How we handle your data

We are Sarem Consulting Ltd, a consulting firm providing speacialised consulting services to clients covered under the SIC codes (including but not limited to) 62020, 70229 and 73200 per the Standard Industrial Classification of the United Kingdom.

• Registered office address: 167-169 Great Portland Street, 5th Floor, London, W1W 5PF

• Company registration number: 15986899

• Data Protection Officer / Privacy Contact: Sarp Oktay

• Contact email for privacy queries: info@saremconsulting.com

• Telephone: +44 7391447560

We may collect and process the following categories of personal data when you interact with our website or services:

• Identity Data: Name, job title, company name.

• Contact Data: Email address, phone number, postal address.

• Business Information: Information provided in enquiries, proposals, or contracts.

• Technical Data: IP address, browser type, operating system, cookies, analytics data.

• Marketing & Communications Data: Your preferences for receiving marketing from us.

We do not intentionally collect sensitive personal data (special category data) through our website.

We collect data in the following ways:

• Directly from you when you:

  • Fill in forms on our website (e.g. contact forms, newsletter sign-up)

  • Communicate with us via email, phone, or meetings

  • Engage our services

  • Join our newsletter

• Automatically when you:

  • Visit our website (via cookies and analytics tools)

We use your personal data only where lawful. Typical purposes include:

• Responding to enquiries and requests

• Delivering consulting services

• Managing our client relationships and contracts

• Sending updates, insights, or marketing (where you have opted in)

• Improving our website, services, and user experience

• Meeting our legal, regulatory, and compliance obligations

We process your personal data under one or more of the following legal bases:

• Consent – where you have given clear consent (e.g. for marketing emails).

• Contract – where processing is necessary to perform a contract with you.

• Legal Obligation – where we must comply with the law.

• Legitimate Interests – where processing is necessary for our legitimate business interests and your rights do not override those interests.

We may share your personal data with trusted third parties, including:

• Professional advisers (accountants, auditors, legal advisers)

• IT and website hosting providers

• Marketing and analytics service providers

• Regulators or authorities if legally required

We will not sell your data to third parties.

We may transfer your personal data outside the United Kingdom to the following countries:

• Türkiye

• Sweden

When we transfer personal data, we ensure that appropriate safeguards are in place to protect it.

• For Sweden, which is within the European Economic Area (EEA), transfers are permitted under the UK GDPR’s adequacy arrangements recognising the EU/EEA as providing an adequate level of protection for personal data.

• For Türkiye, which is outside the EEA and does not currently have an adequacy decision from the UK, we implement appropriate safeguards such as binding contractual agreements with our partners/clients that ensure your data is protected in line with UK GDPR requirements.

In both cases, we also comply with the local data protection laws and regulations applicable in those jurisdictions to ensure your data is handled securely and lawfully.

We keep your personal data only for as long as necessary for the purposes described in this policy. Retention periods vary depending on the type of data and our legal obligations.

• Enquiry and communication data (prospective clients, website enquiries, general correspondence): Up to 3 years from the date of last contact, unless you request earlier deletion.

• Client records (contracts, project files, consulting deliverables, business correspondence): Retained for 7 years after the end of the client relationship, in line with statutory limitation periods for contractual claims in the UK.

• Financial and invoicing records (including transaction data required for HMRC purposes): Retained for 6 years from the end of the relevant financial year, as required under UK tax law.

• Marketing subscription data (e.g. newsletter opt-in): Retained until you unsubscribe or withdraw your consent. Once withdrawn, your details will be removed from our active mailing lists and added to a suppression list to ensure you do not receive further communications.

At the end of the applicable retention periods, personal data will be securely deleted or anonymised.

Under UK GDPR, you have the following rights regarding your personal data:

• Right to access

• Right to rectification

• Right to erasure

• Right to restrict processing

• Right to data portability

• Right to object to processing

• Right to withdraw consent (where applicable)

• Right to lodge a complaint with the ICO (www.ico.org.uk)

To exercise your rights, please contact us at info@saremconsulting.com

Our website uses cookies to enhance your browsing experience and gather analytics.

• Necessary cookies – essential for the site to function

• Analytics cookies – help us understand how visitors use our site

You can manage your cookie preferences via your browser settings or our cookie banner.

We implement appropriate technical and organisational measures to safeguard your personal data, including:

• Secure servers and encrypted communications

• Access controls and authentication

• Staff training and confidentiality obligations

We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised “last updated” date.

If you have any questions about this Privacy Policy or how we handle your data, please contact:

Sarem Consulting Ltd
Email: info@saremconsulting.com
Address: 167-169 Great Portland Street, 5th Floor, London, W1W 5PF
Telephone: +44 7391447560

If you are not satisfied with our response, you can lodge a complaint with the Information Commissioner’s Office: www.ico.org.uk.