Privacy Notice
Marriott Advisory is the trading name of Michael Marriott, a sole trader. I am the data controller for the personal information I collect and use in connection with Marriott Advisory.
Contact details
Marriott Advisory
Michael Marriott, sole trader
Postal address details available on request
What information I collect
Depending on the nature of the enquiry or engagement, I may collect and use:
contact details, such as your name, role, organisation, email address, phone number and address
information you provide when making an enquiry or arranging work
information relevant to coaching, consultancy, supervision, facilitation, evaluation or other professional services
notes and records relating to meetings, sessions, agreed actions, reports or deliverables
billing and payment information
information needed to meet professional, insurance, tax, accounting or legal obligations
I only collect information that is relevant to the work being discussed or provided.
How I use your information
I use personal information to:
respond to enquiries
discuss, agree and deliver professional services
manage appointments, communication and administration
keep appropriate professional records
prepare reports, reflections, recommendations or other agreed outputs
issue invoices and maintain accounting records
meet legal, regulatory, insurance and professional obligations
maintain the quality and ethical governance of my work, including through professional supervision
Lawful basis for processing
I usually process personal information because it is necessary to take steps before entering into a contract with you, to provide services under a contract, or because I have a legitimate interest in running Marriott Advisory and maintaining appropriate professional records.
Where I process information that may be more sensitive, including information about health, wellbeing, employment, professional difficulties, organisational relationships or other personal circumstances, I do so only where it is necessary for the professional services being provided and where there is an appropriate lawful basis under UK data protection law.
Confidentiality and supervision
I treat information shared with me as confidential, subject to the limits set out in my Terms of Business. I may need to share information if there is a serious risk of harm, where I am legally required to do so, or where another clear professional obligation applies.
As an HCPC-registered clinical psychologist and BPS member, I undertake regular professional supervision. Client material may be discussed in supervision for quality and ethical practice purposes. Identifying detail is kept to the minimum necessary and anonymised as far as practicable.
Where information is stored
Client information is held and processed only within my designated business systems, currently Microsoft 365 Business and FreeAgent. These providers act as data processors under their own data protection terms.
I do not independently enter client personal or confidential information into any separate or general-purpose artificial intelligence system.
Handwritten notes
If I take handwritten notes during a session or meeting, these are transferred to my digital records and securely destroyed within five working days.
How long I keep information
Engagement records are retained for six years from the end of the engagement, reflecting the period within which a claim might be brought, and are then securely destroyed as part of a routine annual review.
Financial records are retained for as long as required for tax and accounting purposes.
Who I share information with
I do not sell personal information.
I may share information where necessary with:
professional supervisors, under confidentiality
professional advisers, insurers or regulators where required
service providers who support my business systems, such as Microsoft 365 Business and FreeAgent
legal, regulatory or safeguarding bodies where I am required or professionally obliged to do so
Where an organisation sponsors coaching or consultancy for an individual, the content of individual coaching remains confidential unless a different arrangement has been explicitly agreed in advance and recorded in the Engagement Schedule.
Your rights
You have rights under UK data protection law, including rights to access personal information I hold about you, request correction of inaccurate information, request deletion in some circumstances, object to or restrict some processing, and raise concerns about how your information is handled.
To exercise these rights, or to ask any question about how I use personal information, please contact me at hello@marriottadvisory.co.uk.
Complaints
If you are unhappy with how I handle your personal information, please contact me first so that I can try to resolve the concern.
You also have the right to complain to the Information Commissioner’s Office, the UK regulator for data protection.
Updates
This statement was published on 6th June 2026.
I may update this Privacy Notice from time to time. The current version will be the one available through Marriott Advisory or provided at the start of an engagement.