O'Connor Logo
Menu
Home
About MeContactGet Started

Privacy Policy

Last updated: 12 August 2025

1. Who I Am

I am a digital marketing and automation consultant committed to privacy-first data practices. I help businesses grow through performance marketing, automated workflows, and secure data strategies. This privacy policy explains how I collect, use, and store your data when you visit my website or engage with my services.

2. What Data I Collect

I may collect and process the following types of personal data:

a) Website Interaction Data (via GTM & Analytics):

  • Pages visited, time on site, and navigation paths
  • Referrer and UTM parameters
  • Clicks and form interactions
  • IP address and approximate geolocation (if consented)

b) Form Submissions (via HubSpot):

  • Full name
  • Email address
  • Phone number
  • Business information (e.g., company name, website, job title)
  • Marketing preferences

c) Cookies and Tracking (via CookieYes & Google Tag Manager):

  • Consent preferences (stored via a consent cookie)
  • Google Click ID (GCLID) for ad attribution (only if consented)
  • Session data for engagement scoring (if implemented)

d) Customer Match & Email Marketing (via HubSpot & Google Ads):

  • Only with your explicit opt-in for marketing communications and remarketing
  • Email addresses or phone numbers (hashed when used for remarketing)

3. How I Collect Your Data

I collect data through:

  • Contact Forms: Powered by HubSpot and integrated with my CRM
  • Tracking Scripts: Implemented via Google Tag Manager and configured with CookieYes for GDPR-compliant consent management
  • Advertising Clicks: GCLID and UTM parameters stored if consent is granted
  • Manual Uploads: For marketing lists (only where you have opted in)

4. Why I Collect Your Data

I collect and process data to:

  • Respond to your enquiries and provide relevant services
  • Measure performance across marketing campaigns and platforms
  • Optimize conversion paths by understanding how users engage with my content
  • Feed high-quality conversion data back to Google Ads to improve bidding strategies (e.g., using GCLID and offline conversion imports)
  • Build privacy-compliant remarketing and lookalike audiences through hashed, consented user data
  • Contribute to Google Ads' Signals and Smart Bidding systems, helping to train models to better understand user intent and improve campaign performance
  • Attribute results accurately through my first-party data and server-side setups

I do not sell or rent your data. Any data shared with platforms like Google Ads is only done:

  • If explicit consent has been provided, and
  • In a hashed or anonymized form (where applicable)

5. Legal Basis for Processing

I process your data based on:

  • Consent (e.g., for cookies, email marketing, and remarketing)
  • Contractual necessity (e.g., responding to service enquiries)
  • Legitimate interest (e.g., site performance measurement, fraud prevention)

You can withdraw your consent at any time by adjusting your cookie settings or unsubscribing from emails.

6. How I Store and Protect Your Data

  • Data is stored securely within HubSpot (CRM and marketing automation platform).
  • Form submissions and interactions are encrypted in transit and stored within GDPR-compliant systems.
  • Google Ads and analytics data is stored according to the platforms' own privacy policies and retention policies.
  • I use reasonable security measures to protect personal data against loss, misuse, unauthorized access, disclosure, alteration, and destruction.

7. How Long I Keep Your Data

  • CRM and contact form data: up to 2 years after your last interaction
  • Analytics data: retained according to Google Analytics settings (typically 14–26 months)
  • Marketing data: retained as long as you remain subscribed or until you withdraw consent

8. Your Data Rights (GDPR)

You have the right to:

  • Access your data
  • Correct inaccurate data
  • Request deletion ("right to be forgotten")
  • Withdraw consent
  • Lodge a complaint with a Data Protection Authority (ICO in the UK)

To exercise your rights, please email: info@nathanoconnor.co.uk

9. Third-Party Tools I Use

I may share data with the following platforms under strict privacy terms:

  • HubSpot – CRM, automation, and form submissions
  • Google Ads – For conversion tracking and audience matching (if consented)
  • Google Analytics 4 – For performance tracking (consent-based)
  • CookieYes – Consent management platform
  • CallTrackingMetrics / Tagging tools – For attribution (if implemented)

10. International Data Transfers

I only use vendors that provide GDPR-compliant data protection measures. Some data may be stored in or processed by systems located outside the UK/EU (e.g., HubSpot in the US), but all transfers are covered by Standard Contractual Clauses (SCCs) or equivalent safeguards.

11. Changes to This Policy

I may update this policy from time to time. The latest version will always be available on my website.

12. Contact Us

If you have any questions or concerns, please contact:

Nathan O'Connor

Email: info@nathanoconnor.co.uk