Privacy Policy

Effective date: 18 April 2026

About this Policy

This Privacy Policy describes how Plain Talk Matters Ltd (“we”, “us”, “our”, or the “Company”) collects, uses, stores and discloses your personal information when you interact with us through any of our brands or websites. It also explains your rights under UK data protection law and how those rights are protected.

Plain Talk Matters Ltd is a private limited company registered in England and Wales (company number 15929867), with its registered office at 71–75 Shelton Street, London, WC2H 9JQ, United Kingdom.

We own and operate the following brands and websites, and this Privacy Policy governs all of them:

Plain Talk Matters — plaintalk.co.uk — our 1-to-1 coaching practice.
8Notes — 8notes.co.uk — our group and community experiences, including EnneaConnect, 8Tracks and The Reading Room, together with our Substack newsletter at 8notes.substack.com and our Instagram account @adrian8notes.
Adrian Melrose — adrianmelrose.com — our founder’s personal website, writing and essays.

Wherever this Policy refers to our “Service”, “Services” or “Websites”, it means all of the brands, websites, newsletters, courses, coaching services, downloads, digital products and related online properties we operate under the Plain Talk Matters Ltd umbrella.

We are registered with the Information Commissioner’s Office (ICO), which is the UK’s independent supervisory authority for data protection. Our ICO registration can be viewed here: [ICO registration page — link to follow].

By using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of it, please do not use our Services.

Interpretation and Definitions

Words with their initial letter capitalised have defined meanings. The following definitions apply whether used in the singular or plural.

Account means a unique account created for you to access our Service or parts of it.
Company (referred to as “we”, “us”, “our” or “the Company”) refers to Plain Talk Matters Ltd, registered in England and Wales (company number 15929867), with registered office at 71–75 Shelton Street, London, WC2H 9JQ.
Controller means the natural or legal person who, alone or jointly with others, determines the purposes and means of the processing of personal data. For the purposes of the UK GDPR, we are the Controller of your personal data.
Cookies are small files that are placed on your computer, mobile device or any other device by a website, containing details of your browsing history on that website among other uses.
Country refers to: the United Kingdom.
Device means any device that can access the Service, such as a computer, a mobile phone or a digital tablet.
Personal Data means any information that relates to an identified or identifiable individual, as defined in the UK GDPR.
Service or Services refers collectively to the Websites, newsletters, coaching offerings, group programmes, courses, downloads and other products and services operated by the Company under any of its brands.
Service Provider means any natural or legal person who processes personal data on behalf of the Company. It includes third-party companies or individuals we engage to facilitate the Service, to provide the Service on our behalf, to perform services related to the Service, or to assist us in analysing how the Service is used.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
UK GDPR means the UK General Data Protection Regulation, together with the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (“PECR”), as amended from time to time.
Websites refers to plaintalk.co.uk, 8notes.co.uk and adrianmelrose.com, and any subdomains or successor domains operated by the Company.
You means the individual accessing or using the Service, or the company or other legal entity on behalf of which such individual is accessing or using the Service.

Collecting and Using Your Personal Data

Personal Data we collect

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. This may include, but is not limited to:

First name and last name
Email address
Postal address, where relevant (for example, to post physical materials)
Telephone number
Information you submit through contact forms, coaching enquiries, course or programme registrations, or comments
Billing information and encrypted payment details (processed by our payment provider — see below)
Any other information you choose to share with us in the course of coaching, group sessions or correspondence

Usage Data

Usage Data is collected automatically when you use the Service.

Usage Data may include information such as your Device’s Internet Protocol (IP) address, browser type and version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access the Service by or through a mobile device, we may automatically collect certain information, including the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile internet browser you use, unique device identifiers and other diagnostic data.

Tracking Technologies and Cookies

We use Cookies and similar tracking technologies to track activity on our Service and to store certain information. Tracking technologies used include beacons, tags and scripts, to collect and analyse information and to improve our Service.

The technologies we use may include:

Cookies or Browser Cookies. A cookie is a small file placed on your Device. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. If you do not accept Cookies, some parts of our Service may not function correctly.
Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email.

Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your computer or mobile device when you go offline, while Session Cookies are deleted as soon as you close your web browser.

