Privacy Notice

Grové Advisory

Grové Advisory is committed to protecting your privacy and handling your personal data with care, transparency, and integrity.

This notice explains how we collect, use, and protect your information when you engage with us.

1. Who We Are

Grové Advisory provides independent advice for complex data and transformation programmes. We operate as a boutique advisory, working directly with senior leadership.

For the purposes of data protection law, Grové Advisory is the data controller of any personal data you provide.

2. What Information We Collect

We collect only the information necessary to operate effectively and professionally. This may include:

  • Name and contact details (email address, phone number)

  • Professional information (job title, organisation)

  • Information you provide through contact forms, emails, or calls

  • Website usage data (via cookies or analytics tools)

We do not collect unnecessary personal data, and we do not knowingly collect sensitive personal data unless it is directly relevant to an engagement.

3. How We Use Your Information

Your information is used to:

  • Respond to enquiries and provide advisory services

  • Communicate regarding potential or ongoing engagements

  • Manage professional relationships

  • Improve our website and service offering

  • Meet legal or regulatory obligations

We do not use your data for unsolicited marketing or mass communications.

4. Legal Basis for Processing

We process personal data under one or more of the following lawful bases:

  • Legitimate interests – to operate and grow a professional advisory business

  • Contractual necessity – where processing is required to deliver agreed services

  • Legal obligation – where required by law

  • Consent – where you have explicitly agreed (e.g. cookies)

5. Data Sharing

We do not sell, rent, or trade your personal data.

We may share data with trusted third parties only where necessary, such as:

  • IT and website hosting providers

  • Professional advisers (e.g. legal, accounting)

  • Regulatory or legal authorities if required

All third parties are expected to handle your data securely and in line with applicable laws.

6. Data Retention

We retain personal data only for as long as necessary to:

  • Fulfil the purpose it was collected for

  • Meet legal, regulatory, or contractual obligations

When data is no longer required, it is securely deleted.

7. Data Security

We take appropriate technical and organisational measures to protect your data against:

  • Unauthorised access

  • Loss or misuse

  • Accidental disclosure

However, no system is completely secure. We take a pragmatic, risk-based approach aligned with the nature of our work.

8. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you

  • Request correction of inaccurate data

  • Request deletion of your data (where appropriate)

  • Object to or restrict processing

  • Withdraw consent where applicable

To exercise these rights, contact us using the details below.

9. Cookies and Website Data

Our website may use cookies or analytics tools to understand how visitors use the site and to improve performance.

You can control cookie preferences through your browser settings.

10. Contact

If you have any questions about this privacy notice or how your data is handled, please contact:

Grové Advisory
Email: enquiries@grove-advisory.com
Website: https://www.grove-advisory.com

11. Updates to This Notice

This privacy notice may be updated from time to time to reflect changes in law or how we operate. The latest version will always be available on our website.