top of page

Sign up in February and save 20%. Start to make sense of the midlife muddle. View Courses

Privacy Policy

Last Updated: 19 January 2026

WhenI'm is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our website, services, and subscribe to our mailing list.

Please read this Privacy Policy carefully to understand our practices regarding your personal data and how we will treat it. By using our services or providing your personal information to us, you acknowledge that you have read and understood this Privacy Policy.

1. WHO WE ARE

WhenI'm is operated by Jude Gardner, a company registered in England and Wales under company number 16607764, with its registered office at Freshmills, Delta House, Bridge Road, Haywards Heath, West Sussex, RH16 1UA.

We are the data controller responsible for your personal information. This means we determine how and why your personal data is processed.

You can contact us at:

2. INFORMATION WE COLLECT

We collect different types of personal information depending on how you interact with us:

2.1 Information You Provide Directly

When you interact with our services, you may provide us with:

  • Contact information (name, email address, phone number, postal address)

  • Account information if you create an account with us

  • Course registration details

  • Payment information (processed securely through our payment providers)

  • Communications you send to us (emails, contact form submissions, feedback)

  • Any other information you choose to provide

2.2 Mailing List Information

When you subscribe to our mailing list, we collect:

  • Your email address (required)

  • Your name (optional, if provided)

  • Date and time of subscription

  • IP address at the time of subscription

  • Source of subscription (e.g., website form, landing page)

  • Information about how you interact with our emails (open rates, click-through rates, device type, email client)

2.3 Information Collected Automatically

When you visit our website, we may automatically collect:

  • Technical information (IP address, browser type and version, operating system, device information)

  • Usage information (pages visited, time spent on pages, links clicked, referring website)

  • Cookie information (see our Cookie Policy for details)

 

3. HOW WE USE YOUR INFORMATION

We use your personal information for the following purposes:

3.1 To Provide Our Services

  • To deliver the courses and services you have registered for.

  • To process payments and manage your bookings.

  • To communicate with you about your courses or services.

  • To provide customer support and respond to your inquiries.

3.2 Marketing Communications (With Your Consent)

  • To send you product updates and announcements.

  • To send marketing and promotional emails about our services.

  • To share news and insights related to WhenI'm.

  • To provide special offers and exclusive content for subscribers.

  • To personalize the content we send you based on your interests and interactions.

Note: You can expect to receive marketing communications from us approximately a few times a year (maximum 6). You can unsubscribe at any time using the links in our emails or by contacting us directly.

3.3 To Improve Our Services

  • To analyse the effectiveness of our email campaigns and website

  • To understand how users interact with our services

  • To improve our courses, content, and communications

  • To conduct research and analysis

3.4 Legal and Compliance Purposes

  • To maintain records of your consent in compliance with legal requirements

  • To comply with applicable laws and regulations

  • To protect our legal rights and prevent fraud

  • To respond to legal requests and prevent harm.

 

4. LEGAL BASIS FOR PROCESSING

Under UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following legal bases:

  • Consent: For marketing communications, we rely on your explicit, informed, and freely given consent. You can withdraw your consent at any time.

  • Contract: Where necessary to perform our contract with you (e.g., delivering courses you've registered for).

  • Legitimate Interests: For improving our services, website functionality, and customer service, where our interests do not override your rights.

  • Legal Obligation: Where we need to comply with legal or regulatory requirements.

 

5. EMAIL TRACKING AND ANALYTICS

Our marketing emails may contain tracking technologies that allow us to see:

  • Whether you opened the email

  • Which links you clicked

  • Your device type and email client

  • Time and date of interactions

This helps us understand what interests our subscribers and improve our content and services.

If you do not want your email activity tracked, you can configure your email client to block images or use privacy features. Note that this may affect how emails display.

 

6. SHARING YOUR INFORMATION

We will not sell, rent, or share your email address or personal information with third parties for their own marketing purposes.

