Privacy Policy

Last Updated: February 2, 2026

BoldPaths Solutions ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website boldpaths.solutions and use our services.

We are registered in England and Wales and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Information We Collect

1.1 Information You Provide Directly

When you interact with our services, we may collect:

• Contact Information: Name, email address, phone number, company name
• Booking Information: Appointment details when you schedule consultations via Calendly
• Communication Data: Any information you provide when contacting us via email or other channels
• Professional Information: Job title, business sector, company size, and other relevant business information

1.2 Information Collected Automatically

When you visit our website, certain information may be collected automatically:

• Technical Data: IP address, browser type, operating system, device information
• Usage Data: Pages visited, time spent on pages, links clicked, referral source
• Cookies: See our Cookie Policy section below

2. How We Use Your Information

We use the information we collect for the following purposes:

• Provide Services: To deliver AI governance, voice solutions, and compliance services you've requested
• Communications: To respond to your enquiries, send appointment confirmations, and provide relevant service updates
• Service Improvement: To understand how our website is used and improve our services
• Legal Compliance: To comply with legal obligations and protect our legal rights
• Marketing: With your consent, to send you information about our services (you can opt out at any time)

3. Legal Basis for Processing (UK GDPR)

We process your personal data under the following legal bases:

• Consent: When you've given explicit permission (e.g., booking a consultation, subscribing to updates)
• Contract Performance: When necessary to fulfill our services to you
• Legitimate Interests: For business operations, improving our services, and protecting our rights (balanced against your privacy rights)
• Legal Obligation: When required by law

4. Third-Party Services

We use the following third-party services that may process your data:

4.1 Calendly

We use Calendly for appointment scheduling. When you book a consultation, your information is processed by Calendly in accordance with their privacy policy. Calendly is GDPR-compliant.

View Calendly's Privacy Policy

4.2 Web Hosting (Hostinger)

Our website is hosted by Hostinger. Server logs may collect technical information including IP addresses for security and performance purposes.

4.3 Email Services

We use standard email services to communicate with you. Your email address and communication content are processed securely.

5. Cookie Policy

Our website uses cookies to enhance your browsing experience and understand how our website is used.

5.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and improve functionality.

5.2 Types of Cookies We Use

• Essential Cookies: Necessary for the website to function properly (e.g., cookie consent preferences)
• Analytics Cookies: Help us understand how visitors use our website (only with your consent)
• Third-Party Cookies: Set by Calendly and other services when you interact with them

5.3 Managing Cookies

You can control cookies through our cookie banner or your browser settings. Note that blocking certain cookies may affect website functionality.

To manage cookies in your browser:

• Chrome: Settings > Privacy and security > Cookies
• Firefox: Options > Privacy & Security > Cookies
• Safari: Preferences > Privacy > Cookies
• Edge: Settings > Privacy > Cookies

6. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

• Client Data: Retained for the duration of our service relationship plus 7 years for legal and accounting purposes
• Marketing Communications: Until you unsubscribe or withdraw consent
• Website Analytics: Anonymized after 26 months
• Enquiry Data: Deleted after 2 years if no service relationship is established

7. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

• Right to Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Request limitation on how we use your data
• Right to Data Portability: Request your data in a portable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us using the details below.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Secure hosting with SSL/TLS encryption (HTTPS)
• Access controls and password protection
• Regular security assessments
• Staff training on data protection
• Secure data transmission and storage

While we take data security seriously, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

9. International Data Transfers

We primarily process data within the UK and EU. If we transfer data outside the UK/EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the UK Information Commissioner's Office
• Adequacy decisions by the UK government
• Other legally recognized transfer mechanisms

10. Children's Privacy

Our services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending email notifications to clients for material changes

We encourage you to review this policy periodically.

12. Complaints

If you have concerns about how we handle your personal data, you have the right to lodge a complaint with the UK supervisory authority:

Information Commissioner's Office (ICO)
Website: ico.org.uk
Telephone: 0303 123 1113

13. Definitions

• Personal Data: Any information relating to an identified or identifiable individual
• Processing: Any operation performed on personal data (collection, storage, use, disclosure, deletion, etc.)
• Data Controller: BoldPaths Solutions, who determines the purposes and means of processing personal data
• Data Subject: The individual whose personal data is being processed