We use both Session and Persistent Cookies for the following purposes:

Necessary / Essential Cookies (Session; administered by us) — essential to provide you with services available through the Websites and to enable certain features, including authentication.
Cookie Notice / Consent Cookies (Persistent; administered by us) — to identify whether users have accepted the use of cookies on the Websites.
Functionality Cookies (Persistent; administered by us) — to remember choices you make when using the Websites, such as login details or language preference, in order to provide a more personalised experience.
Analytics Cookies (Persistent; administered by us and by third parties including Google Analytics and Squarespace) — to understand how visitors use the Websites so that we can improve them.

How We Use Your Personal Data

We may use your Personal Data for the following purposes:

To provide and maintain our Service, including to monitor the use of our Service.
To manage your Account, where you register as a user of the Service.
For the performance of a contract: the development, compliance and undertaking of any contract for the coaching, programmes, courses, products or services you have purchased or enquired about with us.
To process payments: where you purchase a service or product, payments are processed by our payment provider (Stripe) on our behalf. We do not store your full payment card details.
To contact you: by email, telephone or other equivalent electronic communications, regarding updates or informative communications related to the Services you have purchased or enquired about, including where necessary for the performance of a contract.
To send you our newsletter and related marketing communications (see the separate section headed “Newsletter sign-up and legitimate interests” below).
To manage your requests: to respond to and handle requests you make to us.
For business transfers: we may use your information to evaluate or conduct a merger, divestiture, restructuring, reorganisation, dissolution or other sale or transfer of some or all of our assets.
For other legitimate business purposes: including data analysis, identifying usage trends, improving our Services and content, and evaluating the effectiveness of our communications.

Lawful bases for processing

Under the UK GDPR, we rely on the following lawful bases to process your Personal Data:

Consent — where you have given clear, affirmative consent to a specific form of processing (for example, where you tick a box to subscribe directly to our newsletter without having received a free resource from us first).
Contract — where processing is necessary to perform a contract with you (for example, delivering coaching, courses or programmes you have purchased) or to take steps at your request before entering into a contract.
Legal obligation — where we are required to process your data to comply with a legal obligation (for example, retaining financial records for tax purposes).
Legitimate interests — where processing is necessary for the purposes of our legitimate interests, except where those interests are overridden by your rights and freedoms. We use this basis, in particular, for the newsletter sign-up arrangements described below.

Newsletter sign-up and legitimate interests

Where you provide your contact details to us in order to receive free resources — including, without limitation, product sheets, cheat sheets, guides, downloads, articles, worksheets or other collateral produced by any of our brands (Plain Talk Matters, 8Notes or Adrian Melrose) — you will, at the point of submission, be added to our newsletter mailing list.

We process your Personal Data for this purpose on the lawful basis of our legitimate interests under Article 6(1)(f) of the UK GDPR. Our legitimate interest is to keep individuals who have expressed an interest in our content, philosophy and work informed about related materials, updates, events and offerings that are reasonably likely to be of interest to them, given the nature of the resource they have requested.

Prior to relying on legitimate interests in this way, we have carried out a Legitimate Interests Assessment, in which we have concluded that:

the processing is necessary to pursue our legitimate interest described above;
the processing is proportionate and is reasonably to be expected by you in the context of your engagement with us and the resource you have requested; and
our legitimate interest is not overridden by your rights, freedoms or reasonable expectations.

We will inform you at the point of sign-up that, by requesting the free resource, you will also be added to our newsletter.

You have the absolute right to object to this processing at any time. Every communication we send you in reliance on this basis will contain a clear and prominent unsubscribe mechanism, which you may use at any time, free of charge and without giving any reason. On receipt of an unsubscribe request, we will remove you from the relevant mailing list promptly.

Sharing of your Personal Data

We may share your Personal Data in the following situations:

With Service Providers: to operate, maintain and improve our Services, including providers of hosting, email delivery, newsletter services, payment processing, analytics and customer support. These currently include, without limitation, Squarespace, Ghost Pro, Substack, Stripe, Google (Analytics and Workspace) and our email service providers. Each such Service Provider is bound by contractual or statutory obligations to protect your Personal Data and to use it only in accordance with our instructions.
For business transfers: we may share or transfer your Personal Data in connection with, or during negotiations of, any merger, sale of Company assets, financing or acquisition of all or a portion of our business to another company.
With affiliates: we may share your information across our own brands (Plain Talk Matters, 8Notes and Adrian Melrose), all of which are operated by Plain Talk Matters Ltd and covered by this Privacy Policy.
With other users: when you share personal information or otherwise interact in public areas with other users (for example, on group calls, forums, social media or community platforms), such information may be viewed by other users and may be distributed outside those platforms.
With your consent: we may disclose your Personal Data for any other purpose with your consent.
To comply with legal obligations: where required by law, court order, or in response to valid requests by public authorities (including for national security or law enforcement purposes).

