Privacy Policy

Last updated: 26 March 2026

1. Overview

The Workplace Inclusion Consultancy ("TWIC", "we", "our", "us") is committed to safeguarding your privacy when you access our website, use our platform, or engage with our services. This privacy policy explains how we collect, use, store, and protect your personal information.

2. Information We Collect

We may collect the following types of information:

  • Contact details provided through enquiry forms, demo requests, trial sign-ups, and partner applications (including name, email address, phone number, and company information)
  • Account information when you register for and use the TWIC platform
  • Health and disability-related information disclosed through the platform by employees (processed as special category data under UK GDPR)
  • Website usage data collected via analytics tools
  • Cookie data used to improve your experience on our website

3. How We Use Your Information

We use the information we collect to:

  • Respond to your enquiries and provide our consultancy and platform services
  • Set up and manage your account on the TWIC platform
  • Process and manage workplace adjustment disclosures and cases
  • Send transactional emails related to your account and platform activity
  • Improve our website, platform, and services
  • Comply with legal and regulatory obligations

4. Legal Basis for Processing

We process your personal data under UK GDPR on the following bases:

  • Consent — where you have provided explicit consent, particularly for marketing communications and special category data
  • Contract — where processing is necessary to fulfil our contractual obligations to you or your employer
  • Legitimate interests — where processing is necessary for our legitimate business interests, provided these do not override your rights
  • Legal obligation — where processing is required to comply with applicable laws, including employment and equality legislation
  • Employment obligations — for special category health data, processing is necessary for the purposes of carrying out obligations under employment law, including the Equality Act 2010

5. Data Sharing

Your personal information is kept confidential and is not sold or traded. We may share data with the following categories of third-party processors:

  • Supabase — database hosting and authentication (EU region)
  • Vercel — website and platform hosting
  • Resend — transactional email delivery
  • Stripe — payment processing
  • MailerLite — marketing email communications
  • Legal advisors or regulatory bodies where required by law

Data Processing Agreements are in place with our third-party processors to ensure your data is handled securely and in compliance with UK GDPR.

6. Cookies

Our website uses cookies for functionality and analytics purposes. You can manage your cookie preferences through your browser settings. Functional cookies (such as authentication) are necessary for the platform to operate and cannot be disabled.

7. Data Retention

Enquiry and marketing data is typically retained for 24 months unless you request earlier deletion. Platform account data is retained for the duration of the service agreement with your employer, plus any legally required retention period. Health and adjustment data is retained in accordance with your employer's data retention policy and applicable legal requirements.

8. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Restrict or object to processing of your data
  • Request data portability
  • Withdraw consent at any time (where consent is the basis for processing)

To exercise any of these rights, please contact us at hello@theworkplaceinclusionconsultancy.com.

9. International Data Transfers

We endeavour to keep all personal data within the UK and EU. Where data is transferred outside the UK, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) as required under UK GDPR.

10. Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption, access controls, audit logging, and regular security reviews. Access to personal data within the TWIC platform is controlled through role-based access control and is limited to authorised personnel only.

11. Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

12. Contact Us

If you have any questions about this privacy policy or how we handle your personal data, please contact us at hello@theworkplaceinclusionconsultancy.com.