Enable Strategic Consulting Ltd.
Version 3 — effective 20 April 2026

Enable Strategic Consulting Ltd. (“we,” “us,” or “our”) is committed to safeguarding the privacy of our customers, clients, website visitors, and platform users. This Privacy Policy outlines how we collect, use, disclose, and protect your data in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and Australia’s Privacy Act 1988 (Cth) and Australian Privacy Principles (APPs).

1. Who We Are

Enable Strategic Consulting Ltd. is a business consulting firm trading in the UK and Australia. We provide strategic consulting services, including capture management, business-winning strategies, and market insights. We also operate the AELE learning platform, described in section 3 below.

2. What Personal Data We Collect

Depending on how you interact with us, we may collect the following categories of personal data:

  • Contact Information: name, email address, phone number, and postal address
  • Business Information: company name, job title, and sector
  • Website Usage Data: pages visited, time on site, referring URLs, and browser or device information
  • Marketing Preferences: your choices about receiving communications from us
  • Behavioural Insights: data processed through AI tools using open-source information

For data collected specifically through the AELE platform, please see section 3 below.

3. AELE Learning Platform

This section applies specifically to users of the AELE platform, which includes a public DISC profiler and a registered learner environment.

3.1 What AELE Is

AELE is an online learning platform that uses DISC personality profiling to personalise professional development content. It has two main user-facing functions:

  1. Public DISC Profiler: accessible without an account, allowing anyone to complete a DISC assessment
  2. Learning Platform: a registered environment for learners invited by a facilitator or administrator

3.2 Data Collected Through the Public DISC Profiler

The public profiler does not require you to create an account or log in. When you use it, we collect:

  • Professional background details: your role, sector, and years of experience
  • Your responses to the DISC behavioural preference questions
  • Accuracy feedback you provide after receiving your profile
  • Technical session data: IP address and session identifiers

This data is used to generate your DISC profile, improve the accuracy of the profiler, and contribute to anonymised sector benchmarks. It is not linked to your identity unless you choose to provide identifying information.

Retention: Public profiler responses are retained for 24 months from the date of submission, after which they are deleted or fully anonymised.

3.3 Data Collected From Registered Learners

Learners access the platform via an invitation token. When you register and use the learning platform, we may collect:

  • Your name, if you provide it
  • Your email address, if it was included in your invitation or provided during registration
  • Your DISC profile results from an onboarding assessment
  • Your progress through course modules and learning activities
  • Reflections or written responses you submit within the platform
  • Activity logs recording when and how you engage with content

This data is used to personalise your learning experience, track your progress, and allow your facilitator to support your development. We do not use it for any purpose unrelated to your learning journey.

Retention: Learner data is retained for the duration of your enrolment plus 12 months. It is then deleted or fully anonymised unless we are required by law to keep it longer.

3.4 Data Collected From Facilitators and Administrators

If you are a facilitator or administrator on the AELE platform, we collect:

  • Your email address
  • A securely stored password (hashed using bcrypt, meaning we cannot read your password)

This data is used solely to authenticate your access to the platform and allow you to manage learner groups and content.

Retention: Facilitator and administrator accounts and associated data are retained for as long as your account remains active. If your account is closed or deactivated, your data is deleted within a reasonable period.

3.5 Aggregated and Anonymised Data

We may combine and anonymise DISC assessment responses and learning activity data across users to:

  • Improve the accuracy and quality of the profiler and course content
  • Generate sector-level benchmarks for professional development research
  • Inform the design of new learning materials

Aggregated data does not identify any individual and is not subject to the same retention limits as personal data.

3.6 Legal Basis for Processing AELE Data

We process AELE platform data on the following legal grounds under UK GDPR:

  • Legitimate interests: operating and improving the platform, generating anonymised benchmarks, and maintaining platform security
  • Performance of a contract: delivering the learning experience you or your organisation has engaged us to provide
  • Consent: where you voluntarily provide additional personal information or opt in to optional features

3.7 Data Hosting and Infrastructure

AELE platform data is hosted on Railway infrastructure, which operates servers in the EU and the US. Data is stored in a PostgreSQL database. We take reasonable steps to ensure that any international transfers of your data comply with UK GDPR requirements, including reliance on appropriate transfer mechanisms where applicable.

