Skip to main content

Privacy Policy

Last updated: 22nd May, 2023

We care about your privacy. This privacy policy details how Consent Kit, Ltd (We, Us) uses any personal data we collect from you when you use or visit

How is your data collected?

Personal data is any information about an individual from which that person can be identified. The personal information that we may collect about you broadly falls into the following categories:

Information that you provide voluntarily

We may process and store information that you have provided voluntarily. For example, when you sign up to our updates we will ask you to provide your email address. It will be clear to you at this point what personal data you are providing.

Information that we collect from your activities

We collect information about how you use our website automatically through the use of cookies and other technologies. Some of these cookies can be enabled/disabled by selecting your preferences in the preference centre you are presented with when first interacting with this site. More information on cookies can be found under the ‘Cookies’ section below.

How will we use your data?

Purpose Type of data Lawful basis of processing
Share relevant content with you in relation to our services. Name, email address Necessary for our legitimate interests
Enable you to schedule a demo or call with us should you want to. Name, email address, organisation name Necessary for our legitimate interests
Provide you with a service and manage your account. Name, e-mail address, business address and phone number, billing information and address. Necessary for our legitimate interests
Email you with product updates and information about products and services we think you might like. Name, email address Consent – we will only contact you for direct marketing purposes with your prior consent.
Maintain up-to-date marketing preferences. Name, email address, marketing consent and any withdrawal of consent Necessary for our legitimate interests (to ensure we adhere to your wishes regarding direct marketing)
Responding to enquiries you have made. Name, email address, enquiry details Necessary for our legitimate interests (to respond to your enquiry)
Responding to support requests you have made. Name, email address, support request details Necessary for our legitimate interests (to respond to your support request)
Carry out customer survey or receive feedback through in-app messaging or via email. Name, email address, organisation, responses Necessary for our legitimate interests

We use an analytics tool called Fathom so we can understand our website traffic without using tracking cookies. Fathom respects your privacy and does not use any identifiable information.

How do we store your data?

We securely store your data on Heroku. Heroku’s physical infrastructure is hosted and managed within Amazon’s secure data centres and utilise the Amazon Web Service (AWS) technology. Amazon’s data centre operations have been accredited under ISO 27001, SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II), PCI Level 1, FISMA Moderate and Sarbanes-Oxley (SOX). These are the international standards for ensuring best practice data management and security.

All of the data is encrypted at rest using AES256 encryption. Your data in transit traverses the Internet via encrypted HTTPS traffic using TLS v1.2. This encryption during transit ensures information cannot be read or manipulated by unauthorised third parties.

Who do we share your data with?

Consent Kit shares personal data with a number of external organisations.

Heroku Host our application and data stores.
Manage SSL
USA (EU alternative)
AWS CDN and customer logos
Secure storage for uploaded consent
Postmark Email provider - Application emails USA
Sparkpost Email provider - Application emails
(EU alternative to Postmark)
Stripe Payment processor UK
Segment Data management and analytics USA
Mixpanel Product analytics.
(Data received from Segment)
Userlist Promotional email delivery USA
Intercom Customer support.
(Data received from Segment)
Calendly Scheduling USA
Usetiful In-app onboarding EU

International transfers

We may transfer personal data to a country outside the UK. Whenever we do this, we will ensure that arrangements are in place to provide suitable safeguards, such as UK Adequacy Regulations, Standard Contractual Clauses, International Data Transfer Agreements, or another mechanism permitted by law. For further information about this, please contact us.

How long will we hold your data?

We only hold information about you for as long as it is needed for the purpose(s) it was collected, or as required by law. Where you have purchased services from us, we will typically hold your information for 2 years after the contract is terminated.

Where you have provided your information for the purpose of receiving marketing communications from Consent Kit, we will hold your details until you withdraw your consent for direct marketing. We will contact you periodically to confirm that you would still like to hear from us.

When it is no longer needed, information about you will either be deleted or anonymised.

How and when will you hear from us?

We may use your contact details to update you about the latest news from Consent Kit


We rely on our legitimate interests to send direct marketing communications in a business to business context. However, where you have provided a personal email address to us, we will only send you marketing communications if you have provided your prior consent. This does not apply to service communications (see below).

You can opt out of our marketing communications at any time by clicking the “unsubscribe” link in any of our emails or by contacting

Service communications

We may send you certain communications, without your consent, if we are under a legal obligation to do so; if we feel sending the communication is in both yours and our interests; and/or it would be a disadvantage to you if we didn’t send you the communication.

These communications may include:

  • Notifying you about changes to our terms or privacy notice
  • Asking you to provide feedback on Consent Kit products and services

What are your rights?

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

  • The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service, in the event of asking for multiple copies
  • The right to rectification – You have the right to request that We correct any information you believe is inaccurate. You also have the right to request We to complete the information you believe is incomplete
  • The right to erasure – You have the right to request that We erase your personal data, under certain conditions
  • The right to restrict processing – You have the right to request that We restrict the processing of your personal data, under certain conditions
  • The right to object to processing – You have the right to object to Consent Kit’s processing of your personal data, under certain conditions
  • The right to data portability – You have the right to request that We transfer the data that we have collected to another organisation, or directly to you, under certain conditions

If you make a request, we will respond within one month. If you would like to exercise any of these rights, please contact us at our email:

Or write to us: Consent Kit, 4A Erlington Avenue, Manchester, M16 0FW, England.


Please see our Cookies Policy for information about how we use cookies.

Privacy policies of other platforms

The Consent Kit platform may contain links to other platforms. Our privacy policy applies only to our platform, so if you click on a link to another platform, you should read their privacy policy.

Changes to our privacy policy

Consent Kit keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 22nd May, 2023.

How to contact us

If you have any questions about Consent Kit’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Email us at: or write to us: Consent Kit, 4A Erlington Avenue, Manchester, M16 0FW, England.

Making a complaint

Should you wish to report a complaint or if you feel that Consent Kit has not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s Office in the UK.

Get help

Can't find what you are looking for?