Privacy Notice

Effective Date: 06/02/2026

 

1. Introduction

This Privacy Notice explains how Grace Kentish-Beard, trading as GR Ace Legal Compliance Specialist ("we", "us" or "our"), collects, uses and protects your personal data.

We operate as a sole trader in the United Kingdom and are the data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Notice applies when you visit our website www.gracelegal.net (the "Website"), contact us, or engage with our services.

 

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity and Contact Data: name, business name, job title, email address, telephone number and postal address;

  • Business Information: company details and information provided in connection with enquiries or services;

  • Technical Data: IP address, browser type and version, operating system, device information, and usage data;

  • Communications Data: information you provide when contacting us by email, website forms or other correspondence.

We do not knowingly collect special category data unless it is voluntarily provided and necessary for the provision of services.

 

 

3. Lawful Basis for Processing

We process personal data only where we have a lawful basis under UK GDPR, including:

  • Consent: where you have provided clear consent (for example, to receive marketing communications);

  • Contract: where processing is necessary to perform or enter into a contract with you;

  • Legal Obligation: where processing is required to comply with legal or regulatory obligations;

  • Legitimate Interests: where processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights.

 

 

4. How We Use Your Personal Data

We use personal data to:

  • respond to enquiries and communicate with you;

  • provide compliance, consultancy and related services;

  • manage our business operations and record keeping;

  • improve the Website and user experience;

  • comply with legal and regulatory obligations; and

  • send marketing communications where you have consented.

 

 

5. Data Sharing

We do not sell or rent personal data. We may share personal data with:

  • trusted third-party service providers who support our business operations (such as website hosting, IT services, email providers and analytics), subject to appropriate confidentiality and data protection obligations; and

  • regulators, law enforcement or other authorities where required by law or to protect our legal rights.

 

 

6. International Transfers

Some third-party service providers may process personal data outside the United Kingdom. Where this occurs, we ensure appropriate safeguards are in place, such as adequacy regulations or standard contractual clauses, to protect personal data.

 

 

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for legal, accounting and regulatory purposes. Retention periods vary depending on the nature of the data and applicable legal requirements.

 

 

8. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • access the personal data we hold about you;

  • request correction of inaccurate or incomplete data;

  • request erasure of your personal data where applicable;

  • restrict or object to the processing of your personal data;

  • withdraw consent at any time where processing is based on consent; and

  • lodge a complaint with the Information Commissioner’s Office (ICO).

To exercise your rights, please contact us using the details below.

 

 

9. Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve the Website and understand how visitors use it. Further information about cookies, including how to manage preferences, is set out in our Cookie Policy.

 

 

10. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss or misuse. However, no method of transmission over the internet is completely secure.

 

 

11. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. Any changes will be posted on this page with an updated effective date.

 

 

12. Contact Details

If you have any questions about this Privacy Notice or wish to exercise your data protection rights, please contactinfo@gracelegal.net