Terms & privacy

Website terms and privacy notice for Gosling Services Ltd

Gosling Services Limited (“we”, “us”, or “our”) is registered in England and Wales number 12657487. Our registered office is 1 Derwent Business Centre, Clarke Street, Derby DE1 2BU, United Kingdom.

Gosling Services Limited, which also trades as The Gosling Factor or Tom Gosling, provides coaching and consulting services to individuals, companies and other public or private bodies.


The information contained in this website is for general information purposes only. While we endeavour to keep the information up-to-date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.

In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website.

Information relating to personal finance matters on our websites is generic. Gosling Services Limited is not regulated to provide financial advice and no information provided on this website should be construed as being a recommendation to acquire, or not acquire, particular investments or financial products or to adopt, or not adopt, particular investment strategies. You should take advice from a regulated financial adviser for recommendations on specific products or strategies or if you are not certain what to do.

Every effort is made to keep the website up and running smoothly. However, Gosling Services Limited takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues.


Our services depend on an open and trusting relationship with our clients. Gosling Services Limited is the data controller and this policy sets out how we use and protect your personal data and sets out the terms relating to use of our website. We may update this notice at any time.

How we use your personal data

The lawful basis for our use of your personal data will normally fall into one of the following four categories:

  • To perform the contract between us.
  • To support our legitimate business interests.
  • To comply with a legal or regulatory obligation.
  • Where you have given your consent for us to do so.

Other potential legal grounds for use of your data, which are less likely to arise, include:

  • Vital interests, when processing data will protect someone’s physical integrity or life.
  • A public task to complete an official function or to protect the public interest.
  • Compliance with a legal obligation.

Legitimate interests

We will use your personal information to fulfil our legitimate business interests in the following areas:

Developing our business

Reviewing the content of our work with you and the way in which you have used our services or engaged with our content in order to:

  • Develop our services, content, pricing and marketing strategy.
  • Measure the effectiveness of our website advertising and services using data analytics.
  • Make suggestions and recommendations about services that may be of interest to you.
  • Decide how to communicate with you in an effective way.

Using your personal information and data on how you have used our services and engaged with our content in order to:

  • Analyse trends for business performance monitoring and planning.
  • Communicate with you.

Administering our business

Using your personal information and data on how you have used our services and engaged with our content in order to:

  • Keep our records up-to-date.
  • Troubleshoot service delivery or technology.
  • Protect our business and website.
  • Report data for the purposes of business analysis and business optimisation.
  • Assist with recovery of money owed to us.
  • Deal with legal disputes.
  • Produce regulatory and tax returns.


You will receive marketing communications from us if you have requested information or purchased services from us or if you have elected to receive marketing information from us. In each case we will obtain your explicit consent through ticking the appropriate box.

You may withdraw your consent at any time by using the ‘Unsubscribe’ link on email communications or by contacting info@tom-gosling.com.

What data do we collect?

We collect personal information including:

  • Name, address, email, telephone, age, partnership status and employment status.
  • Name and address of your employer and a contact at your employer if provided by you and relevant to the coaching assignment.
  • Factual information about your income, expenditure, savings and investments, insurance policies, wills, trusts and lasting powers of attorney and estate planning.
  • Information about your life and financial goals, life circumstances and attitudes to spending and money.

We will not collect any special category data. This is data that:

  • Reveals your racial or ethnic origin; political opinions; religious or philosophical beliefs; or trade union membership;
  • Is genetic or biometric data;
  • Concerns your health, sex life or sexual orientation.

Sharing your data with third parties

In order to perform the contract, communicate with you or to meet our legitimate business interests outlined above, we may need to share your personal data with third parties including:

  • Service providers who provide IT services and administration systems.
  • Professional advisers including lawyers and accountants.
  • HM Revenue & Customs, regulators and other government bodies as required by law and regulation.

Failure to provide personal information

If you do not provide personal information requested then we may not be able to perform the contracted services.

