Privacy Policy

1. Who We Are

SteinManagement is a trading name of Good and Proper Marketing Ltd (Companies House No: 14628441, registered in England & Wales), an independent British editorial platform operated at steinmanagement.com, with editorial offices at The Faversham, 1-5 Springfield Mount, Leeds, LS2 9NG, United Kingdom. For privacy enquiries: hello@steinmanagement.com.

2. What Information We Collect

2.1 Information You Provide

• Contact form submissions: name, email address, message content, and subject.
• Newsletter subscriptions: email address and selected subscription tier.
• Payment information: processed entirely by our PCI-DSS compliant payment processor. SteinManagement does not store card numbers or payment credentials.

2.2 Automatically Collected Information

• IP address, browser type, and operating system (via standard web server logs).
• Pages visited, time spent on pages, referring URL (via analytics tools).
• Cookie data (see Section 6).

3. How We Use Your Information

We use your personal data only for the purposes for which it was collected:

• Contact form submissions: to respond to your enquiry.
• Newsletter subscriptions: to deliver the newsletter service you subscribed to, send billing notices, and provide customer support.
• Analytics data: to understand how readers use our site and improve content and navigation.

We do not sell, rent, or share your personal data with third parties for their marketing purposes. We do not use personal data for automated decision-making or profiling.

4. Legal Basis for Processing (UK GDPR)

Under UK GDPR, we rely on the following lawful bases for processing your personal data:

• Consent (Article 6(1)(a)): for newsletter subscriptions and analytics cookies. You may withdraw consent at any time.
• Contract (Article 6(1)(b)): for processing subscription payments and delivering the service you have purchased.
• Legitimate interests (Article 6(1)(f)): for essential site security and fraud prevention.

5. Your Rights Under UK GDPR

As a UK data subject, you have the right to:

• Access the personal data we hold about you (Subject Access Request).
• Rectification of inaccurate or incomplete data.
• Erasure ("right to be forgotten") where processing is no longer necessary.
• Restriction of processing in certain circumstances.
• Data portability of data you provided under consent or contract.
• Object to processing based on legitimate interests.
• Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

To exercise any of these rights, contact us at hello@steinmanagement.com. We will respond within one calendar month as required by UK GDPR.

6. Cookies and Tracking

We use essential cookies to maintain session state and remember your cookie consent choice. We use analytics cookies (with your explicit consent) to understand site usage via aggregate, anonymised data. We do not use first-party advertising cookies. However, this site uses Infolinks, a third-party contextual advertising service. Infolinks may set cookies on your device for ad personalisation purposes. You can opt out via the Infolinks opt-out page.

Under UK GDPR, non-essential cookies require your prior consent. You may withdraw cookie consent at any time by clicking Reset Cookie Preferences.

7. Data Retention

• Contact form submissions: retained for 24 months for customer service purposes, then deleted.
• Newsletter subscriber data: retained while the subscription is active and for 12 months after cancellation.
• Analytics data: aggregate data retained indefinitely; individual session data retained for 26 months (ICO guidance standard).

8. Security

We implement appropriate technical and organisational measures under UK GDPR Article 32, including HTTPS encryption for all data in transit, access controls limiting personal data to authorised personnel, and regular security reviews. In the event of a personal data breach posing a risk to individuals' rights and freedoms, we will notify the ICO within 72 hours as required by UK GDPR Article 33.

9. Third-Party Services

We use third-party processors under appropriate data processing agreements (UK GDPR Article 28):

• Hosting provider: Web server infrastructure hosted in the United Kingdom or European Economic Area.
• Payment processor: PCI-DSS compliant; processes subscription payments on our behalf. We do not receive or store payment card data.
• Analytics: Aggregated, anonymised web analytics. No personally identifiable information is shared.

10. International Transfers

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place (UK adequacy regulations, standard contractual clauses, or equivalent protections) in accordance with UK GDPR Chapter V.

11. Changes to This Policy

We will notify subscribers by email of any material changes to this Privacy Policy at least 14 days before changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.

12. Contact for Privacy Matters

Data Controller: Good and Proper Marketing Ltd (trading as SteinManagement)
The Faversham, 1-5 Springfield Mount, Leeds, LS2 9NG, United Kingdom
Companies House No: 14628441
hello@steinmanagement.com