We may share your information with the following categories of recipients:

6.1 Service Providers

We work with trusted third-party service providers who help us operate our business, including:

  • Email service providers who send emails on our behalf (e.g., Wix)

  • Analytics providers who help us understand how our emails and website perform.

  • Payment processors who handle financial transactions

  • IT and system administration service providers

  • Cloud storage providers

  • Customer relationship management (CRM) providers

All third-party service providers are required to:

  • Process your data only on our instructions.

  • Maintain appropriate security measures.

  • Operate under strict confidentiality agreements.

  • Comply with applicable data protection laws.

6.2 Legal Requirements

We may disclose your information if required by law or to:

  • Comply with legal obligations or court orders.

  • Protect our legal rights or property.

  • Prevent fraud or criminal activity.

  • Protect the safety and security of our users or the public.

 

7. INTERNATIONAL TRANSFERS

Your personal information may be transferred to and processed in countries outside the UK and European Economic Area (EEA). Some of our service providers may be based internationally.

When we transfer your data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the UK authorities.

  • Transfers to countries with adequacy decisions from the UK government

  • Other appropriate safeguards as required by UK GDPR

  • Binding corporate rules where applicable

If you would like more information about the safeguards we use for international transfers, please contact us.

 

8. HOW LONG WE KEEP YOUR INFORMATION

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations.

8.1 Mailing List Subscribers

  • We will retain your personal information for as long as you remain subscribed to our mailing list.

  • If you unsubscribe, we will immediately stop sending you marketing emails.

  • We will add your email address to our suppression list to ensure you don't receive future marketing communications.

  • We retain your email address on our suppression list indefinitely to honour your unsubscribe request.

  • If you request complete deletion of your data, we will delete all information except what we must retain for legal or regulatory purposes.

8.2 Course Participants and Customers

  • We retain customer information for up to 7 years after your last interaction with us to comply with tax and accounting requirements.

  • Payment records are retained for 7 years in accordance with HMRC requirements.

  • Course materials and communications may be retained for as long as they remain relevant to our business operations.

8.3 General Enquiries

  • Information from general enquiries is typically retained for up to 2 years, unless there is a continuing relationship.

 

9. YOUR DATA PROTECTION RIGHTS

Under UK GDPR, you have the following rights regarding your personal information:

9.1 Right of Access

You have the right to request a copy of the personal data we hold about you. This is known as a 'subject access request' and is free of charge in most cases.

9.2 Right to Rectification

You can ask us to correct inaccurate or incomplete personal data we hold about you.

9.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data in certain circumstances, such as when:

  • The data is no longer necessary for the purpose it was collected

  • You withdraw your consent and there is no other legal basis for processing

  • You object to processing and there are no overriding legitimate grounds

  • The data has been unlawfully processed

Note that we may need to retain certain information for legal or regulatory purposes.

9.4 Right to Restrict Processing

You can ask us to limit how we use your personal data in certain situations, such as while we verify the accuracy of disputed data.

9.5 Right to Data Portability

You can request to receive your personal data in a structured, commonly used, and machine-readable format, and have the right to transmit that data to another controller.

9.6 Right to Object

You can object to our processing of your personal data where we are relying on legitimate interests, and there is something about your particular situation that makes you want to object.

9.7 Right to Withdraw Consent

Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This includes the right to unsubscribe from our marketing communications.

9.8 Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently use automated decision-making.

9.9 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

We will respond to your request within one month. If your request is complex or we receive multiple requests, we may extend this period by a further two months and will let you know.

 

10. HOW TO UNSUBSCRIBE FROM MARKETING

You can withdraw your consent and unsubscribe from our mailing list at any time. It is as easy to unsubscribe as it is to subscribe.

To unsubscribe, you can:

  • Click the 'Unsubscribe' link at the bottom of any marketing email we send you.

  • Email us at unsubscribe@whenim.co.uk with 'Unsubscribe' in the subject line.

  • Contact us using the details in Section 1 above.

We will process your unsubscribe request promptly and you will stop receiving marketing emails within 5 business days.

