Privacy Policy — The Resilient SME
Legal

Privacy Policy

Last updated: 29 January 2026
Back to home

The Resilient SME ("we", "us", "our") is committed to protecting your privacy and handling personal data responsibly and transparently. This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website or complete our SME Resilience Assessment.

Who we are

The Resilient SME provides structured resilience diagnostics, insight, and advisory support for small and medium-sized enterprises, and for organisations that support them, including banks and insurers.

For data protection purposes, we are the data controller.

Contact
Email: info@theresilientsme.com
Website: theresilientsme.com
Company No. 17053510 · London, England

What data we collect

We may collect the following information:

  • Contact details such as name, email address, and organisation
  • Business-related information provided through the SME Resilience Assessment
  • Technical information such as IP address, browser type, and device information (via standard website analytics)

We do not collect sensitive personal data (special category data).

How we use your data

We use personal data to:

  • Generate and deliver the SME Resilience Diagnostic Report
  • Communicate with you about your assessment or related enquiries
  • Improve our services and diagnostic tools
  • Where relevant, provide aggregated, anonymised insight to partner organisations

We do not sell personal data.

Lawful basis for processing

We process personal data under the following lawful bases:

  • Consent — where you actively choose to complete the assessment or contact us
  • Legitimate interest — to provide and improve our services in a proportionate and expected way

You may withdraw consent at any time.

Data sharing

We may share data:

  • With trusted service providers who support delivery of the assessment (e.g. hosting, analytics), under strict confidentiality
  • In anonymised and aggregated form with partner organisations for insight purposes

We do not share identifiable personal data with partners without explicit consent.

Data retention

We retain personal data only for as long as necessary to deliver the assessment and related services, or to meet legal and regulatory obligations. You may request deletion of your data at any time.

Your rights

Under UK GDPR, you have the right to:

Access your personal data
Request correction or deletion
Restrict or object to processing
Request data portability

To exercise these rights, contact us at info@theresilientsme.com

Data security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse.

Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.