top of page

Managing Data 



Circa45 is committed to protecting your privacy.  Transparency is very important to us.  This privacy policy (dated 12/01/2023) outlines what data we gather, how we use it, and the rights that you have to manage and access your data. Our policy is written in line with the General Data Protection Regulations.


Circa45 collects data including email address, name, address, telephone number.  This is to enable us to work as a trusted advisor to our clients and contacts in the industry. We hold this limited data under the GDPR lawful basis of “legitimate interest”.  We are committed to ensuring that this is transparent, fair, necessary and limited.  In order to fulfil these important requirements, we carry out ongoing legitimate interest assessment.

Our uses of personal data include:

  • inviting people to thought leadership events or industry events;

  • updating individuals in the industry on relevant legal or regulatory changes;

  • informing individuals about a project that they might be interested; and

  • updates on Circa45 services, locations or other progress.

As an organisation we have an obligation to work with our clients, contacts, and the wider industry to share our ideas and thought leadership and help to raise standards. To enable us to do this we contact our clients and contacts when we feel there is information that is in their interest.


We will never share personal information with externally controlled parties. Processors are vetted to ensure that they comply with GDPR and data protection requirements. We may transfer personal data outside of the European Economic Area (EEA) to one of our numerous live project offices around the world. Client information is not shared outside this group.

Circa45 does not use or disclose personal information such as race, religion or political affiliations, without your explicit consent.


Individuals included in our database have the right to correct or access their information at any time. To do so, clients/individuals should contact their main Circa45 contact or


Individuals have the right to object to their information being used for the purposes listed above and can request that they are removed from our database at any time unless there is a legal reason for us to keep information on record.


We will keep written records of all of our processing activities relating to client data as required under the GDPR regulations.

All personal data will be kept securely in accordance with our information security policy. We will retain personal data for the purposes listed above until we decide the services we provide are no longer relevant to the individual or in rare cases indefinitely where necessary for business efficacy.


Individuals can contact Melanie Harber at in the event that:

  • they are concerned or suspect that personal data processing without a lawful basis is taking place

  • a data breach has occurred

  • personal information has been accessed without the proper authorisation

  • personal information has not been kept or deleted securely

  • personal information has been removed from our premises without appropriate security measures being in place

  • a breach of this policy has occurred

  • there has been a breach of any of the data protection principles set out in paragraph “Criminal records data”

bottom of page