Important: Unsubscribing from marketing emails will not affect service-related communications (such as course confirmations, important updates about services you've purchased, or responses to your enquiries).

 

11. SECURITY

We take the security of your personal information seriously and implement appropriate technical and organisational measures to protect it against unauthorized access, loss, destruction, or alteration.

Our security measures include:

  • Encryption of data in transit and at rest

  • Secure password protection and access controls

  • Regular security assessments and updates

  • Staff training on data protection and information security

  • Secure backup and disaster recovery procedures

  • Limited access to personal data on a need-to-know basis

  • Use of secure third-party service providers with appropriate security certifications

While we take all reasonable precautions to protect your data, please be aware that no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but we are committed to protecting your information to the best of our ability.

If we become aware of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required by law.

12. COOKIES AND TRACKING TECHNOLOGIES

Our website uses cookies and similar tracking technologies to improve your browsing experience, analyse website traffic, and understand how visitors interact with our site.

Cookies are small text files placed on your device when you visit a website. We use the following types of cookies:

  • Essential cookies: Necessary for the website to function properly.

  • Performance cookies: Help us understand how visitors use our website.

  • Functionality cookies: Remember your preferences and settings.

  • Marketing cookies: Track your activity to deliver relevant advertisements.

You can control cookie settings through your browser. Most browsers allow you to refuse cookies or delete cookies that have already been set. However, please note that disabling cookies may affect the functionality of our website.

For more detailed information about cookies we use and how to manage them, please see our Cookie Policy.

 

13. THIRD-PARTY LINKS

Our website or communications may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to those third-party sites.

When you click on third-party links, you will be directed to that third party's website. We strongly advise you to review the privacy policy of every site you visit, as we have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

 

14. CHILDREN'S PRIVACY

Our services are not directed at children under the age of 18, and we do not knowingly collect personal information from children.

If you are a parent or guardian and you believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from children without verification of parental consent, we will take steps to remove that information from our servers.

 

15. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational, legal, or regulatory reasons.

When we make changes to this Privacy Policy:

  • We will update the 'Last Updated' date at the top of this policy.

  • If the changes are material, we will notify you by email and/or by posting a prominent notice on our website before the changes take effect.

  • We may also notify our mailing list subscribers of significant changes.

Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the new terms. If you do not agree with the changes, you should stop using our services and, if applicable, unsubscribe from our mailing list.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

 

16. COMPLAINTS AND CONCERNS

If you have any concerns about how we handle your personal data, we want to hear from you. Please contact us first so we can try to resolve your concerns:

  • Email: info@whenim.co.uk

  • Post: WhenI'm, Freshmills, Delta House, Bridge Road, Haywards Heath, West Sussex, RH16 1UA, England

We take all complaints seriously and will investigate and respond to your concerns promptly.

Right to Lodge a Complaint with the ICO

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's independent data protection authority:

Information Commissioner's Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Website: ico.org.uk

Helpline: 0303 123 1113

17. COMPLIANCE WITH LAWS

Our data protection and privacy practices comply with:

  • UK General Data Protection Regulation (UK GDPR)

  • Data Protection Act 2018

  • Privacy and Electronic Communications Regulations (PECR) 2003

  • All other applicable UK data protection and electronic communications laws

  • Consumer Rights Act 2015

  • Electronic Commerce Regulations 2002

 

18. CONTACT INFORMATION

If you have any questions about this Privacy Policy, our data protection practices, or how we handle your personal information, please contact us:

Data Controller:

Jude Gardner

Trading as WhenI'm

Registered Office:

Freshmills

Delta House

Bridge Road

Haywards Heath

West Sussex

RH16 1UA

England

Company Number: 16607764

Email: info@whenim.co.uk

Mailing List Enquiries: judegardner@whenim.co.uk

Unsubscribe: unsubscribe@whenim.co.uk

Website: www.whenim.co.uk

---

Thank you for trusting WhenI'm with your personal information.

We are committed to protecting your privacy and using your data responsibly.

bottom of page