Privacy Policy

This Privacy Policy intends to provide you with all relevant information in relation to the collection and processing of personal data relating to you which may be collected by Expert Thinking (Consulting) Limited (“we”, “us”, “our” or “Expert Thinking”).
By “personal data” we mean all data relating to a living individual who can be identified from that data. Identification maybe by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation 2016/679 (the “GDPR”).
We may need to update this notice from time to time. Should there be any substantial changes, we will let you know by email.

Who we are

Expert Thinking is a cloud technology consultancy, working with its customers to maximise value and benefit from their investment in cloud technology. We have offices in Canterbury but operate across the UK. Expert Thinking is the data controller. This means it decides how personal data is processed and for what purposes.
We have adopted this Privacy Policy to best safeguard personal data and provide a transparent overview of how we handle personal data. Expert Thinking complies with its obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

How we collect information about you

We collect personal data each time you are in contact with us, for example, when you:
We also collect some personal data automatically when you visit the website (e.g. your IP address) to enable us to provide you with a browsing experience more tailored to your individual needs through using cookies or gives us a better understanding of how you are using our services.
Personal data may also be given to us from trusted third parties (e.g. our partners). Personal data passed onto us in this way is only ever used to provide you with the services you have requested. We may sometimes pass on your personal data to our partners if we cannot offer you the services you have requested but believe they can assist you.

Why do we collect and use your information?

We will use the personal data we collect for the purpose disclosed at the time of collection or otherwise as set out in this Privacy Policy. We will not use your personal data for any other purpose without first seeking your consent unless authorised or required by law. Generally, we will only process your personal data to:

The legal basis for processing your personal data

Who sees your personal data/storing your personal data

Personal data is held securely on computers and servers within the EEA or EU. It is kept strictly confidential and is never sold, given away or otherwise shared with anyone (with the exceptions stated below) unless required by law. We store the majority of personal data in the cloud with access limited to specific relevant personnel. Where possible, personal data is encrypted during transit and at rest. We will not sell or pass any of your personal data to any other third parties without your express written permission, with the following exceptions:
Where such personal data is shared, your personal data is restricted to the purpose for which it is provided and we ensure it is stored securely and kept no longer than necessary.

The categories of information that we may collect, hold and share

Special category (sensitive) personal data

We may in some cases store special category (sensitive) personal data which can be defined as biometric data, genetic data, mental health, philosophical view or associations, physical health, political views or associations, racial or ethnic background, religious views or associations, sex life, sexual orientation or trade union membership.
Special category personal data will only ever be collected with your consent and only if there is a legitimate, lawful reason for its collection as well as meeting a specific condition outlined in Article 9 of the GDPR.

Retention periods

We hold your data for varying lengths of time depending on the type of information in question but in doing so always comply with GDPR.
We conduct annual checks to ensure that the personal data we are holding is accurate and that you agree to us holding it. If you would like to know specific retention periods please refer to the Retention Periods Policy which can be requested by email to

Keeping your personal data up to date

Please tell us as soon as any of your personal data change so that we can keep our records up to date. You can change the way we contact you or the kind of material we send you at any time by contacting us by email to

Requesting access to your personal data

You can request access to the personal data that we hold about you by emailing We will provide you with access to your personal data within 30 days unless we are legally authorised to refuse your request. We may refuse your request to access, amend or delete your personal data in certain circumstances. If we do refuse your request, we will provide you with a reason for our decision and, in the case of amendment, we will note with your personal data that you have disputed its accuracy.

Your rights under GDPR


Expert Thinking will take reasonable steps to keep secure any personal data, which we hold and to keep this personal data accurate and up to date. Personal data, held electronically, is stored in a secure server or secure files with restricted access and careful monitoring.
The Internet is not a secure method of transmitting information. Accordingly, we cannot accept responsibility for the security of information you send to or receive from us over the Internet or for any unauthorised access or use of that information. We take security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. Your personal data will be held for a reasonable period or as long as the law requires or permits.

Cookies Policy

Cookies are small text files that are used to store small pieces of information. The cookies are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make the website more secure, provide better user experience, and understand how the website performs and to analyse what works and where it needs improvement.
For more information on what cookies are and how we use them, see our Cookies Policy.


Our website may also include links to other websites. Links provided are for your convenience to provide further information such as LinkedIn, Twitter and our partners’ websites. Please look at the cookie and privacy policies on these third-party sites if you want more information about this. Users of our website click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links.


Any documents or files made available to download from our website are provided at users’ own risk

Further processing

If we wish to use your personal data for a new purpose, not covered by this Privacy Policy, then we will provide you with a notice explaining this new use before commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

Changes to this Privacy Policy

Expert Thinking (Consulting) Limited may amend this Privacy Policy from time to time to ensure compliance with changes or amendments to the law of the UK. Any amended version will be available on our website or upon request by email to We suggest that you visit our website regularly to keep up to date with any changes.
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioner’s Office at
For further information on how your personal data is used, how we maintain the security of your personal data, and your rights to access personal data we hold on you please email

Our customers achieve more with cloud