Talk to Matt

Legal

Privacy Policy

FittonMillett Ltd · Last updated: June 2026

1. Who we are

FittonMillett Ltd is the data controller for personal data collected through this website and in connection with our services. Registered in England and Wales, company number 15226381. Registered office: Unit C Piccadilly Business Centre, Aldow Enterprise Park, Blackett Street, Manchester, M12 6AE.

Contact for data matters: hello@fittonmillett.com

2. What data we collect

We collect the following types of personal data:

  • Contact and enquiry data: name, email address, organisation name, and any information you include in messages sent to us.
  • Lead capture data: name and email address submitted via the Cost Calculator and Resources page forms.
  • Purchase data: name, email address, and payment information submitted when purchasing the Health Check. Payment card details are processed by Stripe and are not stored by FittonMillett Ltd.
  • Booking data: name, email address and any notes provided when booking a discovery call via Fantastical.
  • Usage data: standard web analytics data (pages visited, time on site, referral source) collected via our hosting provider. This data is aggregated and does not identify individuals.

We do not collect sensitive personal data (such as health data, ethnicity, or financial account details beyond what Stripe handles on our behalf).

3. How we use your data

We use your personal data for the following purposes:

  • Delivering services: to fulfil purchased services and digital products, communicate about engagements, and provide ongoing support.
  • Responding to enquiries: to reply to messages and booking requests.
  • Email communications: where you have given consent (by ticking the newsletter opt-in), to send occasional updates, insights and advice relevant to care sector recruitment. You can unsubscribe at any time via the link in each email.
  • Improving our services: to understand how our website and tools are used, so we can improve them.

4. Legal basis for processing

  • Contract performance: processing necessary to deliver a service you have purchased.
  • Legitimate interests: responding to enquiries, basic analytics, and following up with leads who have engaged with our tools. We have assessed these interests against your rights and are satisfied they are proportionate.
  • Consent: sending optional newsletter communications. You can withdraw consent at any time.
  • Legal obligation: retaining records required for tax, accounting or legal compliance purposes.

5. How long we keep your data

  • Client records and engagement data: six years from the end of the engagement, in line with UK tax and accounting requirements.
  • Enquiry and contact data: up to two years from last contact, unless an engagement commences.
  • Newsletter subscriber data: until you unsubscribe or request deletion.
  • Lead capture form data: up to twelve months from submission unless an engagement commences.

6. Who we share your data with

We do not sell your personal data. We share it only with trusted third-party processors necessary to deliver our services:

  • Netlify: website hosting and form processing. Data processed in the US under standard contractual clauses.
  • Airtable: client relationship management. Data stored and processed in the US under standard contractual clauses.
  • Make.com: workflow automation connecting form submissions to our CRM. Data processed in the EU.
  • Stripe: payment processing. Stripe is the data controller for payment card data. See Stripe's privacy policy at stripe.com/gb/privacy.
  • Fantastical / Flexibits: booking management. Data processed in accordance with Flexibits' privacy policy.

We may disclose personal data if required to do so by law or in response to a valid legal process.

7. International transfers

Some of our processors are based outside the UK. Where personal data is transferred internationally, we ensure appropriate safeguards are in place (such as standard contractual clauses approved by the UK Information Commissioner's Office).

8. Your rights

Under UK GDPR, you have the right to:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: ask us to correct inaccurate or incomplete data.
  • Erasure: ask us to delete your data in certain circumstances.
  • Restriction: ask us to restrict processing of your data in certain circumstances.
  • Portability: receive your data in a structured, machine-readable format where processing is based on consent or contract.
  • Objection: object to processing based on legitimate interests.
  • Withdraw consent: where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at hello@fittonmillett.com. We will respond within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ico.org.uk).

9. Cookies

This website uses only essential technical cookies necessary for the site to function. We do not use advertising or tracking cookies. No cookie consent banner is currently shown as no non-essential cookies are set.

10. Changes to this policy

We may update this policy from time to time. The current version is always published at fittonmillett.com/privacy. Material changes will be communicated to active clients by email.

11. Contact

Questions about this policy or how we handle your data: hello@fittonmillett.com