Legal

Privacy Policy

opteam ltd · Last updated: March 2026

opteam Ltd (“opteam”, “we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal information in connection with our website at opteam.co.uk and our advisory services.

This policy is written to comply with:

the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018
the EU General Data Protection Regulation (EU GDPR, Regulation 2016/679)
the Swiss Federal Act on Data Protection (nFADP), in force since 1 September 2023

Where there are differences between these frameworks, we apply the most protective standard applicable to you based on your location. Please read this policy carefully. If you have any questions, you can contact us at any time using the details in Section 13.

1. Who We Are

Data Controller: opteam Ltd, registered in Scotland, Company No. SC833403. Email: info[at]opteam.co.uk.

opteam Ltd is the data controller for all personal data collected through this website and in connection with our services. Martin Stucki is the individual responsible for data protection matters within the company. For individuals located in Switzerland, opteam Ltd acts as the data controller under the nFADP.

2. What Personal Data We Collect

When you contact us via the website contact form:

Full name
Email address
Organisation name
The content of your message

When you correspond with us by email:

Name and email address
Any personal information you choose to include in your correspondence

When you visit our website:

Technical data including your IP address, browser type and version, time zone setting, browser plug-in types, operating system, and platform
Usage data including pages visited, time spent on pages, and links clicked
This data is collected via cookies and similar technologies — see Section 9 for full details

When you engage opteam for services:

Contact details (name, email address, telephone number, postal address)
Professional information (job title, organisation, sector)
Financial information necessary to issue and process invoices
Any personal or commercially sensitive information you choose to share in the course of an engagement

We do not collect any special categories of personal data (such as health data, political opinions, religious beliefs, or biometric data) through our website or in the ordinary course of our services.

3. How We Collect Personal Data

Directly from you, when you complete the contact form, send us an email, or engage our services
Automatically, through cookies and similar tracking technologies when you visit our website (see Section 9)
From third parties, where you have been referred to us by a business partner, accountant, lawyer, or other professional intermediary — in which case we will inform you of that referral at our first point of contact with you

4. Why We Process Your Personal Data — Legal Bases

We only process your personal data where we have a lawful basis to do so (UK GDPR Art. 6(1) / EU GDPR Art. 6(1) / nFADP Art. 31):

Legitimate interests: We process enquiry and contact data to respond to your messages and assess whether and how we can help you.
Performance of a contract: Where you engage opteam for services, we process your personal data as necessary to fulfil our contractual obligations.
Compliance with a legal obligation: We process certain data (such as financial records) where required by law, including UK tax and accounting obligations.
Consent: Where we rely on consent — for example, for non-essential cookies — we will ask for your consent clearly and separately. You can withdraw consent at any time.

We do not use your personal data for automated decision-making or profiling.

5. How We Use Your Personal Data

To respond to your enquiries and assess whether opteam’s services are relevant to your situation
To deliver advisory, mentoring, and consulting services under contract
To issue invoices and manage payment
To comply with our legal and regulatory obligations
To maintain records of our professional activities
To improve our website and understand how it is used
To manage and develop our professional relationships

We do not use your personal data for marketing purposes without your explicit consent. We do not sell, rent, or trade your personal data with third parties for their own marketing purposes.

6. Who We Share Your Personal Data With

We share personal data only where necessary and with appropriate safeguards in place.

Service providers acting as data processors on our behalf:

Tally SRL: processes contact form submissions on our behalf. Tally is incorporated in Belgium and processes all data within the European Economic Area. See tally.so/help/privacy-policy.
Namecheap Inc.: our website hosting provider. See namecheap.com/legal/general/privacy-policy.

Professional advisors: our accountants and legal advisers, who are bound by professional confidentiality obligations.

Regulatory authorities: HMRC and other regulatory bodies where required by law.

Partner organisations: where you have engaged us jointly with a partner organisation (such as Ownership Associates UK), we may share relevant professional information with that partner strictly for the purposes of delivering the engagement. We will always inform you if this applies.

We do not share personal data with any other third parties without your prior consent, except where required by law.

7. International Transfers of Personal Data

opteam is based in Scotland, UK. We use Tally SRL (Belgium) to process contact form submissions. As Belgium is within the EEA, and the UK has an adequacy decision in place with the EEA, this transfer does not require additional safeguards beyond standard contractual arrangements.

