Privacy policy
Last updated: April 2026. Written in plain English. If anything here is unclear, email us and we'll explain.
Who we are.
The Resilience Room is a workplace training company based in Crewe, Cheshire, founded by Steve Pointon. We're the data controller for any personal information you share with us through this site. If you have questions about your data or want to exercise any of the rights below, contact us at hello@resilienceroom.co.uk.
What we collect, and why.
We collect personal information in three ways:
1. When you send us a message through the contact form.
We collect your name, work email, organisation, role (if you provide it), the message you
write, and the town or region you're based in (if you provide it). We use this to reply to
your enquiry and to follow up where it's useful. Our lawful basis is legitimate interest:
responding to enquiries is central to running the business, and we assess that the impact on
your privacy is low.
2. When you visit the site.
Our analytics provider (Vercel Analytics) measures which pages get visited and roughly where
in the world visitors come from. It does this without cookies and without collecting any
personal data — no IP addresses are stored, no fingerprinting is used. We can't identify
individuals from analytics data.
3. When you email us directly.
If you email us at hello@resilienceroom.co.uk, we keep a record of that
correspondence in our email system for as long as we're in a conversation with you, and for
up to 2 years after that unless you ask us to delete it sooner.
How long we keep it.
Contact form submissions: up to 2 years from the date you sent them, unless you ask us to delete earlier. Email correspondence: up to 2 years after our last interaction, unless you ask us to delete earlier. We don't hold data indefinitely.
Who we share it with.
We don't sell your data. We don't share it with marketing partners. We don't add you to newsletter lists. The only third parties who process your data on our behalf are:
- Resend (sends our transactional emails — based in the United States, operates under Standard Contractual Clauses and the UK-US Data Bridge for GDPR-compliant data transfer).
- Vercel (hosts this website and runs our privacy-friendly analytics — based in the United States, GDPR-compliant).
- Google Fonts (serves the typefaces used on this site — operates under Google's GDPR framework).
If you submit the contact form, your message passes through Resend to reach our inbox. That's the only data transfer that involves your personal information.
Your rights.
Under UK GDPR you have the right to:
- Access — ask us for a copy of what we hold about you
- Rectification — ask us to correct anything that's wrong
- Erasure — ask us to delete what we hold (subject to some legal exceptions)
- Restriction — ask us to limit how we use your data
- Objection — ask us to stop processing it for legitimate interest reasons
- Portability — ask us to send your data to you or another controller
Email us and we'll respond within 30 days. We won't charge you for these requests.
If you think we've got something wrong and we can't resolve it, you have the right to complain to the Information Commissioner's Office at ico.org.uk.
Cookies.
This site doesn't use tracking cookies. We don't use Google Analytics, Meta Pixel, or any other third-party tracker that sets cookies on your device. Our analytics (Vercel Analytics) is cookieless by design. The only cookies the site might set are functional ones required for the site to work correctly — and those are exempt from needing consent under PECR.
If we ever add tracking cookies in future, we'll add a proper consent banner before switching them on, and this policy will be updated.
Changes to this policy.
If we change how we handle data, we'll update this page and change the "last updated" date at the top. Material changes will be flagged clearly.
Questions.
If anything on this page is unclear, email hello@resilienceroom.co.uk and we'll explain.