Last updated: 9 May 2026
Mercy Brown (“we”, “us”, “our”) operates the website mercybrown.co. This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website or contact us.
We are committed to protecting your privacy and handling your data in an open and transparent way.
1. Who We Are
Mercy Brown is a sole trader consulting business based in London, United Kingdom. For any privacy-related queries, contact us at hello@mercybrown.com.
2. What Data We Collect
We may collect the following personal data:
- Contact form submissions — name, email address, organisation name, service interest, and message content
- Email newsletter sign-ups — email address
- Website usage data — pages visited, time spent, browser type, and device information (collected via cookies)
- Communications — any emails or messages you send to us directly
3. How We Use Your Data
We use your personal data for the following purposes:
- To respond to your enquiries and provide the services you have requested
- To send you our newsletter and insights if you have subscribed
- To improve our website and understand how visitors use it
- To comply with our legal obligations
We will never sell your personal data to third parties.
4. Our Legal Basis for Processing
- Contractual necessity — to respond to your enquiries and deliver services
- Legitimate interests — to improve our website and communications
- Consent — for newsletter subscriptions and non-essential cookies
5. Third Party Services We Use
We use the following third party services which may process your data on our behalf:
- Hostinger — our website hosting provider, servers located in Lithuania (EU). Privacy policy: hostinger.com/privacy-policy
- Google Workspace — email and business communications. Privacy policy: policies.google.com/privacy
- Klaviyo — email marketing and newsletter management. Privacy policy: klaviyo.com/legal/privacy-notice
- Typeform — booking and enquiry forms. Privacy policy: typeform.com/help/a/typeform-gdpr-360029295552
- Google Analytics — website analytics. We use GA4 with IP anonymisation enabled. Privacy policy: policies.google.com/privacy
- WordPress — our website content management system. Privacy policy: automattic.com/privacy
Each of these providers operates under their own privacy policies. We recommend reviewing them if you have concerns about how they handle data.
6. Data Retention
We retain your personal data only for as long as necessary:
- Contact form enquiries — retained for 2 years or until the purpose for which they were submitted is fulfilled
- Newsletter subscribers — until you unsubscribe
- Analytics data — as per Google Analytics default retention settings (14 months)
7. Your Rights
Under UK GDPR, you have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data (“right to be forgotten”)
- Object to processing of your data
- Request restriction of processing
- Data portability
To exercise any of these rights, contact us at hello@mercybrown.com. We will respond within 30 days.
8. Cookies
We use cookies on our website. Please see our Cookie Policy for full details.
9. Data Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction. Our website uses SSL encryption (HTTPS) for all data transmission.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated date. Continued use of our website following any changes constitutes your acceptance of the updated policy.
11. Contact Us
If you have any questions about this Privacy Policy or your data, please contact: hello@mercybrown.com
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.