Crimson & Co is the trading name of Crimson Consulting (UK) Ltd, which is incorporated in England and Wales under the Companies Act 1985 – No 4683556. Registered office: Crimson Consulting (UK) Ltd, 137 Euston road, London, NW1 2AA.
The data controller is Crimson Consulting (UK) Ltd (referred to in this policy as ‘we’ or ‘us’).
Looking after the personal data you share with us is hugely important and we want you to be confident that your data is safe and secure with us. This policy sets out what we do with your information and what we do to keep it secure. It also explains where and how we collect your personal information, as well as your rights over any personal information we hold about you. If you have any queries about this statement, please contact us.
All personal data is collected and stored in line with the Data Protection Act 1998 and the General Data Protection Regulations.
When you register for our services, download a report or join our mailing list, you may provide us with:
When you browse our website, we may collect:
When you contact us, or we contact you, we may collect:
Why we collect personal data
We collect data for the following purposes:
This data is collected from all web users. Web access logs are used for statistical purposes only (e.g. to measure the use/performance of the site) except in the event of a security breach when they could be used for tracing the breach. No information gathered from web logs is given or sold to any third party.
Any personal information that you provide to us will only be used for the purpose stated at the time we request it. This information will not be disclosed to a third party except where authorised by you or as otherwise permitted by the Data Protection Act and the General Data Protection Regulations.
How long we retain your personal data
We will retain a record of your personal information. This is done to provide you with a high quality and consistent service. We will always retain your personal information in accordance with law and regulation and never retain your information for longer than is necessary.
We have implemented generally accepted standards of technology and operational security to protect personally identifiable data and information from loss, misuse, alteration or destruction. We use iThemes security to keep our data secure.
iThemes collect the IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 30 days.
We back up our data which is stored on Amazon S3, who are GDPR compliant. We store backups for 30 days when they are then deleted. We have an SSL certificate for www.crimsonandco.com and all its subdomains.
Definition and why they are used
Cookies are small data files that allow a website to collect and store a range of data on your desktop computer, laptop or mobile device. Cookies contain information unique to your web browser which allow the website to remember your choices and preferences during your visit, but they do not include personal information that can identify you.
Cookies help us to provide important features and functionality on our website and we use them to improve your customer experience. Cookies help our website recognise your device and remember little bits of information about your visit like your preferences, settings and how you use the website. This information is then used to personalise and improve the way you interact with our site.
Google analytics and cookies
You may opt out of Google Analytics by visiting
How to manage your cookies
You may stop or restrict the placement of cookies on your computer by adjusting your settings in your web browsers. However, this may interfere with some of the functionality of the site. You can find more detailed information about how you can manage Cookies at the all about cookies and your online choices websites.
E-mail and Electronic Forms
If you have given your consent, we at Crimson & Co may provide you with information about news, services and products that we believe will be of interest to you. You can change your mind about your marketing preferences by contacting us at any time.
We collect the following information:
This data will be used for the following purposes:
In all cases this information will only be used for the stated purpose for which it was provided. A number of online forms are provided on this site. Each form is processed using standard mail techniques and is not encrypted.
If you opt in to our mailing list, your data will be stored with Zoho CRM, wo are GDPR compliant. Your data will be stored for as long as it’s on our mailing list.
Links to other sites
Access to collected information
Under the Data Protection Act 1998 and the General Data Protection Regulations, you have the right to request a copy of any data we hold about you and you can request for any inaccurate information to be corrected or removed from the database at any time. If you have any concerns regarding the data held about you by Crimson & Co, a subject access request must be made in writing for the attention of our data protection officer, Jonathan Gibson to the address given in the contact details below. We will respond within 30 days of your request.
If you have any questions about how we collect, store and use personal data please contact us:
Call: +44 (0) 845 644 6972
Write: Crimson & Co, 137 Euston Road, Kings Cross, London NW1 2AA