How we handle your data.
Last updated: 9 May 2026
In plain English. Your email and your purchase information are the only personal data this site collects, and they are only used to send you what you asked for and to operate the business behind The Secret Lawyer. This page explains the detail.
Who is responsible for your data
The data controller for personal data collected through this site is The Secret Lawyer (referred to as "we", "us", or "TSL" throughout this policy).
You can contact us about anything in this policy at info@thesecretlawyer.co.uk.
Registered trading address: 61 Bridge Street, Kington, HR5 3DJ, United Kingdom.
What data we collect, and why
- Your email address
- Collected when you sign up for a free guide. Used to send you the guide and a short follow-up email sequence with related practical information. Also used to inform you about new guides if you opt in.
- Your name (optional, only if you give it)
- Collected only if you provide it when emailing us or replying to one of our messages. Used to address you personally in correspondence.
- Payment information
- Handled by Payhip (our payment processor) and Stripe (the underlying payment provider). Card details never reach our servers. We see only the email address you used at checkout, the product purchased, and the order amount.
- Basic site usage data
- Standard server logs (IP address, browser type, pages visited, timestamps) collected automatically by our hosting provider Netlify, used for security and to keep the site running. No advertising tracking. No behavioural profiling.
Lawful basis for processing
Under UK GDPR we need a lawful basis for every type of data processing. Here are ours.
- Consent for sending you marketing-style emails about new guides or offers. You can withdraw consent at any time using the unsubscribe link at the bottom of every email.
- Contract for delivering a guide you have signed up for, or processing a purchase you have made. Without using your email for this we could not deliver what you asked for.
- Legitimate interests for basic site analytics and security logging. We have considered the impact on you and balanced it against the need to keep the site running and secure.
Who else handles your data
We use a small number of third-party services to operate the site and the business. Each is bound by their own data-processing terms.
- MailerLite
- Email marketing platform. Stores your email address and tracks email opens and clicks for our nurture sequences. Based in Lithuania, with EU-US Data Privacy Framework certification. Their privacy policy: mailerlite.com/legal/privacy-policy.
- Payhip
- E-commerce platform. Handles checkout, payment, and digital download delivery. Based in the UK. Their privacy policy: payhip.com/privacy.
- Netlify
- Web hosting provider. Stores the site files and processes basic server logs. Based in the United States, with appropriate data transfer safeguards. Their privacy policy: netlify.com/privacy.
- Google Fonts
- Provides the typefaces used on this site. May log your IP address when fonts load. Their privacy policy: policies.google.com/privacy.
We do not sell, rent, or share your data with anyone outside this list. We do not use your data for advertising on other platforms.
How long we keep your data
- Email subscribers: until you unsubscribe, or until two years of complete inactivity (no opens or clicks), at which point we remove your address.
- Customer purchase records: kept for six years after the purchase date, in line with HMRC requirements for business records.
- Server logs: kept by Netlify for around 30 days for security purposes.
Your rights
Under UK GDPR you have the following rights regarding your personal data. To exercise any of them, email info@thesecretlawyer.co.uk. We will respond within one calendar month.
- Right of access: ask for a copy of the data we hold about you.
- Right to rectification: ask us to correct inaccurate or incomplete data.
- Right to erasure: ask us to delete your data, subject to our legal record-keeping obligations.
- Right to restriction: ask us to pause processing while a query is resolved.
- Right to portability: ask for your data in a machine-readable format to take elsewhere.
- Right to object: object to processing based on legitimate interests, including direct marketing.
- Right to withdraw consent: withdraw consent for any processing based on consent at any time.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your data properly. Their contact details: ico.org.uk, or call 0303 123 1113.
Cookies and similar technologies
This site itself does not set tracking or advertising cookies. Some functional cookies may be set by:
- Payhip during checkout, to maintain your cart and session.
- Google Fonts when typefaces are loaded.
You can clear or block cookies through your browser settings. Doing so should not affect your ability to read the free guides or place an order.
International transfers
Some of our service providers (Netlify, Google Fonts) are based outside the UK. Where data is transferred outside the UK, we rely on the providers' standard contractual clauses or equivalent safeguards as required by UK data protection law.
Children
This site is intended for adult employees and individuals dealing with workplace issues. We do not knowingly collect data from anyone under 18. If you believe we hold data on a child, contact us and we will delete it.
Changes to this policy
If we change this policy substantially, we will update the date at the top of this page and, where the change affects how we use your existing data, email subscribers to let them know.
Contact
For any question about this privacy policy or your data:
Email: info@thesecretlawyer.co.uk
Trader: The Secret Lawyer
Registered trading address: 61 Bridge Street, Kington, HR5 3DJ, United Kingdom