Privacy Policy

Last updated: May 2026

1. Introduction

Straylight Strategies Ltd ("we," "us," or "our") is committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard information when you visit straylightstrategies.com or contact us in connection with our advisory services.

We are a data controller for the purposes of UK GDPR and the Data Protection Act 2018. We take our obligations under applicable data protection law seriously.

2. Information We Collect

We collect limited personal information through the following means:

• Direct contact: When you email us or contact us directly, we collect your name, email address, organisation, and any information you choose to include in your message.
• Website usage data: Standard server logs may capture your IP address, browser type, referring URL, and pages visited. This information is used for site administration purposes only.
• Cookies: We do not currently use tracking cookies or third-party analytics tools. If this changes, this policy will be updated in advance.

3. How We Use Your Information

We use the information we collect for the following lawful purposes:

• To respond to your enquiries and conduct an initial conflict check.
• To assess whether an engagement is appropriate and to communicate regarding advisory work.
• To manage our client and prospect relationships.
• To comply with our legal and regulatory obligations.
• To maintain and improve the operation of our website.

Our legal basis for processing is typically legitimate interests (responding to business enquiries, conflict screening) or contractual necessity (where an engagement is underway), or legal obligation as required.

4. Sharing and Disclosure

We do not sell, rent, or share your personal data with third parties for marketing or commercial purposes.

We may disclose information only in the following limited circumstances:

• To comply with a legal obligation, court order, or regulatory requirement.
• To protect our legal rights, or the safety of any individual.
• With your explicit prior consent.

All client and prospect discussions are treated as confidential by default. Conflict checks are conducted discreetly.

5. Data Security

We apply appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. Sensitive communications can be arranged through encrypted channels on request.

No transmission over the internet is entirely secure, and we cannot guarantee absolute security. We will notify you of any data breach that is likely to affect your rights in accordance with applicable law.

6. Retention

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by law. Enquiry data for non-progressed conversations is typically deleted after 24 months unless there is a specific reason to retain it. Data relating to completed engagements is retained in accordance with our legal and contractual obligations.

7. Your Rights

Under UK GDPR, you have the following rights in respect of your personal data:

• The right to access the personal data we hold about you.
• The right to rectification of inaccurate or incomplete data.
• The right to erasure in certain circumstances.
• The right to restriction of processing in certain circumstances.
• The right to data portability in certain circumstances.
• The right to object to processing based on legitimate interests.
• The right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, please contact us at hello@straylightstrategies.com. We aim to respond within one calendar month.

8. Third-Party Links

Our site may contain links to third-party websites (for example, LinkedIn). We are not responsible for the privacy practices of those sites. We encourage you to review their respective policies before submitting any personal data.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be published on this page with a revised "Last updated" date. Material changes will be noted clearly. Your continued use of the website constitutes acknowledgement of the policy then in force.

10. Contact and Data Controller Details

If you have questions or concerns about this Privacy Policy or how we handle your personal data, please contact us: