Outcomes Consulting

Outcomes ConsultingOutcomes ConsultingOutcomes Consulting

Outcomes Consulting

Outcomes ConsultingOutcomes ConsultingOutcomes Consulting
  • Home
  • About Us
    • Outcomes Consulting
    • About Us
    • Meet our Team
    • Testimonials
  • Our Services
    • Our Services
    • Operational Management
    • Human Resources
    • Clinical Services
    • Financial Planning
    • Social Work
    • Fostering & Residential
    • Quality Services
    • Learning & Development
    • Business Development
  • Pricing Model
  • More
    • Home
    • About Us
      • Outcomes Consulting
      • About Us
      • Meet our Team
      • Testimonials
    • Our Services
      • Our Services
      • Operational Management
      • Human Resources
      • Clinical Services
      • Financial Planning
      • Social Work
      • Fostering & Residential
      • Quality Services
      • Learning & Development
      • Business Development
    • Pricing Model
  • Home
  • About Us
    • Outcomes Consulting
    • About Us
    • Meet our Team
    • Testimonials
  • Our Services
    • Our Services
    • Operational Management
    • Human Resources
    • Clinical Services
    • Financial Planning
    • Social Work
    • Fostering & Residential
    • Quality Services
    • Learning & Development
    • Business Development
  • Pricing Model

Privacy Notice

Who are We

Outcomes Consulting is committed to processing personal data in line with our responsibilities under the UK General Data Protection Regulation (GDPR) and Data Protection Act 2018. Our offices are in Wales.

  • Name: Outcomes Consulting
  • Address: 
  • E-mail: 

Compliance:

If you need more information about the personal data we process, your rights or have any concerns about your personal data or our processing, please contact us at compliance@outcomesconsulting.co.uk

Outcomes Consulting website

We are data controllers for any personal data we receive when you contact us directly about the services we provide, or via our website forms.

What personal data do we collect and process?

  • your name
  • work or personal email address
  • telephone number
  • details about how you use our website

How we collect and process personal data

We use different methods to collect and process personal data from or about you, including direct interactions and cookies.

You provide personal data directly to us when submitting our website contact forms, or when contacting us by post, phone, email or other methods. This includes personal data you provide us when you:

  • ask about, apply for or subscribe to our services
  • contact us directly
  • engage in any other interaction with us

Cookies

When browsing our website we may collect data, via cookies, about your browsing actions, equipment, and patterns. You can choose not to accept certain cookies in your browser, but this may affect some website functionality or features.


How we use your personal data and lawful basis

We process your personal data to provide you with the services you requested or subscribed to. We only process personal data where we have a lawful basis for doing so. Our lawful bases for processing are:

  • to provide services to you under a contract (contractual basis)
  • legal or regulatory obligations (legal basis)
  • explicit consent (consent basis)
  • our (or our third party’s) legitimate interests and where those interests do not override your interests, rights, or freedoms (legitimate interests’ basis)

Contractual basis

  • processing your personal data where it is necessary to perform a contract, where you are a party or to take steps, at your request, before entering a contract
  • to administer and/or manage the services that you signed up for
  • to contact you with important information regarding your contracted services

Legal and regulatory basis

  • processing your personal data where it is necessary for compliance with our legal and regulatory obligations, including Information Commissioner’s Office (ICO), who require us to report information to them for specific circumstances.

Consent basis

  • where you consent contact with you, including communications or to share updates about our services
  • where you consent or opt-in to receive direct marketing communications from us, or a third party, via online, phone, email, or text message
  • where you consent to providing recommended services or promotions that may interest you.

Consent and legitimate interest bases

  • where you consent to us recording video calls and live chats with our customer services representatives, for internal training purposes.
  • where you consent to us sharing your personal data with our partners, for managing internal business processes and our services to you, in the most effective way.

Changing your mind – (opting-out)

  • if you change your mind and no longer consent to receiving information from us, you can opt-out (at any time), by simply contacting us or associated third parties.

Legitimate interest basis

  • to improve and develop our services, and internal operations
  • to provide a tailored and personal experience when using our website and services
  • to measure, understand and gain feedback on our services, allowing us to enhance and improve the services we provide you

Your legal rights as data subjects

When processing your personal data, we consider the individual rights, that you are granted (as a data subject) under data protection laws.

