Privacy Policy
Effective date: March 2026
Version: 1.0
1. Introduction
Save Friday Ltd trading as Friday Initiatives(“Friday Initiatives”, “us”, “we” or “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store and disclose personal data when you engage with us - whether as a client, prospective client, supplier or a visitor to our website located at www.fridayinitiatives.com (the “Website”).
We are the data controller in respect of the personal data we process as described in this Policy.
This Policy is written in accordance with the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018 (“DPA 2018”). It should be read alongside any other notices or policies we provide at the point of data collection.
If you have any questions about this Policy or how we handle your personal data, please contact us at: emma@fridayinitiatives.com.
2. What Personal Data Do We Collect?
We collect only the personal data that is necessary for the purposes described in this Policy. The types of data we may collect depend on the nature of your relationship with us and may include:
-
Identity and contact details: your name, job title, email address, telephone number, and postal address.
-
Business information: your organisation's name, industry, website, social media presence, and operational or financial information relevant to the services we are providing.
-
Payment and financial information: billing details, invoicing records and payment information where necessary to process fees for our services.
-
Communications records: records of correspondence, enquiries or other communications between you and Friday Initiatives, whether by email, telephone or other means.
-
Technical and usage data: IP address, device information, browser type and website browsing activity, collected automatically when you interact with our digital platforms.
We may collect personal data about the following categories of individuals:
-
clients, their businesses, and their personnel who engage with our products and services;
-
prospective clients who have made an enquiry or expressed an interest in our services;
-
third parties who provide a service to, or on behalf of, us; and
-
our employees, contractors and job applicants.
3. How We Collect Personal Data
We collect personal information though the following means:
-
Directly from you: when you make an enquiry, engage our services, complete a form, attend one of our events, or correspond with us by email, telephone or post.
-
From your organisation: where your employer or a colleague provides your contact details in connection with an engagement or event.
-
From third-party platforms: if you choose to connect or register via a social media or third-party platform (such as LinkedIn, Google or Apple), we may receive certain profile information from that provider in accordance with your settings on that platform.
-
Automatically from our Website: using cookies and analytics technologies when you visit our Website.
4. How and Why We Use Your Personal Data
We process personal data only where we have a lawful basis to do so under the UK GDPR. The table below sets out our purposes and the lawful bases we rely on.
Purpose | Lawful Bases |
|---|---|
Protecting our business against fraud, misuse and legal risk, and establishing or defending legal claims where necessary | Legitimate interests (Article 6(1)(f));
Legal obligation (Article 6(1)(c))
|
Complying with applicable legal and regulatory obligations, including tax, accounting and the retention of business records | Legal obligation (Article 6(1)(c)) |
Conducting research, benchmarking and analysis to develop and improve our services (using anonymised or aggregated data only) | Legitimate interests (Article 6(1)(f)) – to improve service quality and business performance |
Sending marketing communications about our services and events (where you have not opted out) | Consent (Article 6(1)(a));
Legitimate interests (Article 6(1)(f)), subject to your right to object at any time
|
Sending service-related communications, including updates directly relevant to an active client or prospective client engagement | Performance of a contract (Article 6(1)(b)); Legitimate interests (Article 6(1)(f)) |
Responding to enquiries, complaints and requests | Legitimate interests (Article 6(1)(f)) – to manage and improve our client relationships |
Processing payments, issuing invoices and managing our financial records | Performance of a contract (Article 6(1)(b)); Legal obligation (Article 6(1)(c)) |
Managing the client relationship, including account administration, onboarding and ongoing engagement | Performance of a contract (Article 6(1)(b)) |
Delivering consulting services and programmes you have engaged us to provide | Performance of a contract with you (Article 6(1)(b) UK GDPR) |
Where we rely on legitimate interests as our lawful basis, we have carried out a legitimate interests assessment and are satisfied that our interests are not overridden by your rights and freedoms. You retain the right to object to such processing at any time (see Section 8 below).
5. Sharing Your Personal Data
We do not sell your personal data to third parties. We share personal data only to the extent necessary for the purposes described in this Policy, and only with recipients who are subject to appropriate confidentiality or data protection obligations.
Recipients may include:
-
Service providers acting as data processors: including IT and cloud infrastructure providers (Google Cloud, Cloudflare), our Website platform (Wix), our CRM (HubSpot), and payment processors. These parties process data solely on our instructions and are bound by written data processing agreements.
-
Professional advisers: including solicitors, accountants and insurers, under enforceable obligations of confidentiality.
-
Regulatory and law enforcement authorities: where we are required to disclose data by law, court order or binding governmental request.
