top of page

Privacy Policy

1. Introduction

P&J Hospitality Consultants, also referred to as P&J Hospitality Consultancy, “P&J”, “we”, “us” or “our”, respects your privacy and is committed to protecting your personal information.

This Privacy Policy explains how we collect, use, store, share and protect personal information when you visit pandjconsultancy.com, submit an enquiry, request a consultation, request a Free Business Health Check, communicate with us, or use our hospitality consultancy services.

This Policy is intended to provide clear and transparent information in accordance with applicable UK data protection law, including the UK General Data Protection Regulation, the Data Protection Act 2018, the Privacy and Electronic Communications Regulations and any applicable amendments introduced under the Data (Use and Access) Act 2025.

2. Who we are

For the purposes of UK data protection law, the data controller for personal information collected through this website and our business communications is:

P&J Hospitality Consultants
Trading as: P&J Hospitality Consultancy
Website: www.pandjconsultancy.com
Email: admin@pandjconsultancy.com

Privacy enquiries should be sent to: admin@pandjconsultancy.com

3. What personal information we collect

We may collect and process the following types of personal information.

Information you provide directly

This may include:

  • your name;

  • business name;

  • job title or role;

  • email address;

  • telephone number;

  • business or postal address;

  • details submitted through our website enquiry forms;

  • length of time your business has been open;

  • number of staff;

  • details of the operational, commercial, management, kitchen, stock control or performance issues you ask us to review;

  • any message, document or information you send to us by email, phone, contact form, social media or other communication channels.

Business and consultancy information

When we provide or discuss consultancy services, we may collect information about your hospitality business, including operational structure, management systems, kitchen processes, stock control, staffing arrangements, performance concerns, commercial objectives, cost pressures, procedures and business improvement requirements.

Where possible, please avoid sending us unnecessary personal information about your staff, customers, suppliers or guests. Where such information is relevant to a consultancy matter, it should be limited to what is necessary and, where possible, anonymised.

Website and technical information

When you use our website, we may collect limited technical information such as:

  • IP address;

  • browser type and version;

  • device type;

  • pages visited;

  • time and date of visits;

  • approximate location derived from technical data;

  • website usage information;

  • cookie and analytics information, where applicable.

Marketing and communication preferences

We may record whether you have agreed to receive communications from us, whether you have opted out, and your preferred method of contact.

4. How we collect personal information

We may collect personal information when you:

  • visit our website;

  • complete a contact or enquiry form;

  • request a Free Business Health Check;

  • contact us by email, telephone, social media or other communication channels;

  • book or discuss consultancy services;

  • provide information during a consultation, assessment or project;

  • interact with our social media pages;

  • consent to cookies or similar technologies on our website.

5. How we use your personal information

We may use your personal information for the following purposes:

PurposeLawful basis

To respond to enquiries submitted through the websiteConsent, pre-contractual steps, legitimate interests

To contact you about a consultation or Free Business Health CheckConsent, pre-contractual steps, legitimate interests

To assess whether our services are suitable for your businessLegitimate interests, pre-contractual steps

To prepare proposals, quotes, consultancy plans or service agreementsPre-contractual steps, contract, legitimate interests

To provide hospitality consultancy servicesContract, legitimate interests

To manage client relationships and communicationsContract, legitimate interests

To keep business, accounting and administrative recordsLegal obligation, legitimate interests

To improve our website, services and client experienceLegitimate interests

To protect the security and functionality of our websiteLegitimate interests

To comply with legal, regulatory or professional obligationsLegal obligation

To send relevant business updates or marketing communications, where permittedConsent or legitimate interests, depending on the circumstances

To use analytics or non-essential cookiesConsent, where required

Where we rely on legitimate interests, we do so only where we consider that our business interest is not overridden by your rights, freedoms or interests.

6. Free Business Health Check and enquiry forms

When you submit an enquiry or request a Free Business Health Check, you agree that P&J Hospitality Consultants may use the information provided to review your enquiry and contact you about your business needs.

Submitting an enquiry does not create a client relationship unless and until separate terms are agreed.

You may withdraw consent to further contact at any time by emailing admin@pandjconsultancy.com.

7. Special category data

We do not intentionally collect special category personal data through this website. This includes information about health, racial or ethnic origin, religious beliefs, political opinions, trade union membership, genetic or biometric data, sexual orientation or similar sensitive information.

Please do not submit special category data through our website unless specifically requested and strictly necessary. If such information is provided inadvertently, we will only process it where lawful and necessary, and we may delete it where it is not required.

8. Client employee, customer or supplier information

As a hospitality consultancy, we may occasionally receive information relating to a client’s staff, customers, suppliers or business contacts while reviewing operational processes.

Where we process such information as part of a consultancy engagement, the relevant service agreement or project terms should define the appropriate data protection responsibilities. Depending on the circumstances, P&J may act as an independent controller, joint controller or processor.

Clients remain responsible for ensuring that any personal information shared with us is lawful, necessary and appropriate.