Our website hosting provider, Namecheap Inc., is based in the US. Transfers to Namecheap are governed by Standard Contractual Clauses (SCCs) approved by the relevant authority.

Switzerland’s Federal Data Protection and Information Commissioner (FDPIC) publishes a list of countries with adequate protection. Transfers to countries not on that list are governed by appropriate safeguards under Art. 16 nFADP.

You may request details of the specific safeguards in place for any transfer by contacting us at info[at]opteam.co.uk.

8. How Long We Retain Your Personal Data

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law.

Data type	Retention period
Enquiry and contact form data (no engagement)	12 months from last contact
Client engagement data (correspondence, deliverables)	6 years from end of engagement (UK limitation periods)
Financial records (invoices, payment data)	7 years (UK statutory requirement)
Website analytics data	13 months (standard analytics retention)

After the applicable retention period, data is securely deleted or anonymised.

9. Cookies and Website Analytics

Our website uses cookies and similar technologies to function correctly and to help us understand how visitors use the site.

Cookies are small text files placed on your device when you visit a website. They help the website remember your preferences and collect information about your visit.

Cookie type	Purpose	Basis
Strictly necessary	Required for the website to function (e.g. form security tokens)	No consent required
Analytics	Help us understand how visitors use the site (e.g. pages visited, time on site)	Consent
Preference	Remember your settings and choices	Consent

We do not use advertising or tracking cookies for commercial marketing purposes. Where analytics tools are in use on this site, they are configured to anonymise IP addresses and not to share data with third parties for advertising purposes.

When you first visit our website, you will be asked for your consent to non-essential cookies. You can change your cookie preferences at any time via the cookie settings link in the footer, or by clearing cookies in your browser settings.

10. Your Rights

Under UK GDPR and EU GDPR:

Right of access — you can request a copy of the personal data we hold about you
Right to rectification — you can ask us to correct inaccurate or incomplete data
Right to erasure — you can ask us to delete your data where there is no longer a lawful basis for processing it
Right to restriction — you can ask us to restrict processing of your data in certain circumstances
Right to data portability — you can ask us to provide your data in a structured, machine-readable format
Right to object — you can object to processing based on legitimate interests
Right to withdraw consent — where processing is based on consent, you can withdraw it at any time

Under the Swiss nFADP:

Right of access (Art. 25), right to rectification (Art. 32), right to erasure (Art. 32), right to restriction (Art. 32), right to data portability (Art. 28), and right to object to automated decision-making (Art. 21 nFADP)

To exercise any of these rights, please contact us at info[at]opteam.co.uk. We will respond within one month (or within 30 days under the nFADP). We will not charge a fee for reasonable requests. We may need to verify your identity before processing your request.

11. How We Keep Your Data Secure

Encrypted email communication where possible
Secure, password-protected storage of client files
Restricted access to personal data — only Martin Stucki and any authorised service providers have access to your data
Non-disclosure agreements with all third-party service providers who process data on our behalf
Regular review of our data handling practices

No method of electronic transmission or storage is 100% secure. In the unlikely event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required, inform you directly.

12. Supervisory Authorities

United Kingdom: Information Commissioner’s Office (ICO) — opteam Ltd is registered under Ref. ZC063612. ico.org.uk — 0303 123 1113

European Union: The supervisory authority in your EU member state of residence or workplace. Full list at edpb.europa.eu.

Switzerland: Federal Data Protection and Information Commissioner (FDPIC) — edoeb.admin.ch — +41 58 462 43 95

We would appreciate the opportunity to address your concern directly before you contact a supervisory authority. Please get in touch at info[at]opteam.co.uk in the first instance.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal obligations. When we make material changes, we will update the “Last updated” date at the top of this page. If changes are significant, we will take reasonable steps to notify you directly where we hold your contact details.

14. Contact Us

For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact:

Martin Stucki — info[at]opteam.co.uk — opteam.co.uk
opteam Ltd, registered in Scotland, No. SC833403

We aim to respond to all enquiries within five working days. This Privacy Policy was last reviewed and updated in March 2026.