Home Hero1

Terms & Conditions

You can download a pdf version of these Terms and Conditions by clicking here.

CP Data Protection Terms & Conditions May 2023


‘CP Data Protection®’ is a trading name of ‘Clare Paterson Ltd’, who owns and runs this ‘Website’ (www.cpdataprotection.com)

These ‘Terms and Conditions’ apply to your use of this Website and any of the ‘Services’ (free-of-charge and charged-for consultancy, training, documents, templates, and any other support) provided by CP Data Protection.

Our contact details are:

Registered Address:41 Wolverhampton Road, Codsall, Wolverhampton, WV8 1PT
Company No:10814591 Registered in England
Telephone number:07745 880105
VAT Registration No:279688619

If you have any queries about these Terms or anything related to this Website or the Services, you can contact our director, Clare Paterson, using the above contact details.

Your use of this website and our Services is subject to these Terms and Conditions. We may alter or vary them from time to time and the changes will take effect as soon as they are posted on this website.

Content of this Website & of the Services

Copyright materials on this Website and the materials provided as part of our Services are owned by Clare Paterson Ltd T/A CP Data Protection® unless otherwise stated. Unauthorised use of the material without the prior written consent of Clare Paterson Ltd or, where applicable, the respective copyright owner(s) is prohibited.

The information on this site and provided in our training is for general information purposes only and does not claim to be or provide legal advice. If you require advice on specific issues please contact us.

CP Data Protection has taken all reasonable steps to ensure that the information on this Website and provided in our Services is accurate and current at time of publishing and we may make changes to this information without prior notice.

The information and content on this Website may become out of date and CP Data Protection accepts no responsibility for any losses or damages arising out of errors or omissions contained in the website or arising from reliance on information contained in the website.

Confidential Information

CP Data Protectionwill keep allClientConfidential Information secret and not disclose it without written consent of the Client, unless required to do so by law. Confidential Information includes secret or confidential commercial, financial or technical information, data, knowhow, trade secrets, inventions, software and other information, in any format.

The only exceptions are when any piece of information; is already in or later enters the public domain (other than as a breach of this undertaking), or was already known to CP Data Protection prior to disclosure by the Client, or is disclosed to CP Data Protection independently by a third party entitled to disclose it.

For the purposes of providing the Services, CP Data Protection may make available to the Client, documentation and guidance which are CP Data Protection’s information including its Confidential Information. CP Data Protection asserts and retains Copyright and all intellectual property rights over that information and the Client is licensed to use the information for its own purposes only, and shall not reproduce, copy, sell or otherwise share the information without prior written approval from CP Data Protection.

Bookings & Payments

VAT is payable to CP Data Protection and the VAT amount will be added at invoice stage for most Services including training bookings and consultancy work. VAT is included in the price displayed for purchases made via this website’s shop.

The default payment method for most of the Services is BACS payment (direct payment to the bank) within 7 days of receipt of an invoice, but the Client can request the functionality to pay via credit card or debit card. If a request is made, CP Data Protection will provide an invoice that links to a credit/debit payment processor – Stripe.

Purchases made via this website’s shop can be paid by credit card or debit card via Stripe, or via Google Pay. An invoice is not automatically raised for purchases made this way, but will be raised and provided upon request by the Client.

Cancellations & Substitutions

When purchasing consultancy or training Services from CP Data Protection, the Client may substitute delegates, attendees or main contacts at any point without any fee.

CP Data Protection reserves the right to substitute the individuals who provide the Services, including trainers and consultants, where necessary.

You can usually cancel an order for CP Data Protection Services within 7 days of placing the order, where placing an order is; booking a place on a training course (by email or via any electronic diary management tools made available by CP Data Protection such as Calendly), or accepting a proposal for consultancy, or agreeing to purchase documents or templates.

Cancellations must be in writing, including email to clare@cpdataprotection.com or sue@cpdataprotection.com.

If you cancel an order within the 7 days’ timescale, any money already paid to CP Data Protection for the order will be refunded in full as soon as possible, and within 30 days of the cancellation at the most.

After the 7 days right-to-cancel period, and up to 14 days before the Service provision, cancellations will receive a refund of between 90% and 50% of any money already paid to CP Data Protection. After the 7 days right-to-cancel period, and if less than 14 days before the Service provision, cancellations will not usually receive a refund, but we can make exceptions in extreme circumstances so please contact us.

Alternatively, we can offer a substitute Service, if appropriate.

The only exceptions to the right to cancel are when purchasing digital downloads/documents; due to the immediate nature of the purchase and delivery, we cannot accept returns or provide refunds so please ask any questions before purchase.

The other exception to the right to cancel is when delivery of the Service(s) has begun within 7 days of the order being placed, where you agreed to the Service(s) beginning in that time frame. This will be the case if you place an order for training due to begin within 7 days of your booking or agree to the provision of consultancy work that starts within 7 days of the agreement. The right-to-cancel period ends at the point the Service provision begins.

Technical: For content delivered over Microsoft Teams, you are responsible for ensuring you can access and use Teams calls, and CP Data Protection is not liable or responsible for any technical issues which you may experience including as a result of your hardware, software, or internet connection, and CP Data Protection is not liable or responsible for any delay, disruption or disturbance in the operation of the internet. 

If any Services cannot be provided due to disruption or disturbance in the operation of the internet, or any other causes outside of our control, CP Data Protection will provide the Services at another suitable time. That time will be within 30 days of the original date of Service provision unless otherwise agreed with the Client.

Data Protection and Processing

Personal Data and other phrases that relate to data protection are given the meaning in the Data Protection Legislation (all laws that CP Data Protection or you are subject to that relate to the Processing of Personal Data or to privacy.)

If you submit your own personal data to CP Data Protection via this Website or any other contact method, our use of your data is covered by our Privacy Notice.

If you provide any other Personal Data to us as part of us providing you with a free or charged-for Service so that we can Process that data on your behalf, e.g. Personal Data about your clients or employees so we can assist you with a data protection query, we are acting as a Data Processor on your behalf and you guarantee that you have the necessary legal basis to Process that Personal Data.

When acting as your Data Processor, CP Data Protection will: Process the Data only on your documented instructions unless required to do otherwise by law; handle the Data as confidential; engage Sub-Processors as necessary but only with the legally required controls in place; assist the Data Controller as far as possible with responding to requests  from Data Subjects related to their Data; use appropriate security measures; make available to the Controller reasonably requested information to demonstrate compliance with our legal Data Protection obligations and submit to reasonable audits and reviews; at the choice of the Controller delete or return all Personal Data when requested unless we have a legal basis to retain it.

For the avoidance of doubt, CP Data Protection is a Data Controller for other Personal Data obtained and handled as part of providing our free and charged-for Services, e.g. contact details of clients, prospective clients, other stakeholders and business contacts, where we are Processing that Data for our own purposes, and not on the instructions of a client.    


We do not warrant that the functions contained in this Website will be uninterrupted or error free, that defects will be corrected, or that this Website or the server that makes it available are free of viruses.

We are not responsible for the contents or the reliability of linked third-party Websites.


These Terms and Conditions shall be governed and construed in accordance with the laws of England. Any disputes arising here shall be exclusively subject to the jurisdiction of the courts of England.