legal and accounting advisers
Contractors, consultants, or service providers engaged in the delivery of services
All such third parties are required to process Personal Data in accordance with applicable data protection laws and appropriate contractual safeguards.
9. International Transfers
Personal Data may be transferred outside the United Kingdom where service providers or infrastructure are located overseas. In such cases, we ensure that appropriate safeguards are implemented, including adequacy decisions or contractual protections recognised under UK data protection law.
10. Data Retention
Personal Data is retained only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and regulatory obligations.
Retention periods vary depending on the nature of the data, the purpose of processing, and applicable legal requirements. When Personal Data is no longer required, it is securely deleted or anonymised.
11. Data Security
We implement technical and organisational measures designed to protect Personal Data from unauthorised access, disclosure, alteration, or destruction.
While we take reasonable steps to safeguard data, no system or transmission method can be guaranteed to be completely secure, and we accept no liability for unauthorised access beyond our reasonable control.
12. Cookies and Tracking Technologies
The Website uses cookies and similar technologies to:
Enable core functionality
Improve user experience
Analyse Website traffic and usage patterns
Support marketing and performance measurement
Cookies may be session-based or persistent and may be set by us or by third-party service providers.
You may control or disable cookies through your browser settings. Disabling cookies may affect the availability or functionality of certain Website features.
By continuing to use the Website, you consent to the use of cookies in accordance with this Privacy Policy.
13. Your Rights
Subject to applicable law, you may have the right to:
Request access to Personal Data held about you
Request correction of inaccurate or incomplete data
Request erasure of Personal Data, subject to legal limitations
Object to or restrict processing
Request data portability
Withdraw consent where processing is based on consent
Lodge a complaint with the Information Commissioner’s Office
Requests may be subject to verification and statutory exemptions.
14. Third-Party Links
The Website may contain links to third-party websites. We are not responsible for the privacy practices or content of such websites, and access is at your own risk.
15. Amendments to This Privacy Policy
We reserve the right to amend this Privacy Policy at any time. Any changes will be published on the Website and shall take effect immediately upon publication.
Your continued use of the Website following publication of amendments constitutes acceptance of the revised Privacy Policy.
16. Contact
For any questions regarding this Privacy Policy or the processing of Personal Data, please contact:
Boost open rates