Privacy Policy




This Privacy Notice explains the types of personal data we may collect about you when you interact with us. It also explains how we store and handle that data and keep it safe.


1. Who we are and what we do


Chris Coley & Liz Ashton have written a quiz book in aid of charity and as a non commercial activity.



2. the first point of contact for data protection


If you have any concerns or queries about our data protection procedures, please contact


3. Why we process data


We process customers data including names, addresses and access details such as social media and website log ins in order to be able to provide the necessary service to our customers for processing the payments and dispatch of the quiz books.


4. Legal bases for processing your data including any explanation of legitimate interests


The law on data protection sets out a number of different reasons for which a company may collect and process your personal data. Some of these reasons, set out below, are the bases we have for processing your personal data:


Contractual obligations

In certain circumstances, we need your personal data to comply with our contractual obligations.


We need to collect and retain your contact details, so we can for example:

  • deliver our service


Legal obligations

If the law requires us to, we may need to collect and process your data.  

For example, we are obliged to retain certain information for HMRC reporting purposes or to comply with other legislative provisions including educational requirements.


Legitimate interest

In particular circumstances, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.


5. When we collect data


  • Our website collects information to enable us process orders.

  • We collect information from customers at signature of contracts to enable us to provide the necessary service. 

  • When making an email enquiry we will collect the same data from customers as when contacting via other methods



6. What data we collect


  • Contact information including: name, address, phone number, email address,

  • Payment details collected through Third Party providers.



7. How we use your personal data


We process data for a variety of reasons. Each of these relate to the running of the business and giving our customers or clients the best experience possible.


  • To process services

  • To reply to any queries or questions you may have

  • To comply with legal requirements such as HMRC reporting



8. How long we keep your personal data


Whenever we collect or process your personal data, we only keep it for as long as is necessary for the purpose for which it was collected.

At the end of that retention period, your data will either be deleted completely.


Some examples of our data retention periods:


Purchases and Services

When you buy one of our services we keep the personal data you give us for no more than 6 years.


We are also obliged to retain certain transactional information for 7 years to satisfy accounting rules




We are aware of the need to maintain the correct and highest-level security when processing your personal information.


We take the following steps to maintain the security of your personal information:


  • we keep all of your information in systems that are password protected

  • we have password protected systems

  • we maintain firewalls and anti-virus software


We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.


10. Who we share your data with


We sometimes share your personal data with trusted third parties which act only on our instruction (known as “data processors”). 


Data processors might be, for example, our 3rd party accounting apps or subcontractors or those companies who store data for us:


Where we share information with these companies or individuals we make sure that they also keep your data secure and that they also protect your rights. To this end we make sure that:

  • We provide only the information they need to perform their specific services.

  • They may only use your data for the exact purposes we specify in our contract with them or where their terms and conditions of processing contain the correct data processor clauses under GDPR

  • If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.


Sharing your data with third parties for their own purposes (“joint controllers”) eg HMRC, accountants, legal advisors:


We will only do this in very specific circumstances, for example:

  • With your consent

  • Where we have a contract in place with the other party

  • Where we are obliged to share the information for legal reasons


11. Where your data is processed


We do not transfer data outside of the EEA. Our servers are located in the UK


However, your personal data will remain in the EU or countries considered by the EU to have equivalent policies such as Jersey, Guernsey, Switzerland, New Zealand and Canada. Companies based in the USA that have certified with the EU-US Privacy Shield programme are also considered to be permitted destinations by the EU (this includes popular US products like PayPal, Google, Mailchimp, Dropbox, Microsoft)



12. Your rights and who to contact


You have the following rights, which you can exercise free of charge:


The right to be provided with a copy of your personal data


The right to require us to correct any mistakes in your personal data

To be forgotten

The right to require us to delete your personal data—in certain situations

Restriction of processing

The right to require us to restrict processing of your personal data—in certain circumstances, e.g. if you contest the accuracy of the data

Data portability

The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations

To object

The right to object:

—at any time to your personal data being processed for direct marketing (including profiling);

—in certain other situations to our continued processing of your personal data, eg processing carried out for the purpose of our legitimate interests.

Not to be subject to automated individual decision-making

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you


If you would like to exercise any of those rights, please contact us by emailing




Where we rely on our legitimate interest

In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. 


We will then stop processing your information unless we believe we have a legitimate overriding reason to continue processing.


Checking your identity

To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. 


For us to check your identity please:

  • let us have enough information to identify you [(e.g. your full name, address and client or matter reference number)];

  • let us have proof of your identity and address (a copy of your driving license or passport and a recent utility or credit card bill); and

  • let us know what right you want to exercise and the information to which your request relates.


If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.


If we choose not to action your request, we will explain to you the reasons for our refusal.


Your right to contact the ICO


If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.


You can contact them by calling 0303 123 1113.


Or go online to (opens in a new window; please note we can't be responsible for the content of external websites)


If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence


You also have the right to take to seek a judicial remedy



If we decide to change our privacy policy, we will update the Privacy Policy modification date below.


The policy was last modified on 8th December 2020