Right to be informed

  • you can request that we confirm whether we are processing your personal data or not
  • you can request our contact details
  • you can request the contact details of our representative or data protection officer
  • you can request the purposes of processing
  • you can request the lawful basis for our processing

Right of access

  • you can request access to your personal data – commonly known as a subject access request (SAR or DSAR)
  • access requests can be made by contacting us verbally, or in writing (email, letter)
  • we will not charge a fee to deal with a request in most circumstances

Right to rectification

  • you can request that inaccurate personal data is corrected or completed, where it is incomplete
  • you can request a rectification or correction by contacting us verbally, or in writing (email, letter)
  • there are some limited circumstances, where we can refuse a request for rectification or correction

Right to erasure (right to be forgotten)

  • you can request to have your personal data erased or deleted - also known as ‘the right to be forgotten’.
  • right to erasure requests, include circumstances where your “right to object” was successful
  • you can request your personal data is erased or deleted - where your personal data is no longer necessary for the purpose it was originally collected or processed
  • you can request your personal data is erased or deleted – where we are relying on consent as our lawful basis for holding your data and you withdraw consent
  • you can request your personal data is erased or deleted – where we are relying on legitimate interests as our lawful basis for processing, where you object to the processing and there is no overriding legitimate interest to continue processing
  • you can request your personal data is erased or deleted – where we are processing your personal data for direct marketing purposes and you object to that processing
  • you can request your personal data is erased or deleted – where we have processed your personal data unlawfully (i.e. in breach of the lawfulness requirement)
  • you can request your personal data is erased or deleted – where we must comply with a legal obligation
  • you can request for erasure by contacting us verbally, or in writing (email, letter)
  • NOTE:  is not absolute and only applies in certain circumstances, i.e., legal, or regulatory requirements may override your request

Right to restrict processing

  • you can request to restrict or suppress processing of your personal data
  • when processing is restricted, we are permitted to store the personal data, but not use it
  • right to restrict processing requests, include:
  • asking us to establish the accuracy of personal data; 
  • we may have used your personal data unlawfully, but you do not want it to be erased;
  • you want us to hold the personal data, where there is no longer a requirement for us to process it i.e., where you need to defend a legal claim OR where you have objected to processing and we need to verify whether there are overriding legitimate grounds
  • you can make a request to restrict processing by contacting us verbally, or in writing (email, letter)
  • NOTE: this is not an absolute right and only applies in certain circumstances.

Right to data portability

  • you can request data portability, where you request to obtain and reuse your personal data, for your own purpose, across different services, which includes history of website usage or search activities and/or location data
  • NOTE: this right only applies to information you provide us, where we are considered a data controller.

Right to object

  • you can object to us processing your personal data in certain circumstances – where we are relying on a legitimate interest (or those of a third party).
  • you can object and stop your personal data being used for direct marketing
  • you can object by contacting us verbally, or in writing (email, letter)
  • NOTE: in certain cases, where the right to object applies, we may be able to continue processing if we can show that we have a legitimate reason for doing so, that does not conflict with your rights, interests, or freedoms.

Right to complain

  • you can complain to us, or against us to the ICO, at any time. We would like to be given the chance to deal with your concerns before you approach the ICO, by contacting us compliance@outcomesconsulting.co.uk
  • you can contact the Information Commissioner’s Office (ICO), the UK’s supervisory, regulatory authority, for any concerns you have around our handling of your personal data

Responding to your requests (data subject access requests - DSARs)

  • we have one calendar month to respond to your request, but we may extend the time by a further two months if your request is complex or we have multiple requests from you, but will let you know and explain why any extension may be necessary
  • if you need more information about the personal data we process, your rights or have any concerns about your personal data or our processing, please contact us at compliance@outcomesconsulting.co.uk
  • in most cases there is no fee applicable to personal data or rights requests, but we reserve the right to charge a reasonable fee to cover any administrative burden, where your request is unfounded, overly excessive, or duplicates information previously received

Disclosure to third parties (sub-processors)

We may disclose your personal data to third-party sub-processors on occasions where we cannot reasonably perform processing activities ourselves or where we have made a business decision to do so. Where a sub-processor is used, we have contracts and clauses to ensure they adhere to our data protection, security and data privacy requirements.

Our website, sub-processors and locations

  • web development platform and hosting – US
  • web and usage analytics - US
  • office productivity software - US

Third-party links

Our website may include third-party links or associations to applications, contributors, plug-ins and/or other websites. Clicking on these links or enabling connections may allow third parties to collect or process personal data about you. We do not control third-party websites and are not responsible for their privacy statements. When you leave our website, please ensure you review and consider any third-party privacy policies.

International transfers

We may process your personal data outside the UK and take appropriate measures to ensure that your personal data and rights are given equivalent levels of protections, granted under UK data protection laws. In these cases, we consider:

  • if the transfer to another country or territory covered by adequacy regulations
  • if the transfer to the US under the UK Extension to the EU-US Data Privacy Framework
  • are we relying on transfer mechanisms and transfer risk assessment (TRA) under UK GDPR:
  • International Data Transfer Agreement (IDTA) OR International Data Transfer Addendum (Addendum)

Personal data security

We opt-in to privacy and security protections available in the third party products and services we use.

Storage and retention

We store and retain (keep) your personal data for as long as reasonably necessary to fulfil the purpose it was collected. On limited occasions, we may keep personal data longer, where you raise a complaint against us, or where we reasonably believe there is a prospect of litigation.

Privacy notice last update

In line with our legislative and regulatory requirements we keep this privacy policy under regular review. Last review and updated date: 28th November 2025.

Copyright © 2025-2026 Outcomes Consulting - All Rights Reserved.

  • Privacy

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept