Home  /  Privacy Policy

Privacy Policy

How we handle personal information collected through this website and related interactions.

This Privacy Policy explains how Taskscape Associates Ltd (“Taskscape”, “we”, “us”) handles personal information collected through this website and through related interactions such as enquiries, contracts and projects.

We are the data controller. Taskscape Associates Ltd is registered in England and Wales (company number 06028065). Contact: [email protected].

Last reviewed: May 2026.

The Rules We Work To

Many of the research and innovation programmes we work within have their own data management rules, including those of UK and EU funders such as UKRI, Horizon Europe, Erasmus+ and equivalents. We follow these rules where they apply, alongside broader data protection regimes. We comply with UK data protection law, including the UK GDPR, the Data Protection Act 2018, and equivalent laws in other regions we operate in.

Types of Data

We draw a working distinction between kinds of information:

Personal data identifies a living person: names, emails, phone numbers, role and organisation details and the like. We keep this on our own systems in the UK. The main exception is when this information is collected through survey and form platforms, sometimes hosted outside the UK. Those providers operate under the data protection laws that apply where they are based, and often where they operate. We use them only where we judge them suitable.

Project data covers project content that doesn’t identify an individual, or where individuals have consented to its use, including within media. This includes text, media and images hosted on platforms such as Vimeo, YouTube and social platforms, as well as material that passes through AI tools as part of our workflows. These providers sometimes run their services on servers outside the UK and operate under the data protection and content rules that apply to them in those regions, including UK and EU law where relevant. We choose providers carefully, and where AI is involved, we follow the approach set out in Our Position on AI. We never share project information deemed sensitive inappropriately with other people or platforms.

Information We Collect

We collect personal information in the following ways:

  • Information you give us. When you contact us, request a proposal, enter into a contract or work with us as a client, supplier or Associate, you may share your name, email address, phone number, organisation, role and details of your enquiry or project.
  • Information collected automatically. When you visit the site, we receive limited technical data such as IP address, browser type, device type, referring URL and pages viewed. This comes from cookies and similar technologies (see our Cookies Policy).
  • Information from third parties. We may receive your details from clients, partners or referrers who have a lawful reason to share them, for example when introducing you as a project contact.

How We Use Your Information

We use personal information to:

  • Respond to your enquiry and provide services you have asked for
  • Administer contracts, projects and payments
  • Operate, secure and improve this website
  • Send relevant updates where you have asked to receive them
  • Meet legal and regulatory obligations, including accounting and tax

Legal Bases

Under the UK GDPR and the Data Protection Act 2018, we rely on:

  • Contract: to take steps before entering into a contract with you and to perform that contract
  • Legitimate interests: to run our business, manage relationships, keep the site secure and reach out where it is reasonable to expect possible interest and contact
  • Consent: for optional cookies, marketing emails and any other purpose where consent applies
  • Legal obligation: where we must process data to meet a duty under law

Who We Share Information With

We do not sell personal data. We share it only where needed, with:

  • Associates and project partners working with us on your behalf, under written agreements
  • Service providers such as web hosting, email, analytics, payment and accounting platforms, who act as processors on our instructions
  • Professional advisors, including accountants, auditors, insurers and lawyers
  • Public authorities, where we are required by law to disclose

International Transfers

Personal data we hold about you is kept in the UK on our own systems. These systems and servers deploy all available, reasonable, and recommended best-practice protections to the best of our abilities. The exceptions are collection via form and survey platforms, which sometimes run on servers elsewhere. Those providers handle survey responses under the data protection laws that apply where they operate, and we use them where we judge them suitable. Where personal data is shared with mainstream providers based outside the UK, this happens through services whose own terms include the safeguards required by UK law.

How Long We Keep It

We keep personal data only as long as we need it for the purpose for which it was collected, or as required by applicable laws and regulations. Enquiry records are typically kept for up to two years. Contract and finance records are kept for seven years from the end of the relevant tax year to meet UK accounting obligations.

Your Rights

You have the right to:

  • Access a copy of the personal data we hold about you
  • Have inaccurate data corrected
  • Ask us to delete data where there is no good reason for us to keep it
  • Restrict or object to certain processing
  • Receive data you provided in a portable format
  • Withdraw consent at any time where consent is the legal basis, and there’s no conflict with an existing signed release form, or equivalent arrangement whose terms have been respected

To exercise any of these rights, email [email protected]. We will respond within one month. If you are not satisfied with how we handle a request, you have the right to complain to the Information Commissioner’s Office.

Security

We use reasonable technical and organisational measures to protect personal data, including access controls, encrypted transport and regular backups. Some of our tools and partners, including AI services and media hosting platforms, run on servers outside the UK. We choose providers carefully and use settings that keep your data out of training pools and shared logs wherever those options exist. No system is ever completely secure, so we encourage care when sending sensitive information by email.

Changes to This Policy

We will update this page if our practices change. The date at the top shows when it was last reviewed.