Privacy Policy

Finding X Limited

Finding X Academy Limited

Privacy Policy

1. Introduction

This is our privacy policy. It tells you how we collect and process data received from you, including how we process data in relation to our customers, suppliers, business contacts and visitors of our site. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

This policy applies to Finding X Limited and Finding X Academy Limited.

If you have any comments on this privacy policy, please email them to

2. Who We Are

Here are the details that the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on the free movement of such data, known as General Data Protection Regulation (GDPR) says we have to give you as a 'data controller':

- Our site address is

- Finding-X Limited and Finding X Academy Limited have their registered address at Suite 6 Dukes House, High Street, Windsor, Berkshire, England, SL4 1LD

- Our Data Protection Officer is Chris Finch and he can be contacted at

3. What information we collect

We may collect and process the following data about you:

- Identity data, including name, username or similar identifier.

- Contact data, including email address, postal address and telephone numbers.

- Financial data, including bank account and payment details.

- Transaction data, including details about payments to and from you and other details of services you have purchased from us or products/ services we have purchased from you.

- Technical data, including IP address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology you use to access our site.

- Profile data, including your username and password, your interests, preferences, feedback and survey responses.

- Usage data, including information about how you use our website and services

- Marketing and communication data, including your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share Aggregated data such as statistical or demographic data. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage data to calculate the percentage of users accessing a specific website feature.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:

- you have given consent to the processing of your personal data for one or more specific purposes;

- processing is necessary for the performance of a contract to which you are a party or in order to take steps at the request of you prior to entering into a contract;

- processing is necessary for compliance with a legal obligation to which we are subject;

- processing is necessary to protect the vital interests of you or of another natural person;

- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and/or

- processing is necessary for the purposes of the legitimate interests pursued by us or by a third party such as our credit card payment processing, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data.

We use different methods to collect data from and about you, including:

- Direct interactions when you purchase our services or we purchase your products or services, create an account on our site, subscribe to our service of publications, request marketing to be sent to you, enter a promotion or survey, or give us feedback or contact us.

- Automated technologies or interactions – we collect data by using cookies. Please see our Cookie Policy [coming soon] for further details.

4. Cookies

We use various cookies to distinguish users and improve our site. Please look at our Cookie Policy [Coming soon] for more cookie information.

5. How we use what we collect

We use information about you to:

- Present site content effectively to you.

- Provide information and services that you request, or (with your consent or if we have another lawful basis) which we think may interest you.

- Carry out our contracts with you.

- Tell you our charges.

If you are already our customer, we will only contact you electronically about things similar to what was previously sold to you.

Please note: We don't identify individuals to our advertisers, but we do give them aggregate information to help them reach their target audience, and we may use information we have collected to display advertisements to that audience.

If you don’t want us to use your personal data for any of the reasons set out in this section 5, you can let us know at any time by contacting us at, and we will delete your data from our systems. However, you acknowledge this may limit our ability to provide our services to you.

In some cases, the collection of personal data may be a statutory or contractual requirement, and we will be limited in the services we can provide you if you don’t provide your personal data in these cases.

Please find below further information as to the purposes and lawful basis of the personal data that we collect and process.

Type(s) of data subject

Categories of personal data

Purpose of processing

Lawful basis

Customers, their employees and contractors

Contact information, including name, address, telephone number and e-mail address

Communication data including e-mail communication, text and other messaging services

Financial data including bank account and payment card details

Transaction data including details about payments to and from customers.

To ensure that we can supply the services requested by the customer, including facilitating invoicing and payment.

Necessary for the performance of a contract.

Customers, their employees and contractors

Contact information, including name, address, telephone number and e-mail address.

Marketing communications

Consent required for the Finding X weekly newsletter.

Suppliers, partners, subcontractors and their employees

Contact information, including name, address, telephone number and e-mail address; bank details.

To enable compliance with obligations under relevant contracts, including logging and payment of invoices.

Necessary for the performance of a contract

Business contacts

Contact information, including name, company name, job position, address, telephone number and e-mail address, including those available via business networking websites, such as LinkedIn.

Business networking

Legitimate interests of all parties

1. The legitimate interests of both the Company and its business contacts is to network in the context of business.

2. It is necessary to exchange, keep and otherwise process contact information in order to network in the context of business.

3. There is normally a positive action taken by all parties to provide their contact details during networking with the expectation that such contact details, including personal data, may be used by the recipient for business networking.

Event contacts

Contact information, including name, company name, job position, address, telephone number and e-mail address, including those available via event websites such as Meetup and EventBrite.

Event registration, communication of future events and weekly newsletter.

Consent required for the Finding X weekly events communications.

6. Where we store your data

We may transfer your collected data to storage outside the European Economic Area (EEA). It may be processed outside the EEA to fulfil your order and deal with payment.

We will only transfer your data to countries that are deemed to have an adequate level of protection of personal data by the European commission; or we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe; or we may transfer data to US based providers that are part of the Privacy Shield.

By giving us your personal data, you agree to this arrangement. We will do what we reasonably can to keep your data secure.

If we give you a password, you must keep it confidential. Please don't share it. Although we try to provide protection, we cannot guarantee complete security for your data, and you take the risk that any sending of that data turns out to be not secure despite our efforts.

We only keep your personal data for as long as we need to in order to use it as described above in section 5, and/or for as long as we have your permission to keep it. In any event, we will conduct regular reviews to ascertain whether we need to keep your personal data. Your personal data will be deleted if we no longer need it.

7. Disclosing your information

We are allowed to disclose your information in the following cases:

- If we want to sell our business, or our company, we can disclose it to the potential buyer.

- We can disclose it to other businesses in our group.

- We can disclose it if we have a legal obligation to do so, or in order to protect other people's property, safety or rights.

- We can exchange information with others to protect against fraud or credit risks.

We may contract with third parties to supply services to you on our behalf. These may include payment processing, search engine facilities, advertising and marketing. In some cases, the third parties may require access to some or all of your data. These are the third parties that have access to your information:

- Dropbox - storage and access of documents

- Microsoft Office 365 – storage and access of documents

- Google Analytics, Google Maps (for the contact page map) – cookies use on site (for more information on cookies see please see our Cookie Policy [coming soon])

Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under GDPR and the law.

8. Your rights

You can ask us not to use your data for marketing. You can do this by ticking the relevant boxes on our forms, or by contacting us at any time at

Under the GDPR, you have the right to:

- request access to, deletion of or correction of, your personal data held by us at no cost to you;

- request that your personal data be transferred to another person (data portability);

- be informed of what data processing is taking place;

- restrict processing;

- to object to processing of your personal data; and

- complain to a supervisory authority.

You also have rights with respect to automated decision-making and profiling.

To enforce any of the foregoing rights or if you have any other questions about our site or this Privacy Policy, please contact us at

9. Links to other sites

Please note that our terms and conditions and our policies will not apply to other websites that you get to via a link from our site. We have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

10. Changes

This Policy was last updated on 5 July 2019. If we change our Privacy Policy, we will post the changes on this page.

11. Automated Decision-Making and Profiling

We do not undertake any automated decision-making, including profiling.