Privacy Policy

1. Introduction

GreenTree Advisory Ltd is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you use our website or engage with our consulting services.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are the data controller for the purposes of data protection law.

2. What Information We Collect

We may collect and process the following types of personal data:

Personal Information

• Name and job title
• Email address and telephone number
• Company name and business address
• Industry sector and business requirements
• Communication preferences

Technical Information

• IP address and browser type
• Operating system and device information
• Website usage data and page interactions
• Cookies and similar tracking technologies

3. How We Use Your Information

We use your personal data for the following purposes:

• Providing Consulting Services: To deliver our strategy, operations, digital transformation, financial advisory, human capital, and risk & compliance consulting services
• Communication: To respond to your enquiries, consultation requests, and provide updates about our services
• Service Improvement: To analyse website usage and improve our digital platforms and service delivery
• Marketing: To send relevant information about our consulting expertise across all business functions (with your consent)
• Legal Compliance: To comply with legal obligations and protect our legitimate business interests

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: When you provide explicit consent for marketing communications or cookies
• Contractual Obligation: When processing is necessary to perform consulting services or respond to service enquiries
• Legitimate Interest: For website analytics, business development, and improving our consulting offerings
• Legal Obligation: To comply with applicable UK and EU regulations

5. How We Store and Protect Your Data

We take data security seriously and implement appropriate technical and organisational measures:

• Data is stored on secure servers located within the UK and EU
• Access is restricted to authorised personnel only
• We use encryption for data transmission and storage
• Regular security assessments and updates are conducted
• Data retention periods are limited to what is necessary for the stated purposes

Personal data is typically retained for:

• Active clients: Duration of engagement plus 7 years for legal compliance
• Marketing contacts: Until consent is withdrawn or 3 years of inactivity
• Website analytics: Up to 26 months

6. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to third parties. We may share your information only in the following circumstances:

• Service Providers: Trusted third-party suppliers who assist with website hosting, email services, and analytics (bound by strict confidentiality agreements)
• Legal Requirements: When required by law, court order, or to protect our legal rights
• Business Transfer: In the event of a merger, acquisition, or sale of business assets (with appropriate data protection safeguards)

All third-party processors are carefully selected and contractually required to maintain the same level of data protection as GreenTree Advisory.

7. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your personal data (subject to legal obligations)
• Restriction: Request limitation of processing in certain circumstances
• Portability: Request transfer of your data to another service provider
• Objection: Object to processing based on legitimate interests or for marketing purposes
• Withdraw Consent: Withdraw consent for processing where consent is the legal basis

To exercise any of these rights, please contact us using the details provided in Section 10. We will respond to your request within one month.

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience and analyse website performance.

Types of Cookies We Use:

• Essential Cookies: Necessary for website functionality
• Analytics Cookies: Help us understand how visitors interact with our website
• Marketing Cookies: Used to deliver relevant advertising (with your consent)

You can manage your cookie preferences through your browser settings. However, disabling certain cookies may affect website functionality.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations.

When we make significant changes, we will:

• Update the "Last updated" date at the top of this policy
• Notify you via email if you are an active client or subscriber
• Post a notice on our website highlighting the changes

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

10. Contact Information

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how we handle your personal data, please contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection matters, if you believe we have not handled your personal data appropriately.

ICO Contact Details:
Website: ico.org.uk
Phone: 0303 123 1113