GDPR Compliance Statement

At Vani Malik Consulting, we are committed to protecting the privacy and security of the personal data we process. We fully comply with the requirements of the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR), as applicable.

1. Our Commitment to Data Protection

We respect your right to privacy and handle all personal data responsibly, lawfully, and transparently. Our data handling practices are designed to ensure that personal information is:

  • Processed lawfully, fairly, and in a transparent manner;

  • Collected for specified, explicit, and legitimate purposes;

  • Limited to what is necessary in relation to those purposes;

  • Accurate and kept up to date;

  • Stored only for as long as necessary; and

  • Secured using appropriate technical and organisational measures.

2. Personal Data We Process

Depending on the nature of our engagement, we may collect and process personal data such as:

  • Contact information (e.g., name, email address, phone number);

  • Business details (e.g., company name, position, project information);

  • Billing and financial information; and

  • Any other information provided in the course of consultancy or communication.

We do not collect sensitive personal data unless it is strictly necessary and with explicit consent.

3. Purpose and Legal Basis for Processing

We process personal data for the following purposes:

  • To provide consultancy and professional services;

  • To manage client relationships and communications;

  • To comply with legal and regulatory obligations; and

  • For administrative, operational, and financial management.

Our processing is based on one or more of the following lawful grounds:

  • The performance of a contract or to take steps prior to entering into one;

  • Compliance with a legal obligation;

  • Legitimate business interests; or

  • Consent (where explicitly given).

4. Data Sharing and Transfers

We may share personal data with trusted third-party service providers (e.g., accountants, IT support, or cloud services) only where necessary and under strict confidentiality agreements. We do not sell or rent personal information.

If data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or equivalent protections.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law, regulation, or professional standards.

6. Data Subject Rights

Under GDPR, you have the following rights:

  • To access your personal data;

  • To request correction or deletion;

  • To restrict or object to processing;

  • To withdraw consent (where applicable);

  • To data portability; and

  • To lodge a complaint with the relevant supervisory authority.

Requests to exercise these rights can be made by contacting us directly (see details below).

7. Security Measures

We implement appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, or alteration. This includes secure storage, encrypted communications, and restricted data access based on role and necessity.

8. Contact Information

If you have any questions or concerns about how we handle your personal data, please contact us:

Vani Malik Consulting – Company number 16774677
Email: alex@vanimalikconsulting.com
Website: vanimalikconsulting.com
Address: 4 Henrietta Close,
Wivenhoe,
Essex,
CO7 9HF

Share This