Privacy Policy
Last updated: 7 July 2026
1. Who we are
Sered Consulting Ltd (trading as “Greyguard”, “we”, “us”) is an independent AI governance advisory operating the website greyguardconsulting.com and the Compass application at compass.greyguardconsulting.com.
- Registered in England and Wales, company number 17240551
- Registered office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom
- Contact: info@greyguardconsulting.com
We act as the data controller for personal data processed through this website under the UK GDPR, the Data Protection Act 2018, and — for visitors in the EEA — the EU General Data Protection Regulation (GDPR).
2. What we collect
- Contact data you submit voluntarily (name, email, company, message) when you email us or book a call.
- Meeting scheduling data when you book via Calendly (processed by Calendly, Inc.).
- Technical data generated automatically by your browser: IP address, user-agent, referring page, request timestamps. Used for security, abuse prevention, and error diagnostics.
- Compass application data (assessment answers, account email) is covered by the separate privacy notice inside Compass.
We do not run advertising trackers, behavioural profiling, or third-party marketing pixels on this website.
3. Legal bases (GDPR Art. 6)
- Consent (Art. 6(1)(a)) — for any non-essential cookies, if introduced.
- Contract / pre-contract (Art. 6(1)(b)) — when you contact us or book a call to explore an engagement.
- Legitimate interests (Art. 6(1)(f)) — to secure the site, prevent abuse, and keep basic server logs.
- Legal obligation (Art. 6(1)(c)) — where we must retain records for tax, accounting, or regulatory reasons.
4. Hosting and processors
This website is built and hosted through the following processors, all bound by data processing agreements:
- Lovable AB (Stockholm, Sweden) — application hosting platform.
- Cloudflare, Inc. (USA) — content delivery network and edge runtime. Standard Contractual Clauses in place for any EU–US transfer.
- Supabase (via Lovable Cloud) — database, authentication, and storage for form submissions.
- Calendly, Inc. (USA) — meeting scheduling, only when you choose to book a call.
- Email provider — for inbound and outbound correspondence sent to info@greyguardconsulting.com.
5. International transfers
Some processors are located outside the European Economic Area. Where that is the case, transfers are protected by the European Commission’s Standard Contractual Clauses and, where applicable, supplementary technical measures.
6. Retention
We keep contact and enquiry data only as long as needed to respond to you and, where an engagement follows, for the duration of that engagement plus any statutory retention period (typically up to 7 years for accounting records). Server logs are rotated within 30 days.
7. Your rights
Under the UK GDPR and EU GDPR you have the right to access, rectify, erase, restrict, or object to processing of your personal data, and the right to data portability. To exercise any of these rights, email info@greyguardconsulting.com. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) at ico.org.uk or, if you are in the EEA, with your national data protection authority.
8. Security
All traffic is served over TLS. Access to production data is restricted to authorised Greyguard personnel using multi-factor authentication.
9. Changes
We may update this policy from time to time. Material changes will be highlighted at the top of this page with a revised “Last updated” date.
10. Contact
See also our Cookie Policy.