Privacy policy

Privacy policy

How Quietroom collects, uses and protects your personal data – and what rights you have.

Who we are

Quietroom Ltd is a data controller registered with the Information Commissioner’s Office (ICO) under registration number Z1481998. Our registered address is Quietroom Ltd, 87a High Street, The Old Town, Hemel Hempstead, HP1 3AH.

We take your privacy seriously. Any personal data we hold about you is handled with care, kept secure and managed in line with UK data protection law.

What data we collect and why

Research participants
We may collect your personal data when you take part in an interview with us or if you help us to test content on behalf of our clients. This may include your full name and contact information, as well as audio and video recordings of your session with us. Your personal data is only held for as long as we need it to finish our work.

Client and contact data
We store names, phone numbers, email addresses and workplace addresses for clients and prospective clients for as long as we have a legitimate business interest in keeping it.

Marketing communications
We send newsletters to people who have opted in, or where we have a legitimate interest using a work email address. You can opt out at any time by contacting us or clicking the unsubscribe link in any marketing emails we send.

Client data sharing
Our clients may share your personal data with us so that we can provide our services to them. This may include your full name, home address and contact details. We handle personal data according to our clients’ instructions, which will sometimes involve passing it to a trusted third party such as a printing company.

For all of these activities, the personal data we collect and process is done so legally with consent, to fulfil a contract or under our legitimate interests.

How we keep your data secure

We take the security of your personal data seriously and are certified to Cyber Essentials, a UK government-backed cybersecurity certification. We maintain a variety of technical and organisational safeguards, which include: device and file encryption, anti-virus managed detection and response platform, account two-factor authentication, acceptable-use policies and access controls.

All of our third parties who may process personal data when working with us are under a contractual obligation to meet data protection standards set out in UK data protection law. If any personal data is shared by us outside of the UK or EU then we will ensure that appropriate safeguards are in place.

Our use of artificial intelligence

Quietroom uses artificial intelligence (AI) tools to support our business activities. This may include tasks such as analysing research feedback and interview transcripts, recording meetings and workshops and summarising information for clients.

We are committed to using AI responsibly. All use of AI within Quietroom is governed by our AI policy, overseen by our board. This policy sets out the approved tools, acceptable use cases and safeguards we apply to ensure that personal data is handled appropriately whenever AI is involved. None of your personal data is used to train AI models.

Cookies

This website uses cookies. These are files saved by your browser when you visit a website.
We use Google Analytics cookies to understand how people use this site. They collect anonymised data about which pages people look at, how long they stay and where they go next. They also tell us what devices people are using and what city they’re in.

We use this information to make the site simpler to use.

You can read Google’s overview of data practices within Google Analytics.

You can also disable cookies if you prefer by clicking disable cookies.

Your rights under UK GDPR

Under UK GDPR you have the following rights:

  • Right to be informed – know how and why your data is being used
  • Right of access – you can ask for a copy of the personal data we hold about you
  • Right to rectification – we can correct inaccurate or incomplete data
  • Right to erasure – you can ask us to delete your data where there is no longer a lawful basis for holding it (there may be certain data we need to retain but we’ll always make that clear to you)
  • Right to restriction – you can limit how we use your data while a query is resolved
  • Right to data portability – you can receive your data in a portable format and reuse it elsewhere in certain circumstances
  • Right to object – you can object to processing based on legitimate interests, including direct marketing
  • Right to withdraw consent – you can withdraw any consent you have given at any time, without affecting prior processing

If you want to exercise any of your rights please contact us and we will respond as quickly as we can and always within the timeframes set out by UK data protection legislation.

Contact us and how to complain

If you have a question or you want to make a complaint about how we've handled your personal data, please email us at dataprotection@quietroom.co.uk.

We will acknowledge your email promptly and resolve any complaints as best we can. If you are not satisfied with our response, you can have the right to escalate to the Information Commissioner’s Office at ico.org.uk

This policy was last reviewed on 20 May 2026.