Thorogood HR Limited (“we”, “our”, “us”) is committed to protecting the privacy and security of our clients’ personal data. This Privacy Policy explains how we collect, use, and safeguard personal information in accordance with the UK GDPR and Data Protection Act 2018.
We provide HR services to organisations. As part of delivering these services, we may collect, use, and store limited personal information about our clients and their employees (where applicable).
Our contact details:
Business name: Thorogood HR Ltd
Registered Office: 316 Wimbledon Central, 21-33 Worple Road, Wimbledon. SW19 4BJ
Email: claire@thorogoodhr.co.uk
Telephone: 00 44 (7)855 850777
We only collect the data necessary to provide HR services. This may include:
contact details (name, job title, email, phone number, address)
employment-related information shared with us in the course of providing HR advice or support
business information (company name, size, sector)
We do not collect unnecessary or excessive data.
We use personal data solely for the following purposes:
to deliver HR consultancy and advisory services
to maintain professional records of our work with clients
to comply with legal or regulatory obligations
We do not use personal data for marketing or profiling.
We process personal data under the following lawful bases:
Contract: where processing is necessary to provide HR services under an agreement with you.
Legal obligation: where we are required to keep certain records or comply with regulatory duties.
Legitimate interests: where processing is necessary for running our business, provided it does not override your rights and freedoms.
We treat client data confidentially. We may share personal data with:
Professional advisers (e.g., legal or financial advisers) where relevant.
Service providers who support our business (e.g. Microsoft 365), subject to confidentiality agreements.
Regulators or authorities if legally required.
We do not sell or trade personal data.
We store data within the UK/EEA.
We only keep personal data for as long as necessary to provide services and meet legal obligations. Typically, client records are kept for six years after the end of our relationship, unless law requires longer.
Under GDPR, you have the right to:
access the personal data we hold about you
request correction of inaccurate data
request deletion of your data (subject to legal requirements)
object to or restrict how we use your data
request transfer of your data to another provider (data portability)
complain to the Information Commissioner’s Office (ICO) if you are unhappy with how we handle your data. To exercise your rights, please contact us using the details above.
We use appropriate technical and organisational measures to protect personal data, including secure storage, restricted access, and confidentiality obligations for anyone handling data.
We may update this Privacy Policy from time to time. Any changes will be posted on our website or shared with clients directly where appropriate.
October 2025