9. Sharing personal information

We do not sell personal information.

We may share personal information only where necessary with:

  • website hosting and platform providers, including Wix or other website service providers;

  • email, IT, cloud storage and communication providers;

  • domain, technical support and security providers;

  • accountants, bookkeepers, legal advisers or professional consultants;

  • payment or invoicing providers, where applicable;

  • business partners, team members or contractors involved in delivering consultancy services;

  • analytics, cookie or marketing service providers, where used and where permitted;

  • regulators, public authorities, courts or law enforcement agencies where required by law.

We expect third-party service providers to handle personal information securely and only for authorised purposes.

10. International transfers

Some of our service providers may process or store personal information outside the United Kingdom.

Where personal information is transferred internationally, we will take reasonable steps to ensure that appropriate safeguards are in place, such as UK adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to EU Standard Contractual Clauses, or another lawful transfer mechanism recognised under UK data protection law.

11. How long we keep personal information

We keep personal information only for as long as reasonably necessary for the purposes for which it was collected.

As a general guide:

  • website enquiries that do not become client matters may be kept for up to 12 months after the last meaningful contact;

  • prospective client communications and consultation notes may be kept for up to 24 months, where there is a legitimate business reason;

  • client records, contracts, invoices and project information may be kept for up to 6 years after the end of the client relationship, where required for legal, accounting, tax, contractual or dispute purposes;

  • marketing preferences may be kept until you unsubscribe or ask us to remove them;

  • cookie and analytics data may be kept according to the retention settings of the relevant website or analytics tools.

We may retain limited information for longer where necessary to establish, exercise or defend legal claims, comply with legal obligations, prevent fraud, resolve disputes or maintain appropriate business records.

12. How we protect your information

We take reasonable technical and organisational measures to protect personal information against unauthorised access, loss, misuse, alteration or disclosure.

These measures may include access controls, secure systems, password protection, platform security tools, limited access to business records and appropriate internal handling procedures.

No website, email system or online platform can be guaranteed to be completely secure. You should avoid sending highly confidential or unnecessary personal information through website forms or unsecured email.

13. Your rights

Under UK data protection law, you may have the following rights:

  • the right to be informed about how your personal information is used;

  • the right of access to your personal information;

  • the right to request correction of inaccurate or incomplete information;

  • the right to request erasure of your personal information in certain circumstances;

  • the right to restrict processing in certain circumstances;

  • the right to object to processing in certain circumstances;

  • the right to data portability in certain circumstances;

  • the right to withdraw consent where processing is based on consent;

  • the right to complain about how your personal information has been handled.

To exercise your rights, contact us at:

admin@pandjconsultancy.com

We may need to verify your identity before responding to a request. We will respond within the timeframe required by applicable law.

14. Data protection complaints

If you are unhappy with how we handle your personal information, please contact us first at:

admin@pandjconsultancy.com

We will review your complaint and respond as fairly and promptly as possible. Where required, we will acknowledge receipt of a data protection complaint within 30 days and respond without undue delay.

You also have the right to complain to the Information Commissioner’s Office, the UK regulator for data protection matters:

Information Commissioner’s Office
Website: www.ico.org.uk
Telephone: 0303 123 1113

15. Marketing communications

We may occasionally send relevant business communications, service updates or professional insights where you have consented or where we are otherwise permitted to do so under applicable law.

You can opt out of marketing communications at any time by contacting us at admin@pandjconsultancy.com or by using any unsubscribe option provided in the communication.

We will not send excessive, irrelevant or misleading marketing communications.

16. Cookies and similar technologies

Our website may use cookies and similar technologies to operate properly, improve performance, understand visitor behaviour and support website security.

Cookies are small files placed on your device when you visit a website.

17. Types of cookies we may use

Essential cookies
These are required for the website to function correctly, including page navigation, security, form operation and basic website performance.

Analytics or performance cookies
These help us understand how visitors use the website, which pages are viewed and how the site can be improved. Where required, these cookies will only be used with your consent.

Functionality cookies
These may remember certain choices you make, such as display or language preferences.

Marketing or tracking cookies
If used, these may help measure advertising performance or support marketing activity. These will only be used where lawful and, where required, with your consent.

18. Managing cookies

You can manage cookies through the cookie banner on our website, where available, or through your browser settings.

You can usually block or delete cookies through your browser. However, blocking essential cookies may affect how the website functions.

19. Third-party websites and social media

Our website may contain links to third-party websites or social media platforms, including LinkedIn, Facebook, Instagram or X.

We are not responsible for the privacy practices, content or security of third-party websites. When you leave our website or interact with a third-party platform, their own privacy policy and terms will apply.

20. Children

Our website and services are intended for businesses and professional users. They are not directed at children.

We do not knowingly collect personal information from children through this website.

21. Accuracy of information

Please ensure that any personal information you provide to us is accurate and up to date. Let us know if your information changes.

22. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, regulation, our business, our website or the way we handle personal information.

The latest version will be published on this page with the updated date shown at the top.

bottom of page