Privacy Policy
Last updated: 12 February 2026
1. Who we are
Harmonic Action Ltd (Company No. 13105152) is a company registered in England and Wales.
Registered office:
128 City Road
London
EC1V 2NX
Harmonic Action Ltd is the data controller responsible for your personal information.
If you have any questions about this Privacy Policy or how we handle your personal data, please contact:
Ivan Teage, Director
ivan@harmonicaction.com
2. The personal information we collect
We may collect and process the following categories of personal data:
Client and prospective client information
Name
Business name
Job title
Contact details (email address, telephone number)
Information you provide in the course of enquiries or consultancy projects
Website usage information
IP address
Technical information about your device and browser
Information about how you use our website
We do not intentionally collect special category personal data as part of our normal business activities.
3. How we use your personal information and our lawful basis
A. To provide consultancy services
We process personal data to:
Communicate with clients
Deliver digital transformation consultancy services
Manage contracts and projects
Maintain business records
Lawful basis:
Contract (Article 6(1)(b) UK GDPR) – where processing is necessary to perform a contract with you.
Legitimate interests (Article 6(1)(f)) – for ordinary business administration and delivery of services, where these interests are not overridden by your rights.
Our legitimate interest is in operating and managing our consultancy business.
B. To respond to enquiries
We process personal data to respond to enquiries and to take steps at your request prior to entering into a contract.
Lawful basis:
Article 6(1)(b) – steps prior to entering into a contract (where applicable).
Legitimate interests (Article 6(1)(f)) – responding to communications and managing potential business relationships.
C. To operate and secure our website
We process limited technical data to:
Maintain website security
Prevent misuse or abuse
Ensure functionality
Lawful basis:
Legitimate interests (Article 6(1)(f)) – maintaining the security and proper functioning of our website.
D. To comply with legal obligations
We may process personal data where necessary to:
Comply with tax, accounting or regulatory requirements
Establish, exercise or defend legal claims
Lawful basis:
Legal obligation (Article 6(1)(c))
Legitimate interests (Article 6(1)(f))
4. Cookies
Our website uses cookies.
These include essential security and functionality cookies provided by third-party infrastructure providers (including Cloudflare). These cookies are necessary for website security and performance.
Lawful basis:
Legitimate interests (Article 6(1)(f)) – ensuring website security and functionality.
We do not currently use analytics, advertising, or tracking cookies. If this changes, this policy will be updated and any required consent mechanisms implemented in accordance with UK PECR.
You can manage cookies through your browser settings.
5. Where we get personal information from
We collect personal data:
Directly from you
Through correspondence with you
Through your use of our website
We do not obtain personal data from data brokers.
6. Who we share personal information with
We may share personal data with:
Independent consultants engaged to support client projects
Professional advisers (such as accountants)
Service providers supporting our IT systems, email and website hosting
We only share personal data where necessary for legitimate business purposes and require third parties to handle data appropriately.
We do not sell personal data.
7. International transfers
Some service providers supporting our IT systems and website infrastructure may process personal data outside the United Kingdom.
Where personal data is transferred outside the UK, appropriate safeguards are in place in accordance with UK data protection law, including:
The UK Addendum to Standard Contractual Clauses, or
Adequacy regulations issued by the UK government.
You may request further information about these safeguards by contacting us.
8. How long we keep personal information
We retain personal data only for as long as necessary for the purposes described above.
Typical retention periods include:
Client contract and project records: 6 years after the end of the contract
Financial and accounting records: 6 years
General enquiries where no contract is entered into: up to 12 months
Data may be retained for longer where necessary to establish, exercise or defend legal claims.
9. Your data protection rights
Under UK data protection law, you have rights including:
The right to access your personal data
The right to rectification
The right to erasure
The right to restrict processing
The right to object (where processing is based on legitimate interests)
The right to data portability (where processing is based on contract and carried out by automated means)
To exercise any of these rights, please contact info@harmonicaction.com.
We will respond within one month unless an extension is lawfully permitted.
10. Providing personal data
If you are entering into a contract with us, certain personal data is required so that we can provide services. If you choose not to provide required information, we may not be able to enter into or fulfil a contract with you.
11. Automated decision-making
We do not use automated decision-making or profiling that produces legal or similarly significant effects.
12. Complaints
If you have concerns about how we use your personal data, please contact us first.
You also have the right to complain to the Information Commissioner’s Office (ICO):
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline: 0303 123 1113
Website: www.ico.org.uk