Mutt in a Rutt logo Mutt in a RuttDog Behaviour and Training Back to website

GDPR AND DATA PROTECTION POLICY

Mutt in a Rutt

Last updated: 3 July 2026

1. Purpose of this policy

This GDPR and Data Protection Policy explains how Mutt in a Rutt manages personal data in line with UK data protection law.

It is intended to guide how the business collects, uses, stores, shares, protects and deletes personal information relating to clients, prospective clients, website visitors, suppliers, contacts and other individuals.

This policy should be read alongside the Mutt in a Rutt Privacy Policy and Cookies Policy.

2. Business details

Business name: Mutt in a Rutt

Location: Shrewsbury, Shropshire, United Kingdom

Email: support@muttinarutt.com

Mutt in a Rutt provides dog training and behaviour support services in Shrewsbury, Shropshire and surrounding areas.

For the purposes of UK data protection law, Mutt in a Rutt is generally the data controller for the personal data it collects and uses.

3. Scope

This policy applies to personal data handled by Mutt in a Rutt in any format, including:

4. Data protection principles

Mutt in a Rutt will handle personal data in line with the following principles.

Personal data must be:

5. Types of personal data handled

Mutt in a Rutt may handle the following categories of personal data.

5.1 Client and enquiry data

5.2 Dog training and behaviour data

5.3 Payment and business records

5.4 Website and technical data

5.5 Marketing data

5.6 Images and media

6. Special category and sensitive information

Mutt in a Rutt does not normally need to collect special category personal data. However, some dog behaviour work may involve sensitive context, such as:

Sensitive information must only be collected where it is relevant and necessary.

Where sensitive information is handled, it must be treated with extra care, accessed only where needed, and not shared unless there is a lawful and appropriate reason.

7. Lawful bases for processing

Mutt in a Rutt will identify a lawful basis before processing personal data.

The main lawful bases used are:

7.1 Contract

Used where personal data is needed to respond to enquiries, arrange bookings, provide services, deliver training, manage payments or communicate with clients about services.

7.2 Legitimate interests

Used where personal data is needed for reasonable business purposes, including record keeping, service improvement, safety, incident management, complaint handling, website security and business administration.

7.3 Consent

Used for optional activities such as non-essential cookies, certain marketing communications, photos, videos, testimonials and case studies.

7.4 Legal obligation

Used where the business must keep or share information to comply with legal, tax, accounting, insurance, regulatory or law enforcement requirements.

7.5 Vital interests

Used rarely, where information is needed to protect life or prevent serious harm.

8. Consent

Where Mutt in a Rutt relies on consent, consent must be:

Examples where consent may be needed include:

Withdrawing consent does not affect the lawfulness of anything done before consent was withdrawn.

9. Privacy information

Mutt in a Rutt will provide clear privacy information through its Privacy Policy and, where appropriate, through forms, booking processes, cookie banners or direct communication.

Privacy information should explain:

10. Data minimisation

Mutt in a Rutt will only collect personal data that is reasonably needed.

The business should avoid collecting excessive or irrelevant information.

For dog behaviour work, some detailed information may be necessary for safety and welfare reasons, but it should still be relevant to the service being provided.

11. Accuracy

Mutt in a Rutt will take reasonable steps to keep personal data accurate.

Clients may be asked to confirm or update key information where needed, especially contact details, dog behaviour risks, household safety information and booking details.

12. Storage and security

Personal data must be stored securely.

Reasonable measures may include:

13. Access control

Access to personal data should be limited to people who need it for legitimate business reasons.

Personal data should not be shared casually or discussed in a way that could identify a client unnecessarily.

14. Sharing personal data

Mutt in a Rutt may share personal data where necessary and lawful.

This may include sharing with:

Before sharing personal data, the business should consider:

15. Processors and third-party providers

Where third-party providers process personal data for Mutt in a Rutt, the business should use reputable providers and, where appropriate, ensure suitable data protection terms are in place.

Examples may include providers for:

16. International transfers

Some third-party providers may process personal data outside the United Kingdom.

Where this happens, Mutt in a Rutt will aim to use providers that apply appropriate safeguards under UK data protection law.

17. Retention policy

Personal data should not be kept for longer than necessary.

The following retention periods apply unless a different period is needed for legal, insurance, safeguarding, tax, accounting or dispute reasons:

Records should be deleted, anonymised or securely destroyed when no longer required.

18. Data subject rights

Individuals have rights under UK data protection law.

These may include:

These rights are not absolute and may depend on the circumstances.

19. Handling data subject requests

If someone makes a request about their personal data, Mutt in a Rutt should:

If the request is complex, more time may be allowed under data protection law.

Requests should be sent to:

support@muttinarutt.com

20. Right of access

If someone asks for a copy of their personal data, this is a subject access request.

Mutt in a Rutt should provide a copy of the personal data held about that person unless an exemption applies.

Information about other people should be removed or protected unless it is reasonable and lawful to disclose it.

21. Right to erasure

Individuals may ask for their personal data to be deleted.

Mutt in a Rutt will consider each request and delete data where required. However, some information may need to be retained for legal, insurance, accounting, complaint, safeguarding or safety reasons.

22. Right to rectification

If information is inaccurate or incomplete, individuals can ask for it to be corrected.

Mutt in a Rutt should correct inaccurate information without undue delay where appropriate.

23. Right to object or restrict processing

Individuals may object to certain uses of their personal data or ask for processing to be restricted.

Mutt in a Rutt will consider these requests in line with UK data protection law.

24. Marketing and opt-outs

Marketing communications must comply with applicable data protection and electronic marketing rules.

Mutt in a Rutt should:

25. Cookies and similar technologies

The website may use cookies and similar technologies.

Strictly necessary cookies may be used where needed for the website to function.

Non-essential cookies, such as analytics or marketing cookies, should only be used where a valid lawful basis applies. In many cases, this means obtaining consent through a cookie banner or cookie settings tool.

More information is provided in the Mutt in a Rutt Cookies Policy.

26. Photos, videos and testimonials

Identifiable photos, videos, testimonials and case studies should only be used for marketing where permission has been given.

The business should record consent where practical and respect withdrawal of consent for future use.

Where content has already been published, the business will take reasonable steps to remove it from platforms it controls, but it may not be possible to remove copies from third-party sites, search engines or social media shares.

27. Data breaches

A personal data breach may include:

If a breach occurs, Mutt in a Rutt should:

Serious breaches may need to be reported to the Information Commissioner’s Office within 72 hours of becoming aware of them.

28. Complaints

If someone complains about how their personal data has been handled, Mutt in a Rutt should:

Complaints can be sent to:

support@muttinarutt.com

Individuals also have the right to complain to the Information Commissioner’s Office.

Information Commissioner’s Office

Website: https://ico.org.uk

Telephone: 0303 123 1113

29. Training and awareness

Anyone handling personal data for Mutt in a Rutt should understand the importance of privacy, confidentiality and data protection.

They should know:

30. Review of this policy

This policy should be reviewed regularly and updated when:

31. Contact

For questions about this policy or data protection at Mutt in a Rutt, contact:

Mutt in a Rutt

Shrewsbury, Shropshire, United Kingdom

Email: support@muttinarutt.com