At ThePoint, we take your privacy seriously. This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and the rights you have over it under UK data protection law.
It applies to the-point.uk ("Site"), our consulting services, our SharePoint apps and any other interactions you have with us.
The short version. We only collect the personal data we genuinely need to respond to enquiries, deliver our services and run our business. We don't sell your data, we don't profile you, and we don't send marketing without your consent.
Contents
ThePoint is a trading name of AJ1801 Ltd, a company registered in England and Wales under company number 08269848, with its registered office at 7 Bell Yard, London, England, WC2A 2JR. We are a specialist Microsoft 365, SharePoint and Power Platform consultancy, and we also licence a suite of SharePoint apps to organisations of all sizes.
For the purposes of UK data protection law, AJ1801 Ltd is the data controller for personal data collected through this Site and in the course of our services.
We collect personal data in the following ways:
If you complete our contact form, email us, or otherwise get in touch, we collect your name, email address, phone number (if provided), company name and any other information you choose to include in your message.
If you book a meeting through our Calendly link, you will be redirected to Calendly's platform. Calendly collects your name, email address, the meeting time and any answers you provide to booking questions. Calendly is the data processor for that booking; please see Calendly's Privacy Notice for details of their processing.
If you purchase a Licence for our SharePoint apps or engage us for consulting services, we collect billing information including your name, business address, email address, the Microsoft 365 tenant ID the Licence is being applied to, and (where relevant) details of authorised users at your organisation. Card payments are handled by Stripe - we do not see, store or have access to your full card details. See Stripe's Privacy Policy for how they handle payment data.
Where you grant us administrative access to your Microsoft 365 tenant to deliver agreed services, we may incidentally have access to personal data of your employees or customers stored in that tenant. We process this data strictly as a data processor on your instructions, only for the purposes of the engagement, and under separate data processing terms where appropriate.
Like most websites, we automatically collect technical information when you visit, including IP address, browser type, device type, pages viewed and referring URL. See section 7 for details of cookies and analytics.
We use the personal data we collect to:
We do not sell your personal data to anyone, and we do not use it for automated decision-making or profiling.
Under UK GDPR, we must have a lawful basis to process your personal data. Depending on the activity, we rely on:
| Activity | Lawful basis |
|---|---|
| Responding to enquiries and running discovery calls | Legitimate interests (running and growing our business) |
| Delivering consulting services and Licences | Performance of a contract |
| Processing payments and meeting tax obligations | Legal obligation |
| Sending marketing communications | Consent |
| Service notifications and renewal reminders | Legitimate interests / performance of a contract |
| Website analytics and security | Legitimate interests |
Where we rely on legitimate interests, we have carried out a balancing assessment to confirm that our interests are not overridden by your rights. You can object to processing based on legitimate interests at any time (see section 10).
We share personal data only with carefully selected service providers who help us run our business. These providers act as our data processors, are contractually bound to protect your data, and may only use it for the purposes we instruct.
| Provider | Purpose |
|---|---|
| Microsoft (Microsoft 365, Azure) | Email, document storage, internal collaboration |
| Calendly | Meeting bookings |
| Stripe | Payment processing for Licences |
| WordPress hosting provider | Website hosting and security |
| Accounting software / accountants | Invoicing, bookkeeping and statutory filings |
We may also disclose personal data where required by law, by a regulator, or to protect our legal rights. We do not share your data with any other parties for their own marketing or commercial purposes.
Some of our service providers (including Calendly and Stripe) are based in or process data in the United States. Where personal data is transferred outside the UK, we rely on appropriate safeguards approved under UK GDPR, including the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or transfers to jurisdictions covered by a UK adequacy decision (such as the UK Extension to the EU-US Data Privacy Framework).
Our Site uses cookies and similar technologies to make it work properly, remember your preferences and understand how visitors use the Site. We use:
You can control cookies through our cookie banner when you first visit the Site, or at any time through your browser settings. Disabling some cookies may affect Site functionality.
Where you have given us consent, or where you are an existing customer and the topic is closely related to services you've already received from us (the "soft opt-in"), we may send you marketing emails about our services, new SharePoint apps or relevant industry updates.
You can unsubscribe at any time using the link in any marketing email, or by emailing info@the-point.uk. Opting out of marketing won't affect service-related messages such as Licence renewal reminders or important product updates.
We keep personal data only for as long as we need it. Indicative retention periods are:
After these periods, your personal data is securely deleted or anonymised.
Under UK data protection law, you have the right to:
To exercise any of these rights, email us at info@the-point.uk. We'll respond within one month. There is normally no charge, and we will not ask for more information than necessary to verify your identity.
If you're unhappy with how we've handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
We'd appreciate the chance to address your concerns first, so please contact us before approaching the ICO.
We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration or disclosure. These include encryption in transit, access controls, multi-factor authentication on critical systems, regular software updates and ongoing staff awareness.
No method of transmission or storage is 100% secure. While we work hard to protect your data, we cannot guarantee its absolute security. If we become aware of a personal data breach that affects your rights, we will notify you and the ICO in accordance with UK GDPR.
Our Site may contain links to third-party websites (such as Calendly, Microsoft, LinkedIn or supplier sites). This Privacy Policy applies only to the-point.uk. We are not responsible for the privacy practices of third-party websites - please review their own policies before sharing personal data with them.
We may update this Privacy Policy from time to time to reflect changes in our services, technology, law or commercial practice. The "Last updated" date at the top of this page shows when it was last revised. Where changes are material, we will notify existing customers by email or a prominent notice on the Site before they take effect.
If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:
This Privacy Policy was last updated on 5 May 2026.
Get in touch and we'll answer any privacy questions you have, walk you through your rights, or send a copy of the data we hold about you.