Privacy Policy
Version 1.0 | Last updated: 14 May 2026
1. Who are we?
We are Law Business Research Limited, trading as Centellic. We are a company registered in England and Wales (company number 03205159) with our registered office at 330 High Holborn, London, WC1V 7QT, United Kingdom.
This Privacy Policy applies to Law Business Research Limited and its affiliated companies (the “Centellic Group”), each of which acts as a data controller. The Centellic Group operates through several affiliated entities in different jurisdictions. Details of the relevant data controller for your personal data can be provided on request.
We operate the website www.centellic.com (the “Website”). This Privacy Policy explains how we collect, use, store and share your personal data when you use our Website, and your rights in relation to it.
Questions or requests: privacy@centellic.com.
2. Third-party websites
Our Website may contain links to third-party websites. We are not responsible for their privacy practices and encourage you to review their privacy policies before providing any personal data.
3. Who is responsible for your information?
For UK and EU data protection law purposes (UK GDPR, EU GDPR, Data Protection Act 2018), we are the “data controller” for personal data collected through the Website.
California residents: we are a “business” under the California Consumer Privacy Act (CCPA/CPRA).
Hong Kong residents: we are a “data user” under the Personal Data (Privacy) Ordinance (PDPO).
4. How we use your personal data
We collect and use personal data only where necessary for the operation of our Website and related business activities. The table below summarises our processing activities.
| Activity | Data Collected | Purpose | Legal Basis | Recipients | Retention |
|---|---|---|---|---|---|
| Website usage & analytics | IP address, device/browser info, pages visited | Security, analytics, improve website performance | Legitimate interests | Hosting and analytics providers | Up to 12 months |
| Contact enquiries | Name, email address, message content | Respond to enquiries and manage communications | Legitimate interests | Email and CRM providers | Up to 3 years from last interaction |
| Marketing communications | Email address and preferences | Send updates about our products, services and events | Consent (B2C); legitimate interests where permitted (B2B) | Email marketing providers | Until you opt out |
| Recruitment | CV, contact details, application information | Manage recruitment processes | Legitimate interests / steps prior to contract | Recruitment systems and service providers | Up to 1 year after recruitment process ends |
Legitimate Interests
Where we rely on legitimate interests as our legal basis, we have carried out an assessment to ensure that our interests are not overridden by your rights and freedoms. You can contact us for further information about this assessment.
Website usage data
We may collect technical information when you use the Website, such as your IP address, browser type and pages visited. Where possible, we use aggregated or de-identified data. Where personal data is retained (for example, in server logs), it is used only for security and analytics and is retained for up to 12 months.
Marketing communications
We may send you updates about our products, services or events where we have a lawful basis to do so. You can opt out at any time via the “unsubscribe” link in our emails or by contacting privacy@centellic.com.
Recruitment data
If you apply for a role via the Website, we will use your information to assess your application and communicate with you. We may not be able to process your application without certain required information.
Special category data
We do not collect special category personal data (such as health or diversity information) via the Website. If you voluntarily provide such data (for example, as part of a job application), we will process it only where necessary and where a valid legal basis under applicable data protection law applies (such as your explicit consent or where processing is necessary for legal obligations).
5. Who we share your personal data with
We do not sell your personal data or share it for cross-context behavioural advertising. We may share your personal data with:
- Service providers supporting our business (including hosting, analytics, CRM and recruitment platforms)
- Other Centellic Group companies for internal administrative purposes
- Third parties where required by law or to protect our legal rights
- A buyer or successor in the event of a corporate transaction
All recipients are subject to appropriate contractual safeguards.
6. International transfers
We may transfer your personal data outside your country of residence, including to other Centellic Group companies and service providers, such as in the United States and other jurisdictions where we or our service providers operate. Where we do so, we implement appropriate safeguards, such as:
- UK International Data Transfer Agreements (IDTAs)
- EU Standard Contractual Clauses (with UK Addendum where required)
- Transfers to countries recognised as providing an adequate level of protection under applicable data protection laws
You may request further information about these safeguards, including a copy of relevant transfer mechanisms, by contacting us at privacy@centellic.com.
7. Cookies
We use cookies and similar technologies to operate and improve our Website, analyse usage, and support our marketing activities. Strictly necessary cookies are always active. All other cookies (including analytics and marketing cookies) require your consent.
You can manage your preferences at any time through our cookie preference centre.
Further details about the cookies we use, including their purpose and duration, are set out in our Cookie Policy.
8. How long we keep your personal data
We retain personal data only for as long as necessary for the purposes described above:
- Website analytics data: up to 12 months
- Contact enquiry data: up to 3 years from last interaction
- Recruitment data: up to 1 year after the recruitment process ends
We may retain data for longer where required to comply with legal obligations, regulatory requirements, or to establish, exercise or defend legal claims.
9. Your rights
Depending on your location, you may have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion of your data
- Restrict or object to processing
- Request data portability
- Withdraw consent at any time
- Not be subject to solely automated decisions that produce significant legal effects
To exercise your rights, write to privacy@centellic.com. We will verify your identity before responding.
UK residents may complain to the Information Commissioner’s Office (ICO) at www.ico.org.uk or on 0303 123 1113.
EEA residents may contact the supervisory authority in their Member State of habitual residence or place of work. A list is available at https://edpb.europa.eu.
California privacy rights (CCPA/CPRA)
California residents have the right to:
- Request access to your personal information
- Request deletion of your personal information
- Request correction of inaccurate information
- Opt out of the sale or sharing of personal information (we do not sell or share your personal data)
- Limit the use of sensitive personal information (where applicable)
- Non-discrimination for exercising your rights
Contact: privacy@centellic.com. We will acknowledge your request within 10 business days and respond within 45 days (extendable by a further 45 days with notice).
Hong Kong privacy rights (PDPO)
Hong Kong residents have the right to request access to or correction of their personal data. Requests should be made in writing to privacy@centellic.com. We will respond within 40 days.
You may also complain to the Privacy Commissioner for Personal Data (PCPD) at www.pcpd.org.hk.
10. Children’s privacy
Our Website is not directed to children. We do not knowingly collect personal data from individuals under the age of 16 (or 13 in the United States).
11. Security
We implement appropriate technical and organisational measures to protect your personal data, including access controls, encryption in transit, and regular security reviews. These measures are designed in accordance with a risk-based approach and are regularly reviewed and updated.
12. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. Updates will be published on this page with a revised “Last updated” date. Where changes are material, we will notify you by email or by a prominent notice on our Website.