WitnessMatch Privacy Policy

Effective date: 28 July 2025

1  Who We Are

WitnessMatch is a service of TrustedPsych Ltd (company no. 15705041; registered address 71-75 Shelton Street, Covent Garden, London, England, WC2H 9JQ), which is the data controller for the personal data described below.

Contact: tom@witnessmatch.com.

2  What Personal Data We Collect

  • Identification data: full name, job title, organisation

  • Contact details: email, phone, postal address

  • Professional credentials: qualifications, accreditations, CVs, references, regulatory numbers

  • Profile content: biography, hourly rates, expertise, availability, case-history summaries

  • Media: photographs, introductory videos, presentation slides

  • Usage & technical data: IP address, device IDs, browser type, activity logs, referral URLs

  • Payment data: last four digits of card number, billing address (processed by Stripe)

  • Communications: messages sent via the platform, support emails, survey responses

Important: do not upload any patient data or other special-category data.

3  How We Obtain Data

  • Directly from you (registration, profile completion, uploads, purchases)

  • Automatically via cookies and similar technologies

  • From third parties (e.g., payment-provider confirmations, public professional registers)

4  Purposes & Lawful Bases

  • Creating and publishing Expert profiles – Consent (Art 6 (1)(a))

  • Matching solicitors with Experts and facilitating introductions – Contractual necessity (Art 6 (1)(b))

  • Operating subscriptions, invoicing and payment collection – Contractual necessity & legal obligation

  • Improving, securing and troubleshooting the Service – Legitimate interests

  • Sending service updates, renewal reminders and permitted marketing – Legitimate interests or consent

  • Retaining records to defend legal claims – Legitimate interests

You may withdraw consent at any time via your dashboard or by emailing us.

5  Data Retention

  • Account data – life of the account + 6 years

  • Payment records – 7 years (tax/financial rules)

  • Analytics & log files – up to 24 months

  • Marketing opt-out lists – kept indefinitely to honour your preferences

6  Security Measures

We use TLS encryption in transit, AES-256 at rest, role-based access, 2FA for staff, regular penetration tests and UK-based ISO 27001-certified hosting. Breaches are handled per UK GDPR requirements.

7  Third-Party Processing & International Transfers

We rely on a small number of specialised service providers:

  • Stripe – card processing & subscriptions (data stored in UK/EU; SCCs cover any US access)

  • Webflow – website CMS/hosting (EU & US; SCCs in place)

  • Outseta – authentication, CRM, email automation (US; SCCs + Data-Privacy-Framework)

  • Microsoft Clarity & Google Analytics – usage analytics (US; SCCs + IP anonymisation)

We do not sell personal data.

8  Cookies & Similar Technologies

We use:

  • Essential cookies – required for login/security

  • Analytics cookies – Google Analytics, Microsoft Clarity (aggregate stats)

  • Preference cookies – remembering saved searches/dashboard settings

A cookie banner lets you accept, reject or customise non-essential cookies at any time.

9  Your Rights

Access, rectification, erasure, restriction, portability, objection, withdraw consent, and complain to the ICO. We respond within one month of verifying identity (email tom@witnessmatch.com).

10  Children

The Service is for professionals aged 18+. We do not knowingly collect data from children.

11  Changes to This Policy

We will highlight material changes by email or on our website. The “Effective date” shows the latest version.

12  Contact

Data Protection Lead – tom@witnessmatch.com | +44 (0)7525 475 964

Home
For LawyersFor Experts
Copyright © 2025. WitnessMatch. All rights reserved.
Terms & ConditionsPrivacy Policy