Privacy Policy

4 Day Week Collective Ltd
Global Privacy Notice

Last Updated: 26 February 2026

1. Who We Are

4 Day Week Collective Ltd
2a High Street
Thames Ditton
KT7 0RY
United Kingdom

Email: hello@4dayweek.com

4 Day Week Collective Ltd (“4DWG”, “we”, “us”, “our”) is a UK-based organisation operating globally. We provide consulting services, research, campaigns, education programmes, digital tools, events, and advisory services relating to reduced-hours working and future-of-work design.

For the purposes of UK GDPR and EU GDPR, we act as a Data Controller in relation to personal data described in this Notice.

Where we process personal data on behalf of enterprise clients, we may act as a Data Processor under separate contractual agreements.

2. Scope of This Notice

This Notice applies when you:

  • Visit our website
  • Subscribe to communications
  • Register for events
  • Sign a petition or pledge
  • Download resources
  • Purchase services or digital products
  • Participate in consulting or advisory programmes
  • Engage with digital diagnostic tools
  • Communicate with us

3. Legal Framework

We process personal data in accordance with:

  • UK GDPR
  • EU GDPR
  • CCPA/CPRA (where applicable)
  • Canada’s PIPEDA
  • Australia Privacy Act 1988
  • New Zealand Privacy Act 2020
  • Other applicable laws

We follow the principles of:

  • Lawfulness, fairness and transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

4. Personal Data We Collect

Information You Provide

  • Name
  • Email address
  • Job title and employer
  • Industry and employment status
  • City and country
  • Event registration details
  • Petition or pledge participation
  • Survey responses
  • Communications and correspondence
  • Billing contact information

Payment Information

Payments are processed by secure third-party providers.
We do not store full payment card details.

Automatically Collected Data

When you visit our website, we may collect:

  • IP address
  • Device and browser information
  • Pages visited
  • Date and time of access
  • Referrer URLs
  • Cookie identifiers

5. Lawful Bases for Processing

We rely on:

Consent

For marketing communications, petitions, and optional engagement.

Contractual Necessity

To deliver services or programmes you request.

Legitimate Interests

To improve services, conduct research, maintain security, and manage client relationships.

Legal Obligation

To comply with applicable laws.

You may withdraw consent at any time.
You may object to processing based on legitimate interests.

6. How We Use Personal Data

We use personal data to:

  • Deliver consulting and education services
  • Administer events and programmes
  • Provide digital tools and resources
  • Communicate research and updates
  • Improve our services
  • Maintain website security
  • Prevent fraud
  • Comply with legal obligations

We do not sell personal data.

7. Cookies

We use cookies and similar technologies to:

  • Enable essential website functionality
  • Analyse website usage
  • Support marketing activities

Where required by law, we obtain consent before placing non-essential cookies.
You may manage cookie preferences through your browser settings or our consent mechanism.

8. AI & Digital Tools

We may use AI-supported systems to assist in generating analytical insights or improving digital tools.

AI systems:

  • Operate with human oversight
  • Do not independently make decisions with legal or similarly significant effects
  • Are used to support, not replace, professional judgement

9. Data Sharing

We may share personal data with:

  • Cloud hosting providers
  • CRM and email marketing platforms
  • Payment processors
  • Event platforms
  • IT service providers
  • Professional advisers

All third parties are required to maintain appropriate confidentiality and security safeguards.

10. International Transfers

Where personal data is transferred outside the UK or EEA, we rely on:

  • UK International Data Transfer Agreements
  • EU Standard Contractual Clauses
  • Adequacy decisions
  • Equivalent contractual safeguards

11. Data Retention

We retain personal data only as long as necessary to:

  • Deliver services
  • Meet legal obligations
  • Resolve disputes
  • Support legitimate business purposes

Where appropriate, data may be anonymised.

12. Data Security

We implement reasonable technical and organisational measures to protect personal data, including:

  • Secure cloud infrastructure
  • Access controls
  • Authentication safeguards
  • Contractual protections with service providers

No system is completely secure, but we take proportionate steps to safeguard data.

13. Your Rights

Depending on your location, you may have rights to:

  • Access your data
  • Correct inaccuracies
  • Request deletion
  • Restrict processing
  • Object to processing
  • Withdraw consent
  • Lodge a complaint

UK residents may contact the Information Commissioner’s Office (ICO):
www.ico.org.uk

Requests may be submitted to: hello@4dayweek.com

14. California Privacy Rights

California residents may request:

  • Disclosure of personal information collected
  • Deletion
  • Correction
  • Opt-out of sale (we do not sell data)
  • Non-discrimination

Requests: hello@4dayweek.com

15. Enterprise Clients

Where we process personal data on behalf of enterprise clients, processing is governed by a separate Data Processing Addendum incorporated into our client agreements.

16. Children’s Privacy

Our services are not directed to individuals under 16.
We do not knowingly collect personal data from minors without appropriate consent.

17. Changes to This Notice

We may update this Notice periodically.
The updated version will be published with a revised date.