Privacy Statement

Website Privacy Statement

Policy last updated May 2018


1. Information Collection and Use 

We collect or are provided Personal Data in the normal course of business, for example:

  • you may provide us with your details during meetings or telephones calls with us; 
  • when you visit the Website, we may collect information about your visit such as your IP address and the pages you’ve visited; 
  • you may exchange emails or other electronic communications with us, which our IT systems will record;
  • colleagues at the business you represent may give us information about you; and
  • we may collect information from third party data providers, e.g. for anti-money laundering purposes, background checks and similar purposes. 

Our websites may also download “cookies” to your device – this is described in our separate Terms and Conditions [add link]. We may collect the following Personal Data from or about you:

  • contact Information such as name, email address, mailing address, phone number; 
  • information about your business role, such as job title and company name; and 
  • information about your interests in our services. 

 We use this information for our legitimate business interests, including to:

  • respond to enquiries and provide advice and support related to our Website and services;
  • analyse and improve the Website, for example for technical or security purposes;
  • market our services – if we do so, we will provide you with an opt-out of receiving such communications in the future;
  • comply with our legal and regulatory obligations and bring and defend legal claims;
  • to protect our business from fraud, money laundering, theft of proprietary materials and other crime;
  • administer and manage delivery of our services; and
  • in certain circumstances, to share it with a limited number of third-parties as described in this policy, for example for operational requirements and business continuity purposes.  

When you provide us with personal data about yourself or another person, you are confirming to us that you are authorised to provide us with that information and that any personal data you give us is accurate and up-to-date. Given the nature of our business, we do not generally ask for “sensitive” or “special categories of personal data,” such as information about your health, political opinions, racial origins or sexual life and we would ask you not to send any to us unless specifically requested to do so.

2. Information Sharing

We will only share your Personal Data with third parties in the ways set out in this privacy statement. We do not give, sell or rent your Personal Data to third parties for them to market their services to you. Nor do we accept advertising from third parties on the Website. 

 We may provide your Personal Data to our service providers to help us with our business activities, such as inputting your contact information into our CRM or email marketing system. In all cases we will have a processor agreement with these companies safeguarding your Personal Data, including that it may only be processed for the purposes of that agreement and on our instructions. We may also disclose your Personal Data as follows:

  • For the operation of our business, to other entities in the Graphite group;
  • For provision of the Services, and for our own disaster recovery and business continuity purposes, we may store or transmit personal data to or through third party providers, such as with our contractors and advisors to help us operate, secure and analyse our business. 
  • We may be obliged to disclose your personal data to comply with a law, order or request of a court, government authority, other competent legal or regulatory authority or any applicable code of practice or guideline. 
  • We may also be obliged to disclose personal data when we believe in good faith that disclosure is necessary for our legitimate interest such as investigating fraud, to make or defend a legal claim, to protect your safety or the safety of others, or to maintain our compliance or that of our personnel with applicable laws, regulations and/or professional obligations, all in accordance with applicable law. 
  • If Graphite is involved in a merger, acquisition, or sale of all or a portion of its assets, we may disclose such Personal Data as is necessary for our legitimate interests in completing that transaction and always provided that appropriate safeguards are in place including limitations and restrictions on use, access and retention. 
  • In other situations, only with your prior consent. 

3. Transfers outside the EEA

We may transfer your Personal Data to Graphite entities or service providers outside the EEA for the purposes set out in this privacy policy. We will put in place appropriate measures to safeguard Personal Data transferred outside the EEA. By providing your Personal Data, and agreeing to this Privacy Policy, you consent to such transfer.

4. Your Rights

You have the right to ask whether Graphite processes your Personal Data and to request a copy, to object to direct marketing and in certain circumstances to have the data rectified or blocked or withdrawn. To request this information, please email

You may ask to have your Personal Data corrected or amended if it has changed, or removed or deleted, by emailing

You have the right to ask us to restrict processing certain of your personal data, to erase your personal data, and to ‘port’ certain of your personal data to you or another provider, provided in each case that we have such data and certain conditions are met.  

You also have the right to object to direct marketing and, under certain circumstances, to object to our processing of your Personal Data. 

We will respond to your request within 30 days.

5. Opt-Out Preferences

We may send you information about Graphite and its activities by post or by email.  You may choose to stop receiving such correspondence by contacting us at

6. Security

We take care to protect the Personal Data submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about the security of your Personal Data, you can contact

7. Retention

We will retain your information for the longer of: 

  • the period we are required to do so by law, 
  • as is reasonably necessary for the purpose (for example to comply with our legal obligations, resolve disputes, and enforce our agreements), or 
  • as needed to provide you services. 

Note that we may retain some information about you even when we know that you have left the organisation that you represent, so that we can maintain a continuous relationship with you if and when we are in contact with you again, representing a different organisation.
 If you opt-out of communications, we will retain your name and contact details to enable us to respect your request. 

8. Additional Information

Links to third party websites

Our Website may include links to other websites whose privacy practices may differ from those of Graphite. If you submit Personal Data to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any such third-party web site you visit. 


With consent from the individual, we may display personal testimonials on our website in addition to other endorsements, including their name. If you wish to update or delete your testimonial, you can contact us at

Contact Us

You can contact us by email at You have the right, at all times, to notify a complaint to any regulator such as the UK Information Commissioner, although we would welcome the opportunity to discuss and resolve any complaint with you first.

Changes to this policy

Any changes we make to this privacy statement in the future will be posted to this website (at and also available if you contact us. Please check back frequently to see any changes.