Retention of Your Personal Data

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, where we are required to retain your data to comply with applicable tax, accounting or regulatory laws), to resolve disputes, and to enforce our legal agreements and policies.

We will retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except where it is used to strengthen the security or improve the functionality of our Service, or where we are legally obliged to retain this data for longer.

Where you have subscribed to our newsletter, we will retain your contact details until you unsubscribe or otherwise ask us to remove your details, after which we will remove you from our active mailing lists within a reasonable period.

Transfer of Your Personal Data

Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. This means that your information may be transferred to — and maintained on — computers located outside the United Kingdom, where data protection laws may differ from those in your jurisdiction.

Where we transfer your Personal Data outside the United Kingdom, we will ensure that appropriate safeguards are in place as required by the UK GDPR, including the use of the UK International Data Transfer Agreement, the International Data Transfer Addendum to the EU Standard Contractual Clauses, or transfers to jurisdictions that the UK Government has determined provide an adequate level of data protection.

Your submission of Personal Data through our Services represents your agreement to such transfers being carried out in accordance with this Policy.

Your Rights Under UK Data Protection Law

Under the UK GDPR, you have the following rights in relation to your Personal Data:

The right to be informed about how your Personal Data is being used (this is what this Privacy Policy is for).
The right of access — to request a copy of the Personal Data we hold about you.
The right to rectification — to ask us to correct Personal Data you believe is inaccurate or to complete information you believe is incomplete.
The right to erasure (“the right to be forgotten”) — to ask us to delete or remove your Personal Data in certain circumstances.
The right to restrict processing — to ask us to suspend the processing of your Personal Data in certain circumstances.
The right to data portability — to ask us to transfer the Personal Data you have provided to us to another organisation, or directly to you, in certain circumstances.
The right to object — to object to our processing of your Personal Data where we are relying on a legitimate interest (including direct marketing).
The right to withdraw consent — where we are relying on your consent to process your Personal Data, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing prior to withdrawal.

To exercise any of these rights, please contact us using the details below. We will respond to your request within one month, as required by the UK GDPR.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection. You can contact the ICO at ico.org.uk or by telephone on 0303 123 1113. We would, however, appreciate the opportunity to address your concerns before you approach the ICO, so please do consider contacting us in the first instance.

Security of Your Personal Data

The security of your Personal Data is important to us. We use commercially acceptable technical and organisational measures to protect your Personal Data, including secure hosting, encrypted connections (HTTPS/TLS) and restricted access controls. However, no method of transmission over the internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

Children’s Privacy

Our Services are not directed to anyone under the age of 16, and we do not knowingly collect Personal Data from children. If you are a parent or guardian and you become aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from a child without verification of parental consent, we will take steps to remove that information from our records.

Links to Other Websites

Our Service may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over, and assume no responsibility for, the content, privacy policies or practices of any third-party sites or services. Third-party services used on or in connection with our Websites currently include, without limitation:

Analytics: Google Analytics and Squarespace.
Payments: Stripe.
Newsletter and publishing platforms: Substack and Ghost.
Social platforms: Instagram (operated by Meta) — please refer to Meta’s privacy notice.

Any third-party cookie usage is governed by the privacy policy of the third party placing the cookie.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the “Effective date” at the top. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, or if you wish to exercise any of your rights, you can contact us:

By email: privacy@plaintalk.co.uk
By post: The Data Protection Lead, Plain Talk Matters Ltd, 71–75 Shelton Street, London, WC2H 9JQ, United Kingdom.

Plain Talk Matters Ltd is registered in England and Wales, company number 15929867. We are registered with the Information Commissioner’s Office — registration details available here: [ICO registration page — link to follow].