We do not sell your data. We do not share your data with third parties for marketing purposes.

3.8 Your Rights in Relation to AELE Data

You have the same data protection rights in relation to AELE platform data as you do for all other data we hold (see section 10). To exercise any of those rights, including requesting deletion of your AELE data, please contact us directly via the website.

4. How We Collect Personal Data

We collect personal data in the following ways:

  • Directly from you: when you contact us, complete a form, sign up to services, or use the AELE platform
  • Automatically: through cookies and similar tracking technologies on our website and platform (see section 12)
  • From third parties: such as referral partners, publicly available sources, or your employer where they have engaged us on your behalf

5. How We Use Your Data

We use personal data we collect for the following purposes:

  • Providing services: delivering consulting services and platform functionality to you or your organisation
  • Communication: responding to enquiries, sending service updates, and managing your account
  • Marketing: sending relevant communications where you have consented or where we have a legitimate interest to do so
  • Website functionality: ensuring our website and platform operate correctly and securely
  • Behavioural analysis: developing insights through AI tools and open-source data to inform our consulting work
  • Compliance: meeting our legal and regulatory obligations

6. Legal Basis for Processing

We process personal data on one or more of the following legal bases:

  • Performance of a contract: where processing is necessary to deliver services you have requested
  • Legitimate interests: where we have a legitimate business reason and that interest is not overridden by your rights and interests
  • Consent: where you have given us clear permission to process your data for a specific purpose
  • Legal obligations: where we are required to process data to comply with applicable law

7. Disclosure of Personal Data

We may share your personal data in the following circumstances:

  • Service providers: trusted third-party suppliers who process data on our behalf and are contractually required to keep it secure
  • Legal authorities: where we are required to disclose data by law, court order, or regulatory obligation
  • Business transfers: in the event of a merger, acquisition, or sale of the business, your data may be transferred as part of that transaction, and you will be notified in advance where required

We do not sell your personal data. We do not share your personal data with third parties for marketing purposes.

8. International Transfers

Our consulting operations are based in the UK and Australia. AELE platform data may be hosted on infrastructure located in the EU and the US. Where personal data is transferred outside the UK, we ensure that appropriate safeguards are in place in accordance with UK GDPR, including standard contractual clauses or reliance on adequacy decisions where applicable.

9. Data Retention

We retain personal data only for as long as is necessary for the purposes for which it was collected, or as required by law. Specific retention periods for AELE platform data are set out in section 3. For other data, retention periods are determined by the nature of the relationship and applicable legal requirements.

10. Your Data Protection Rights

Under UK GDPR and the Data Protection Act 2018, you have the following rights in relation to personal data we hold about you:

  • Access: you can request a copy of the personal data we hold about you
  • Correction: you can ask us to correct inaccurate or incomplete data
  • Erasure: you can ask us to delete your data where there is no longer a lawful basis for us to hold it
  • Restriction: you can ask us to limit how we use your data in certain circumstances
  • Portability: you can request your data in a structured, commonly used, machine-readable format
  • Objection: you can object to processing based on legitimate interests or for direct marketing purposes
  • Withdraw consent: where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us using the details in section 14. We will respond within one month. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.

If you are based in Australia, you may also have rights under the Privacy Act 1988 (Cth) and the Australian Privacy Principles. Complaints may be directed to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

11. Security

We apply appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These measures include encrypted data storage, hashed password storage (bcrypt), access controls, and regular security reviews. No method of data transmission or storage is completely secure, and we cannot guarantee absolute security.

12. Cookies and Tracking Technologies

We use cookies and similar technologies on our website and platform to support functionality, analyse usage, and improve user experience. You can manage your cookie preferences through your browser settings or via our cookie consent tool where provided. Some functionality may not work correctly if certain cookies are disabled.

13. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data practices. When we make significant changes, we will update the version number and effective date at the top of this page. We encourage you to review this policy periodically.

14. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data rights, or want to request deletion of your data, please contact us:

Enable Strategic Consulting Ltd.
71-75 Shelton Street
Covent Garden
London
WC2H 9JQ

Or via the contact us section of the website