Privacy and cookie policy
This policy explains how OrbIT Strategy handles personal data and cookies when you use orbitstrat.com, contact us, book advisory sessions, buy digital products, or work with us on advisory services.
Who we are and how to contact us
OrbIT Strategy provides independent IT strategy, enterprise architecture, SAP, ERP, integration, data, governance, and transformation advisory services through orbitstrat.com.
For the purposes of this policy, OrbIT Strategy is responsible for the personal data it collects directly through this website and related advisory services.
For privacy questions, data protection requests, or concerns about how your data is handled, contact us via the Contact page on orbitstrat.com.
Personal data we process
Contact and enquiry data: your name, email address, company or role, message content, and any information you choose to provide when you contact us.
Booking data: your name, email address, selected session, scheduling information, time zone, and related booking notes when you book a paid or introductory session.
Payment and purchase data: billing status, product order details, transaction references, invoice or receipt information, and fulfilment details for digital products. We do not store full payment card numbers on this site.
Service and client data: information you provide so we can understand your organisation, technology landscape, programme risks, requirements, architecture decisions, or advisory needs.
Website and technical data: IP address, browser type, device information, security logs, session data, language and currency preferences, and essential cookies needed to operate and secure the site.
How and why we use personal data
We use personal data to respond to enquiries, manage bookings, process payments, deliver digital products, provide advisory services, support client relationships, maintain website security, improve the site, and meet legal or tax obligations.
We process data where it is necessary to take steps before entering into a contract, perform a contract with you, comply with legal obligations, or pursue legitimate business interests such as operating a secure website, responding to enquiries, keeping business records, and improving our services.
Where we rely on consent, such as for any future optional marketing or non-essential cookies, you can withdraw that consent at any time.
Where you share information about your organisation, clients, suppliers, systems, or programmes, you are responsible for ensuring you are authorised to share it and have a lawful basis to do so.
Processors, providers, and sharing
We use trusted providers for website hosting, email, infrastructure, booking, payment processing, product fulfilment, and operational support. We only share personal data where reasonably necessary for those purposes.
Booking services may be provided through Cal.com. Payments may be processed through Stripe. These providers may process your data under their own privacy terms when you interact with their services.
We may also share data with professional advisers, accountants, legal advisers, tax authorities, regulators, or public bodies where required for compliance, legal claims, or protection of rights, users, and systems.
We do not sell personal data and we do not use advertising or third-party tracking cookies on this site.
International processing
Some providers may process or store data outside the United Kingdom or European Economic Area. Where this happens, we expect appropriate safeguards to be used, such as adequacy decisions, standard contractual clauses, or equivalent protections required by applicable data protection law.
Retention and security
We retain personal data only for as long as needed for the purposes described in this policy, including enquiry handling, service delivery, product fulfilment, billing, accounting, tax, legal, dispute resolution, and security purposes.
Enquiry and contact information is kept only as long as needed to handle the enquiry and any reasonable follow-up. Client, booking, purchase, invoice, and accounting records may be kept for longer where required for business, tax, legal, or compliance reasons.
We apply appropriate technical and organisational measures to protect personal data. No online service is completely risk-free, so please avoid sending highly confidential, sensitive, or unnecessary personal data through website forms.
Your rights
Depending on where you are located, applicable data protection laws may give you certain rights in relation to your personal information.
These may include the right to: access the personal information we hold about you, ask us to correct inaccurate or incomplete information, request deletion of your personal information, object to or restrict certain types of processing, request a copy of your personal information in a portable format, and withdraw consent where we rely on consent to process your information.
To exercise any of these rights, please contact us using the details provided on this website.
If you are based in the UK or European Economic Area, you may also have the right to raise a concern with your local data protection authority.
Cookies
Cookies are small text files stored on your device. Similar technologies may also store or access information on your device.
We use essential cookies only. These support session identification, secure forms, CSRF protection, language preferences, currency preferences, and normal website operation.
Examples may include laravel_session for session handling, XSRF-TOKEN or equivalent CSRF protection cookies for forms, and preference cookies for language and currency choices such as EN/ES and GBP/EUR/USD.
Essential cookies are required for core site functionality and security. Because they are necessary for the service you request, they do not require optional cookie consent.
We do not currently use advertising cookies, behavioural tracking cookies, analytics cookies, or social media tracking pixels on this site. If that changes, this policy and the site cookie controls should be updated before those cookies are used.
When you use online booking, Cal.com may set its own cookies. When you make a payment or purchase a digital product, Stripe may set cookies or process technical information needed for payment, fraud prevention, and checkout. Their use of cookies is governed by their own notices and settings.
You can block or delete cookies in your browser. If you block essential cookies, forms, checkout, preferences, or secure session features may not work correctly.
Updates to this policy
We may update this policy when our website, services, products, providers, or legal obligations change. The latest version will be published on this page.
Last updated: June 2026