Privacy Policy
GTi Business Systems Limited ("we", "us", "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store and protect your information when you visit our website, use our content, or contact us.
We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
GTi Business Systems Limited
Company No. 14129839 | VAT No. 415639980
Registered address:
c/o The Point, Granite Way
Mountsorrel, Loughborough
Leicestershire, England, LE12 7TZ
Email: success@gtibusinesssystems.co.uk
Phone: 0116 216 2900
We are the data controller of your personal information.
2. What We Do
We provide business growth services to SMEs, including strategic planning, marketing systems, sales automation, and business process improvement. Our clients are typically business owners or senior managers seeking to grow and scale their operations.
Trusted Reviews 4U is a trading name of GTi Business Systems Limited. Through Trusted Reviews 4U, we help local businesses grow their genuine Google reviews by sending review requests to their customers on their behalf.
3. What Personal Data We Collect
3.1 Information You Provide Directly
We collect personal information when you:
- Fill in a contact or enquiry form
- Subscribe to our mailing list
- Request information or resources
- Book a call or consultation
- Respond to a survey or marketing communication
- Engage with our sales or support team
This may include:
- Name
- Email address
- Phone number
- Company name
- Job title
- Nature of enquiry
- Marketing preferences
- Form submissions
3.2 Data Collected Automatically
Through analytics tools and cookies:
- IP address
- Browser type and version
- Device information
- Pages viewed
- Time on site
- Click behaviour
- Conversion events
- Referrer URLs
See our Cookie Policy for details.
3.3 Platform Data (Clients Only)
If you become a client and use our CRM or dashboard tools (e.g., Business Growth Engine), we may process:
- Your business contacts and leads
- Sales pipeline and engagement data
- Financial/billing data (via Xero or payment platforms)
3.4 Trusted Reviews 4U Platform Data
If you are a Trusted Reviews 4U client, we process two kinds of personal data:
Your data (we are the controller). Your name, business details, contact details, login and billing information — as described elsewhere in this policy.
Your customers' data (we are the processor — you are the controller). To send review requests on your behalf, we process your customers': name, email address, phone number, and basic job or invoice details (invoice reference, date, amount). We only do this on your instructions, under the data-processing terms in your service agreement. We use this data for one purpose: sending review requests and related service messages for your business. We never sell it, never use it for our own marketing, and never use it to train AI models.
Where this data comes from:
- Contacts you upload to your dashboard; or
- Your accounting system, if you choose to connect one. Trusted Reviews 4U connects to Xero and QuickBooks Online with your permission (using secure OAuth login — we never see your accounting password). We access invoices and customer contact details only, read-only, so that a paid invoice can trigger a review request. Connection credentials are stored encrypted in a secrets vault and are never visible to staff or clients. You can disconnect at any time from your dashboard — collection stops immediately and the stored credentials are revoked and deleted.
How long we keep it: customer contact details follow our deletion policy — when deleted, personal details are permanently scrubbed. Integration audit records keep only masked and scrambled identifiers, and even those are scrubbed after 24 months.
Opt-out: every review request we send includes a one-click opt-out. Opt-outs are honoured automatically and permanently. We only send review requests where our client has confirmed they can lawfully contact the customer by email and, where SMS is used, by text message.
If you are a customer of one of our clients and want your data corrected or deleted, contact the business that served you, or email us at success@gtibusinesssystems.co.uk and we will action it with them.
4. How We Collect Your Data
- Directly from you (forms, emails, phone calls)
- Automatically via cookies and tracking technologies
- Through third-party tools (CRM, marketing platforms)
- From publicly available sources (LinkedIn, Companies House)
5. Why We Use Your Data and Legal Bases
We process your data under the following lawful bases:
Contract
To deliver services you've purchased or requested (e.g. strategy sessions, onboarding, platform access).
Legitimate Interests
For:
- Responding to enquiries
- Improving our website and services
- Understanding website behaviour
- Managing and growing our business
We balance legitimate interests against your rights and freedoms.
Consent
For:
- Email and SMS marketing
- Non-essential cookies
You may withdraw consent at any time.
Legal Obligation
To comply with regulatory or legal requirements.
6. Marketing Communications
We send marketing emails only with your explicit opt-in consent, in compliance with PECR.
You may unsubscribe at any time by:
- Clicking "unsubscribe" in emails
- Replying STOP to SMS
- Emailing success@gtibusinesssystems.co.uk
7. Data Sharing and Service Providers
We may share your data with trusted processors, including:
| Provider | Purpose |
|---|---|
| High Level | CRM & automation |
| Xero | Financial/billing integration |
| Google Workspace | Email, documents, storage |
| Slack / WhatsApp | Team communication |
| Stripe / GoCardless | Payment processing |
| Google Analytics / Ads | Analytics & advertising |
| Supabase | Trusted Reviews 4U database and hosting (data stored in the EEA — Ireland) |
| Resend | Trusted Reviews 4U email delivery |
| Twilio | Trusted Reviews 4U SMS delivery |
| Cloudflare | Website routing, security, caching/content delivery, and protection against abuse |
We do not sell or rent your personal information.
Some providers may process data outside the UK under approved safeguards (e.g., IDTA, Standard Contractual Clauses).
8. How Long We Keep Your Data
We keep personal data only for as long as necessary:
| Data Type | Retention Period |
|---|---|
| Enquiry data | Up to 24 months |
| Marketing data | Until you unsubscribe |
| Contract-related data | Up to 7 years (legal/tax requirement) |
| Website analytics | 26–38 months depending on tool settings |
| Trusted Reviews 4U integration audit records | Masked/scrambled identifiers only; scrubbed after 24 months |
9. Your Rights
Under UK GDPR, you have the right to:
- Access your data
- Correct inaccurate data
- Erase your data
- Restrict processing
- Object to processing
- Withdraw consent
- Port your data
- Complain to the ICO
To exercise your rights, email: success@gtibusinesssystems.co.uk
If you're not satisfied with our response, you may contact the Information Commissioner's Office (ICO):
www.ico.org.uk | Phone: 0303 123 1113
10. Security
We use industry-standard security measures including:
- Access controls
- Encryption in transit
- Secure CRM and cloud systems
- Staff confidentiality measures
However, no online system can be completely secure.
11. Third-Party Websites
Our website may contain links to external sites. We are not responsible for their privacy practices. Please review their policies before submitting data.
12. Changes to This Policy
We may update this policy to reflect legal or operational changes. Please check this page periodically. Any significant changes will be communicated to existing clients.
13. Contact Details
Email: success@gtibusinesssystems.co.uk
Phone: 0116 216 2900
Address:
GTi Business Systems Limited
c/o The Point, Granite Way
Mountsorrel, Loughborough
Leicestershire, LE12 7TZ
United Kingdom