Privacy Policy

Last updated: February 2026

This Privacy Policy explains how HelloYouVA (trading as Harrington Harper Marketing) (“we”, “us”, “our”) collects, uses, stores and protects your personal data when you use our website, complete our quiz, contact us, book a call, or otherwise interact with us.

We are committed to handling personal data in line with the UK GDPR, the Data Protection Act 2018, and (where relevant) the Privacy and Electronic Communications Regulations (PECR).

1) Who we are

Data Controller
HelloYouVA (trading as Harrington Harper Marketing)
Capricorn Centre, Cranes Farm Road, Basildon, Essex, United Kingdom, SS14 3JJ
Email: [email protected]

This privacy policy applies to your use of our website and related communications and services.

If you have any questions about this policy or how we use your personal data, please contact us using the email address above.

2) What personal data we collect

We collect personal data that you provide to us directly, and limited technical information when you use our website.

A. Information you provide directly

We may collect:

Name

Email address

Business name (optional)

Information you include in:

our quiz

our contact form

call booking requests

emails/messages sent to us

B. Information collected automatically

When you visit our website, we may collect limited technical/usage information such as:

IP address

Browser type / device type

Pages visited

Date and time of visit

Basic website interaction data (for site functionality and administration)

C. Information from third-party tools/platforms

We use GoHighLevel (GHL) / LeadConnector and related tools to manage enquiries, bookings, communications and customer records. This means personal data you submit may be processed through those systems.

3) How we use your personal data

We use personal data for the following purposes:

A. Enquiries and communications

to respond to quiz submissions and contact form enquiries

to reply to emails/messages you send us

to communicate with you about your enquiry or next steps

B. Booking calls and delivering services

to manage appointments and booking communications

to provide services you request from us

to manage client/admin records connected to our services

C. Marketing communications (where lawful)

to send newsletters

to send promotional emails

to send SMS or WhatsApp messages (where you have opted in or where otherwise lawful)

D. Business operations and security

to administer and improve our website and services

to keep records of communications and business activity

to protect our website, systems and business from misuse

to comply with legal, tax and accounting obligations

We do not sell your personal data.

4) Our lawful bases for processing (UK GDPR)

Under UK GDPR, we must have a lawful basis for using personal data. Depending on the situation, we rely on one or more of the following:

Legitimate interests

We process personal data where necessary for our legitimate interests, including:

responding to enquiries

managing business communications

delivering and improving our services

maintaining business records

protecting our website and systems

When we rely on legitimate interests, we consider your rights and interests and do not use your data in a way that is unfair or unexpected.

Contract

We process personal data where necessary:

to take steps at your request before entering into a contract, or

to perform a contract with you (for example, where you become a client)

Legal obligation

We may process and retain personal data where required to comply with legal obligations (for example, accounting, tax, fraud prevention, or responding to lawful requests).

Consent

We rely on consent where required, including for certain direct marketing communications and any non-essential cookies/tracking if introduced in future.

If we rely on consent, you can withdraw it at any time.

5) Marketing communications (email, SMS and WhatsApp)

We may send marketing communications about our services, offers, and updates by:

Email

SMS (via GHL)

WhatsApp (where relevant)

And collect marketing sign-ups through:

a form tick box

a lead magnet sign-up

and related website forms/workflows

Under PECR, marketing by email/text is restricted and often requires consent (especially for individuals), and the ICO recommends clear opt-in boxes for consent where needed. (ICO)

Opting out

You can opt out of marketing at any time by:

clicking the unsubscribe link in emails, or

contacting us at [email protected]

Where applicable, SMS/WhatsApp messages will also include a way to stop future messages (or you can contact us directly).

Please note: if you opt out of marketing, we may still contact you in relation to an enquiry, booking, or service you have requested.

6) Who we share your personal data with

We only share personal data where necessary to operate our business and provide services.

This may include trusted service providers such as:

GoHighLevel (GHL) / LeadConnector (forms, CRM, booking, automation, email/SMS/WhatsApp communications)

Stripe (payment processing)

Zoom (calls/meetings)

Google Workspace (email and business operations)

Canva (business content creation and materials)

We may also share personal data:

with professional advisers (e.g. accountant, legal adviser) where necessary

where required by law, regulation, court order, or lawful request from an authority

to establish, exercise or defend legal claims

We require third-party providers to handle personal data appropriately and only for the services they provide to us.

7) International transfers

Some of the third-party services we use may process personal data outside the UK.

Where personal data is transferred outside the UK, we take reasonable steps to ensure appropriate safeguards are in place in line with UK data protection law (for example, approved contractual protections where required).

If you want more information about international transfers relating to your data, please contact us.

8) How long we keep your personal data (retention)

We keep personal data only for as long as necessary for the purposes we collected it, including business, legal, tax and accounting reasons.

Our current retention approach is:

Enquiry / lead data (where you do not become a client): up to 24 months after our last meaningful contact

Client records and related communications: up to 6 years after the end of the client relationship (for legal/accounting record-keeping)

Marketing contacts: until you unsubscribe, opt out, or ask us to remove your details (subject to limited suppression records)

Suppression / opt-out records: we may keep minimal details (such as email address) to ensure we honour your opt-out and do not contact you again in error

We may retain data for longer if required by law or where necessary for legal claims, dispute resolution, or fraud prevention.

9) Cookies and similar technologies

Our website may use cookies or similar technologies to help the site function and support basic website operations.

You can also manage cookies through your browser settings.

10) Your rights under UK data protection law

Under UK GDPR, you may have the right to:

Access the personal data we hold about you

Rectify inaccurate or incomplete personal data

Erase your personal data (in certain circumstances)

Restrict processing (in certain circumstances)

Object to processing based on legitimate interests

Object to direct marketing (including related profiling for marketing)

Data portability (in certain circumstances)

Withdraw consent at any time (where we rely on consent)

To exercise your rights, contact us at:
[email protected]

We may need to verify your identity before responding to your request.

The ICO says privacy notices should explain people’s rights and how they can complain, including withdrawal of consent where consent is your lawful basis. (ICO)

11) Complaints

If you have concerns about how we use your personal data, please contact us first and we will try to resolve the issue.

You also have the right to complain to the Information Commissioner’s Office (ICO), the UK data protection regulator. ICO guidance for small organisations also highlights explaining complaint routes in your privacy notice. (ICO)

12) Data security

We take reasonable technical and organisational measures to protect personal data from unauthorised access, misuse, loss, alteration or disclosure.

This may include secure systems, access controls, and limiting access to personal data to those who need it for business purposes.

However, no online service or transmission method is completely secure, and we cannot guarantee absolute security.

13) Children’s privacy

Our services are intended for adults and business users and are not aimed at children.

We do not knowingly collect personal data from children.

If you believe a child has provided personal data to us, please contact us and we will take appropriate steps to remove it.

14) AI tools

We may use AI tools to support business operations (for example, drafting, admin support, or workflow assistance).

We do not intentionally collect sensitive personal data through our website forms, and we aim to use AI tools responsibly and in line with our data protection obligations.

15) Third-party links

Our website may contain links to third-party websites, platforms or services.

We are not responsible for the privacy practices of those third parties. Please review their privacy policies before submitting personal data to them.

16) Changes to this policy

We may update this Privacy Policy from time to time to reflect changes to our services, tools, legal obligations or data practices.

Any updates will be published on this page with a revised “Last updated” date.

17) Contact us

HelloYouVA (trading as Harrington Harper Marketing)
Capricorn Centre, Cranes Farm Road, Basildon, Essex, United Kingdom, SS14 3JJ
Email: [email protected]