Privacy Policy
Last updated: 16 March 2026
Who we are
The Sim Smithy Ltd (“we”, “us”, “our”) is a company registered in England and Wales.
- Company number: 16533597
- Registered address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ
- Website: thesimsmithy.com
- Contact email: privacy@thesimsmithy.com
We design and deliver bespoke board-based business simulations for consultancies and learning & development teams.
What this policy covers
This policy explains how we collect, use, store and protect your personal data when you visit our website or interact with our business. It applies to all visitors to thesimsmithy.com and to anyone who contacts us through the site.
We are the data controller for the personal data described in this policy. We are committed to protecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
What personal data we collect
Information you give us directly
When you use our contact form or email us, we may collect:
- Your name
- Your email address
- Your company or organisation name
- The content of your message
- Any other information you choose to include
Information collected automatically
When you visit our website, our web server may automatically log limited technical data such as your IP address, browser type, and the date and time of your visit. This is standard web server functionality and is not used for analytics or tracking purposes.
We do not use Google Analytics or any other analytics or tracking tools on this website.
Information we do not collect
- We do not operate an online shop or process payments through the website
- We do not require you to create an account or log in
- We do not collect sensitive or special category data through the website
- We do not track your browsing behaviour across our site or elsewhere
Why we collect your data and our legal basis
| Purpose | Data used | Legal basis (UK GDPR) |
|---|---|---|
| Responding to your enquiry | Name, email, company, message | Legitimate interest (Article 6(1)(f)) — to respond to prospective clients who contact us |
| Sending follow-up information you have requested | Name, email | Consent (Article 6(1)(a)) — only where you have explicitly asked us to |
| Meeting legal or regulatory obligations | Any data we hold | Legal obligation (Article 6(1)(c)) |
Where we rely on legitimate interest, we have considered whether your rights and freedoms override that interest and concluded that they do not, given the limited nature of the data and the reasonable expectations of someone contacting a business.
Who we share your data with
We do not sell, rent or trade your personal data.
We may share your data with the following categories of third party, only to the extent necessary:
- Website hosting provider: Hostinger — to serve and maintain the website
- Email provider: Google Workspace — to respond to your enquiries
- Professional advisers: Accountants or legal advisers, where required
- Law enforcement or regulators: Where we are legally required to do so
All third-party providers we use are required to handle your data securely and in accordance with applicable data protection law.
International transfers
Some of our service providers process data outside the UK. Google Workspace may store data in the US and other countries; Hostinger operates data centres in multiple locations. Where data is transferred outside the UK, it is protected by appropriate safeguards such as Standard Contractual Clauses or an adequacy decision by the UK Government.
How long we keep your data
We keep your personal data only for as long as we need it:
| Data type | Retention period |
|---|---|
| Contact form submissions | 24 months from last contact, unless a project relationship begins |
| Project-related correspondence | 6 years from project completion (to meet contractual and tax obligations) |
| Cookie data | See our Cookie Policy for individual cookie durations |
After these periods, data is securely deleted or anonymised.
How we protect your data
We take appropriate technical and organisational measures to protect your personal data, including:
- SSL/TLS encryption on our website
- Secure, password-protected access to systems that hold personal data
- Limiting access to personal data to those who need it
- Regular review of our data handling practices
No method of transmission over the internet is completely secure, but we take reasonable steps to protect the data you share with us.
Your rights
Under UK data protection law, you have the right to:
- Access — request a copy of the personal data we hold about you
- Rectification — ask us to correct inaccurate or incomplete data
- Erasure — ask us to delete your data (in certain circumstances)
- Restriction — ask us to limit how we use your data
- Objection — object to our processing of your data, including where we rely on legitimate interest
- Data portability — request your data in a structured, machine-readable format
- Withdraw consent — where processing is based on consent, withdraw it at any time (this does not affect the lawfulness of processing carried out before withdrawal)
To exercise any of these rights, contact us at privacy@thesimsmithy.com. We will respond within one month of receiving your request.
How to complain
If you are unhappy with how we have handled your personal data, please contact us first at privacy@thesimsmithy.com so we can try to resolve the matter.
If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
- Website: ico.org.uk
- Telephone: 0303 123 1113
- Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Changes to this policy
We may update this policy from time to time. Any changes will be posted on this page with an updated “Last updated” date. We recommend checking back occasionally.