Data security

We have adopted appropriate security measures to protect your data. This includes use of recognised secure cloud-based data storage services, appropriate use of encryption and password protection and, where practical, anonymisation of data. Employees and contractors are only given access to information as required to perform their duties (for example, a contracted virtual assistant may be given access to your email address or telephone number to facilitate arranging meetings but not to your other personal information). As legally required, we will notify you and any applicable regulator of an actual or suspected personal data breach.

No information sharing or storage can ever be entirely secure. We encourage clients to share data using encrypted online file sharing tools as opposed to email in order to increase security. If you share personal information with us by email then you assume the risks of such information being intercepted, not delivered or received by an individual that was not the intended recipient.

International transfers of data

We use cloud-based service providers for business productivity software, data storage, email marketing databases and client relationship management. These services not only add to convenience for us and our clients, they also provide a high degree of security and business resilience. Being global businesses, some of these providers will transfer data we store, including your personal data, to servers outside the UK.

To comply with UK GDPR (General Data Protection Regulation) requirements we only store your personal data with established providers who either:

  • host your data in a country that has a current Adequacy Decision under UK GDPR, meaning that that country’s data protection regime is deemed as being equivalent to the UK’s; or
  • have an agreement with us that contains a relevant Standard Contractual Clause defined under UK GDPR that are deemed under the regulations to provide you with equivalent protections to those available in the UK.

In the unlikely event that neither of these circumstances apply then we may request your consent to the particular transfer, which consent may be removed at any time.

You can read more about the requirements on international transfers on the website of the Information Commissioner’s Office.

Data retention

We will only retain personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. When determining how long to keep your data, we take account of the fact that for tax records require us to keep certain information for six years and the Limitation Act 1980 provides that legal proceedings for breach of contract or negligence can be brought up to six years after the events. Therefore, we will normally retain all information relating to clients or suppliers where we have provided or commissioned a service, for seven years from the date of expiry of that commercial relationship. For non-clients on our email marketing list, we will delete the information within one month of them unsubscribing from that list.

In some circumstances we may anonymise personal data for research or statistical purposes, in which case we may keep it indefinitely.

Your rights

You have rights under UK GDPR in relation to your data. These mean that in certain circumstances you can:

  • Get copies of your data.
  • Get your data corrected.
  • Get your data deleted.
  • Limit how we use your data.
  • Get your data in a way that is accessible so that it can be transferred to someone else.
  • Object to the use of your data.
  • Raise a concern.
  • Withdraw consent for your data to be processed by us.

You can see more about these rights at the website of the Information Commissioner’s Office.

If you wish to exercise any of these rights please contact us. You will not have to pay a fee to access your personal data or exercise your rights. However, if your request is clearly unfounded, repetitive or excessive then we may charge a reasonable fee or refuse to comply with the request. If we have a legitimate interest in law to continue processing your data then we may be entitled to refuse your request.

If you exercise your rights then we may need to request information from you to verify your identify. This is a security measure to ensure that your personal data is not disclosed to anyone it should not be. We may also contact you to ask for information to help speed up our response.

We try to respond to legitimate requests for information or exercise of rights within one month, although for particularly complex request, or if you have made a number of requests, then it may take longer. In this case we will keep you informed of progress.

You may complain to the Information Commissioner’s Office if you are not satisfied with how we are processing your data.


You can contact us on info@tom-gosling.com.

Our website

Our websites are built on WordPress or SquareSpace. Both providers operate extensive security features, summarised here for WordPress and here for SquareSpace. Our sites use service providers to collect anonymous information about users’ activity and site usage, including pages viewed, time spent on the site and pathways taken through the site. This information is used to help use understand how the site is being used and improve the design and effectiveness of the site. We do not allow these third party service providers to make any attempts to find out the identifies of those visiting the website.


A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

You can find out more about cookies.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.


Updated 22 January 2021.