Privacy Policy

In compliance with UK and European data protection regulations, this privacy policy explains what personal information we collect from you when you visit our website, are a recipient of our services or attend one of our courses.

Risk Evolves is committed to processing personal information about its customers in ways that comply with its legal and regulatory obligations, and to being clear with customers about what it does with their personal information.

Data Collection

Risk Evolves may collect personal information which we receive when:

  • you use our website
  • you use our services
  • you contact us or
  • you are a recipient of our services.


We may collect the following types of information:

  • your name, address, email address, telephone number(s) and other contact details
  • information required to provide you with a service, and details of our services that you have used
  • your company’s name, your position in the company; the company’s address, company’s email address and telephone number
  • your payment information such as credit or debit card details and bank account details.

Website cookies

Cookies are small files of letters or numbers downloaded onto a device when users access websites. They are widely used in order to make websites work, or work more efficiently, as well as to provide service information to the owners of the site.

Cookie Purpose
Google Analytics We use cookie to gather data about how visitors use our website.  We then use this to help us to improve your experience of our website. The cookies collect information in an anonymous form, and capture information such as the number of visitors to the website, which pages they have used, where they have from etc.

To find out more about cookies, including how to see what cookies have been set, visit or

Find out how to manage cookies on popular browsers:

To find information relating to other browsers, visit the browser developer's website.

To opt out of being tracked by Google Analytics across all websites, visit

Why do we collect this information ?

We collect your personal information to:

  • provide you with services that you may request from us.
  • to allow us to communicate with you
  • for necessary administration purposese
  • meet our legal and regulatory obligations.

How do we collect this information ?

We collect personal information:

  • directly from our customers: e.g. when a customer signs up to receive our services or registers on our website
  • from publicly available sources: social media (such as LinkedIn), internet services (such as Companies House, company websites etc).

We are committed to keeping your information up to date. If you believe that we have made an error, then please contact us as we have outlined below and we will use reasonable endeavours to correct.


Keeping your information safe and secure.

Risk Evolves is committed to keeping customers’ personal information secure to protect it from being inappropriately or accidentally accessed, used, shared or destroyed, and against it being lost. We have been certified to Cyber Essentials and IASME since 2015, and we endeavour to ensure that our suppliers take similar steps to keep your data secure. We take organisational measures to keep information secure and provide regular training for staff on data protection.

In August 2019, we have certified to ‘Digitally Aware’ status as part of a new scheme from the Police Digital Security Centre and BSI.

Third party organisations

Except as set out below, we will not pass on your personal information to third parties unless access to your personal information is required by law.  We do not, and will never, sell your personal information to third parties.

Third Countries or International Organisations

The following third countries (ie. where your information is not held in the European Union / EEA) are listed below will receive your personal data for the processing activity as detailed below :


Third Country

(non EU / non EEA / International organisation)

Purpose of processing Safeguards in place and further information
Xero – hosted in New Zealand and US Accountancy, invoicing etc Use of Amazon Web Services and Microsoft Azure. Statement is here
Eventbrite –

Hosted in the US

Course Bookings EU-U.S. Privacy Shield

Link to more information is here

MailChimp –

Hosted in the US

Email marketing EU-U.S. Privacy Shield

Link to more information is here


Trello –

Hosted in the US

Project Management EU-U.S. Privacy Shield

Link to additional information is here



All other data is processed either in the UK or within the EU.

How long do we keep personal information ?

We will only retain customers’ personal information for as long as is required to carry out a particular purpose or to meet a particular obligation. In order that we are able to provide the best possible service to you, we have agreed and documented retention schedules that we consider to be relevant and proportionate to the service we are providing.

We retain details on services delivered for a period of 4 years post the end of the engagement.

Legitimate Interest

From time to time, we may process your information as part of the day to day running of Risk Evolves Ltd. It is in our interests to ensure that our processes and systems operate effectively in order that we can continue the high quality of service to you.

This may include processing your information to:

  • Monitor, maintain and improve internal business processes. We seek to improve the quality of service to you.
  • To perform credit assessments

We may send you marketing emails, letting you know about our news, offers and new services that we think may be of interest to you. However we understand that needs and requirements may change, and you may opt out at a later date by writing to us at  or by selecting ‘unsubscribe’ in the email link. We will not send you information if you’ve asked us not to.   You have a right at any time to stop us from contacting you for marketing purposes.

Links to other websites :

Our website may contain links to other websites of interest. However, you should note that we do not have any control over these other websites. Once you have used any of these links to leave our site, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting these sites and such sites are not governed by this privacy statement.


Access to personal information

We take the management of your information very seriously. Please do contact us if:

  • you feel that any information which we may have about you is incorrect
  • you want to see what personal information we hold about you (and receive a copy)
  • have any queries regarding the accuracy or the processing of your data (including any mis-use or unauthorised use)
  • want to withdraw your consent where any processing is based upon consent

If you ever have any concerns that we are not processing your personal information in accordance with the law, please contact us using the email address or postal address as follows :

Risk Evolves Ltd.
Highdown House
11 Highdown Road
Leamington Spa
CV31 1XT

Or by emailing us at

If you are still concerned, you can contact the Information Commissioners Office at

Changes to our privacy policy :

We keep our privacy policy under regular review and we will place any updates on this web page.

This privacy policy was last updated in August 2019.

Previously updated March 2019

Contact us