-
Business transferees: in connection with any prospective or actual merger, acquisition or sale of all or part of our business. We would notify you if your data were to be transferred in this way.
6. International Transfers
Some of our service providers maintain infrastructure outside the United Kingdom. Where your personal data is transferred to a jurisdiction that does not benefit from a UK adequacy regulation, we ensure that appropriate safeguards are in place in accordance with the UK GDPR.
These safeguards take the form of:
-
an International Data Transfer Agreement (“IDTA”) approved by the ICO, or the UK Addendum to EU Standard Contractual Clauses; or
-
another lawful transfer mechanism recognised under the UK GDPR and DPA 2018
If you would like further information about the specific safeguards we rely on for international transfers, please contact us at emma@fridayinitiatives.com.
7. How Long We Keep Your Personal Data
We retain personal data only for as long as is necessary for the purposes for which it was collected, or as required by law or regulation. The criteria we use to determine retention periods include:
-
the duration of our contractual relationship with you;
-
our legal and regulatory obligations;
-
any limitation periods relevant to potential legal claims; and
-
guidance issued by the ICO or other relevant regulatory bodies.
Where personal data is no longer required, it is securely deleted or anonymised. If you would like information about the specific retention period that applies to your data, please contact us.
8. Your Rights Under the UK GDPR
You have the following rights in relation to your personal data. These rights are not absolute and may be subject to exemptions in certain circumstances:
-
Right of access: you may request a copy of the personal data we hold about you.
-
Right to rectification: you may ask us to correct any inaccurate or incomplete personal data we hold about you.
-
Right to erasure: you may ask us to delete your personal data where there is no compelling reason for us to continue processing it.
-
Right to restriction of processing: you may ask us to restrict our processing of your data in certain circumstances, for example whilst an objection or complaint is being considered.
-
Right to data portability: where we process your data by automated means on the basis of consent or contract, you may ask us to provide your data in a structured, commonly used, machine-readable format.
-
Right to object: you may object at any time to processing based on our legitimate interests, or to direct marketing.
-
Right to withdraw consent: where we process your data on the basis of consent, you may withdraw that consent at any time.
-
Rights relating to automated decision-making: you have rights in relation to any automated decisions (including profiling) that produce significant legal or similarly significant effects on you.
To exercise any of these rights, please submit a written request to emma@fridayinitiatives.com. Requests are free of charge. We may need to verify your identity before processing your request and will respond within one calendar month (extendable by up to two further months for complex or numerous requests, with notice to you).
9. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, loss or destruction, in accordance with our obligations under the UK GDPR.
Our measures include:
-
encryption of data at rest and in transit;
-
role-based access controls;
-
use of reputable, security-accredited cloud infrastructure providers; and
-
regular review of our data protection and security policies and procedures.
In the event of a personal data breach that is likely to result in a risk to your rights, we will notify the Information Commissioner's Office ("ICO") within 72 hours of becoming aware, and will inform you without undue delay where required by law.
10. Marketing Communications
From time to time, we may send you information about our services, events and insights that we believe may be of interest to you. We will only do so where you have given your consent, or where we have a legitimate interest in doing so and the law permits.
You may opt-out of receiving marketing communications at any time by:
-
Clicking “unsubscribe” in any marketing email we send; or
-
Emailing us at emma@fridayinitiatives.com.
Opting out of marketing will not affect transactional or service-related communications that are necessary for the delivery of an active engagement.
11. What Happens if You Do Not Provide Personal Data
Where we require personal data to enter into or perform a contract with you, or to comply with a legal obligation, failure to provide that data may mean we are unable to provide the services you have requested or to fulfil our legal obligations. We will make clear at the point of collection if the provision of personal data is mandatory.
12. Changes to This Policy
We may update this Policy from time to time to reflect changes in our practices, legal requirements or other operational reasons. The most current version will always be available on our Website, and the effective date at the top of this document will be updated accordingly. Where changes are material, we will take reasonable steps to notify you.
13. Complaints and How to Contact Us
If you have any concerns about how we handle your personal data, please contact us in the first instance and we will do our best to resolve the matter promptly. We aim to respond to all complaints within 14 calendar days.
You can contact us at emma@fridayinitiatives.com.
If you are not satisfied with our response, you have the right to lodge a complaint with the ICO, the UK’s independent data protection regulator.
+44 07384417395 | +61 0452 679 796
Studio 3, Rose Lipman Building
43 De Beauvoir Road
London, N1 5SF
18/49 Head Street
Brighton, Victoria
3186
© 2026 by Alex Gomez for Friday Initiatives.
Built on Wix Studio™