STRATAGORA

Privacy Policy

1. Who we are
Stratagora (“Stratagora”, “we”, “us”, “our”) is based in the United Kingdom. We operate the website https://stratagora.com (“Site”). We are the data controller for personal data processed via our Site.
If you have any queries about this Privacy Policy or your personal data rights, please contact us at:
Email: privacy@stratagora.com
We have not appointed a Data Protection Officer, but our Privacy Lead can be reached via the email above.

2. What personal data we collect
We collect two categories of data:

a) Personal data you provide

  • Name, email address, phone number, organisation, job title — when you sign up for updates, subscribe to our newsletter, contact us, request resources, or engage with our services.

b) Technical & usage data collected automatically

  • Website analytics such as IP address, browser type and version, device operating system, referrer URL, device identifiers, pages visited, and time spent — collected via cookies and server logs.

3. Why we collect your data & our lawful basis
We process personal data for these purposes:

  • To provide services or respond to enquiries – based on performance of contract or legitimate interest.
  • To communicate updates and marketing – based on your consent (you may opt out at any time).
  • To improve our Site and offerings – based on legitimate interest (conducting analytics to enhance user experience).
  • To comply with legal obligations – e.g. tax, accounting, or legal record‑keeping.

4. How we use cookies and similar technologies
We use cookies and tracking technologies to:

  • Enable basic Site functionality (strictly necessary cookies).
  • Analyse Site usage (analytics cookies).
  • Manage your preferences (e.g. displaying cookie banner once).

You can manage or withdraw consent for non-essential cookies at any time via our cookie preference centre.

5. Who we share your data with
We will only share your personal data when necessary to:

  • Our trusted data processors (e.g. email marketing providers, analytics platforms, hosting services) under contractual obligation to keep your data secure and confidential.
  • Comply with legal obligations or respond to lawful requests from public or government authorities (e.g. Information Commissioner’s Office, law enforcement).

We do not sell or rent personal data to third parties.

6. International transfers
Your data may be transferred outside the UK to third‑country processors (e.g. hosting or analytics services based outside the UK). When this happens, we ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions, to protect your rights.

7. How long we keep your data

  • We retain personal data linked to a specific request, contract, or subscription until it is no longer necessary (e.g., marketing data until you unsubscribe; enquiry data until resolved plus any retention for record‑keeping).
  • Technical and analytics data is retained in aggregated or anonymised form indefinitely; any identifiable data is deleted after no more than 24 months.

8. Your rights
Under UK GDPR, you have the following rights:

  • Access – request a copy of personal data held by us.
  • Rectification – correct incomplete or inaccurate data.
  • Erasure – request deletion (“right to be forgotten”), subject to legal exceptions.
  • Restriction – request limitation of processing.
  • Portability – receive your data in a structured, machine-readable format and transmit it elsewhere.
  • Object – object to direct marketing or processing based on legitimate interests.
  • Withdraw consent – at any time for any processing based on consent.

To exercise your rights, please contact us at privacy@stratagora.com. We will respond within one month (or up to three months if complex).

You also have the right to complain to the UK Information Commissioner’s Office: https://ico.org.uk.

9. Automated decision-making
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

10. Security measures
We implement appropriate technical and organisational measures to protect personal data from unauthorised access, alteration, disclosure, or destruction. These include encryption, secured access controls, firewalls, and regular audits.

11. Children’s data
Our Site is not directed at children under 16. We do not knowingly collect data from children. If we become aware of personal data from a child under 16, we will delete it promptly.

12. Changes to this policy
We may update this Privacy Policy from time to time (e.g., to reflect changes in law or business practices). We will post the date of the last revision at the top and notify subscribers or users of material changes.

24 June 2025, Ascot