Privacy Policy

ConsultancyConnects ("we", "our", "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our platform, in compliance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

ConsultancyConnects is the data controller for personal data collected through this platform. You may contact us at: support@consultancyconnects.com

We collect the following categories of personal data:

• Account data: name, email address, phone number, password (hashed)
• Profile data: professional bio, work experience, education, profile photo
• Communication data: messages sent through our inbox system
• Payment data: bank transfer slips (image uploads only, no card data stored)
• Usage data: IP address, browser type, pages visited (for security and analytics)
• Consent records: cookie consent timestamps and IP addresses

• Contract performance: to provide our consultancy marketplace services
• Legitimate interests: platform security, fraud prevention, service improvement
• Consent: cookies, marketing communications (where applicable)
• Legal obligation: compliance with applicable laws and regulations

• Creating and managing your account
• Facilitating consultant-client connections
• Processing consultation requests and session verifications
• Sending transactional emails (approval/rejection notifications, consultation requests)
• Displaying consultant profiles publicly
• Calculating and awarding points and badges
• Ensuring platform security and preventing fraud

We do not sell your personal data. We may share data with:

• Email service providers (for transactional emails only)
• Hosting providers (for platform operation)
• Legal authorities (if required by law)

We retain your personal data for as long as your account is active. When you delete your account, identifying account details are anonymized and the account is soft-deleted, while limited historical records may be retained for platform history, fraud prevention, and legal compliance. Any retained records are not linked to a future account you create.

Under GDPR, you have the right to:

• Access — request a copy of your personal data
• Rectification — correct inaccurate data
• Erasure — request deletion of your data ("right to be forgotten")
• Portability — receive your data in a portable format
• Restriction — restrict processing of your data
• Objection — object to processing based on legitimate interests
• Withdraw consent — at any time, where processing is based on consent

To exercise any of these rights, contact us at: support@consultancyconnects.com

We use essential cookies for session management and security (CSRF protection). We do not use third-party tracking cookies or advertising cookies. You may manage cookie preferences at any time.

We implement appropriate technical and organisational measures to protect your personal data, including: encrypted connections (TLS/SSL), hashed passwords (bcrypt), CSRF protection, XSS prevention, SQL injection prevention, and role-based access control.

Your data is stored and processed on servers within our hosting environment. We do not transfer data to countries outside applicable data protection standards without appropriate safeguards.