Privacy Policy


Mindset Analytics Limited (trading as Matthew Syed Consulting Limited) and Matthew Syed Media Limited (referred to as “we”, “us” or “our” in this policy) respects your privacy and is committed to protecting your personal information.

This policy describes how we process your personal information when you visit our website ( or interact with us. This includes:


For the purposes of data protection laws, we are the controller of the personal information that we process pursuant to the operation of our website and personal data relating to our customers, prospective customers and suppliers.

We will also process personal information relating to our customers’ employees whilst providing our services and an explanation of how and why we process that information is provided in a separate privacy notice.

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.

Contact Details

Mindset Analytics Limited (trading as Matthew Syed Consulting Limited) and Matthew Syed Media Limited are limited companies with company numbers 12234380 and 08760326 respectively and have registered offices at 3 Coldbath Square, London, England EC1R 5HL. Our correspondence address is Dolphin House, Ormond Road, Richmond, TW10 6TH for both entities. If you have any questions about this policy or our use of your personal information, please contact us in writing at the above address or by email to

Third Party Links, Downloads, Embedded Content and Social Media

Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share information about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit to understand how your personal information may be used.

Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti-virus software or similar applications.

We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third party anti-virus software or similar applications.

This website may contain embedded content via third party websites, such as YouTube or Vimeo. This content can have its own trackable events. You can read their privacy policies on their respective websites.

There may be instances where our website features social media sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can read their privacy policies on their respective websites.

Personal Information that We Collect About You

We may collect, use, store and transfer personal information about you in the course of our business, including through your use of our website, when you contact or request information from us, when we provide you with our goods or services, when we engage in the promotion of our business and/or as a result of your relationship with one or more of our staff and clients.

The personal information that we collect and process may include:

  • Identity Information – such as your name (including name prefix or title), the company you work for, your title or position
  • Contact Information – such as your email address, postal address and telephone number
  • Financial Information – such as invoice/billing information and your payment card details (which we do not store) and billing address
  • Technical Information – such as information from your visits to our website, your browser type and version, device, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website
  • Information you provide to us for the purposes of attending meetings and events
  • Any other information relating to you which you may provide to us, including in response to our customer feedback surveys
  • Marketing and communications information including your preferences in receiving marketing from us
  • Information required for our adverse impact analysis, namely age, gender and ethnic origin (see below).

Where we need to collect personal information by law, or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with certain services). In this case, we may have to cancel the contract you have with us but we will notify you if this is the case at the time.​

Individual Mindset Services

Where you are an individual customer that has requested us to provide you with our services (such as a Personal Mindset Report or participation in a Growth Mindset Programme), we will process your personal data in order to provide those services. This will include Identity Information, Contact Information and Financial Information, but it will also include the data you provide to us and/or which we generate whilst we provide our services, such as your responses to our diagnostic surveys and any information you provide during coaching or training sessions.​

Adverse Impact Analysis

When providing psychometric assessments (which form part of our product offering), best practice is to carry out adverse impact analysis. This seeks to reduce the risk of any bias in the results of the tests, based on specific factors, namely age, gender and ethnic origin. As a result, if you participate in our psychometric testing, we will collect this data about you to use it for this purpose.

Data relating to ethnic origin is classed as ‘special category data’ under data protection laws and is therefore subject to additional protections. This data will be stored securely and we will only use an anonymised version of it to the extent that we need to in our legitimate interests of conducting the adverse impact analysis, which is designed to identify any inequality of treatment between groups of people with different ethnic origins as well as age and gender.

How We Obtain Your Personal Information

We collect personal information:

  • From you when you register for and use our services
  • As part of our business acceptance and client identification processes as approved by either your employer or yourself and as necessary in the course of providing our services to you
  • Where we meet and exchange contact details or business cards
  • From our connections on social media platforms such as LinkedIn
  • As you interact with our website, we may collect personal information and technical information about your equipment, browsing actions and patterns (see also our cookie policy)
  • We may also gather personal information from you when you provide it to us during telephone calls and in email communications or when you interact with us directly, for instance engaging with our staff
  • We may receive personal information about you from third parties and by using publicly available sources

How We Use Your Personal Information

We will collect and process your personal information in a number of ways, depending on how you interact with us as follows:

  • To provide our products and services to you and to improve them
  • To administer and protect our business and website, including for good governance, accounting, managing, auditing, monitoring and data security purposes
  • To conduct or support marketing, psychology and other research
  • To provide information requested by you
  • To update our records
  • To promote our services, including sending updates, publications and details of events
  • To manage and administer our relationship with you, including to deal with any queries or complaints
  • For invoicing/billing purposes, including to contact you about your account and/or to recover a debt owed to us
  • To purchase goods or services
  • To fulfil our legal, regulatory and risk management obligations
  • To protect our legitimate interests and those of our clients and our employees.

We process your personal information under the following lawful bases under data protection laws:

  • To enter into, or perform a contract with you, such as engaging with an individual to provide our goods or services or to procure goods and services from an individual or a company;
  • To comply with legal and regulatory obligations;
  • For our legitimate business purposes, including to respond to your queries and for other customer relations purposes, to promote our business and engage in business development and administration, data analysis, system maintenance, support, reporting and hosting, data security and to study how our services and products are used;
  • In limited cases, we may process your personal data based on your consent, for example, where we are required to obtain consent to engage in marketing, as set out below.


Generally, we do not rely on consent as a legal basis for processing your personal information other than (where this is required by law) in relation to sending direct marketing communications to you via email. If you receive marketing communications from us and no longer wish to do so you may unsubscribe at any time by contacting us using the links in our communications or the contact details at the start of this policy.

We will request your consent before we share your personal information with any company outside of Mindset Analytics Limited or Matthew Syed Consulting Limited for marketing purposes.​

Meetings, Events and Workshops

We will collect and process personal information about you in relation to your attendance at our offices or at an event conducted or organised by Mindset Analytics Limited or Matthew Syed Consulting Limited. We may share your personal information with IT and other service providers or business partners involved in organising the particular event.​

Change of Purpose

We will only process your personal information for the purposes for which we collected it, unless we reasonably consider that we need to process it for another reason and that reason is compatible with the original purpose.

If we need to process your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law or where it has been anonymised so that you can no longer be identified from that information.

Sharing Your Personal Information

We may share your personal information with certain trusted third parties so that they can assist us in providing you with our products or services, where it is in our legitimate interests to do so, or where required by law, including:

  • To our IT service and cloud-based/other storage providers
  • To third parties involved in hosting or organising events or seminars which you attend or register for
  • To financial institutions
  • To professional advisors such as lawyers, accountants and auditors
  • Where we need to disclose your personal data in relation to a sale of our business or assets or other transaction
  • To public authorities/regulators such as law enforcement agencies, government bodies (including HMRC), courts, tribunals, and the police, to opposing or related parties to proceedings and their professional advisers,
  • To anyone where you have consented or where we are required to by law to share information

Where we disclose personal information to our service providers (or allow them access to it), we ensure they have entered into appropriate agreements which place contractual restrictions on their use of your data and require them to protect it with appropriate security measures.

International Transfers of Personal Information

Some of the third parties we transfer personal information to may be based outside the UK/ European Economic Area (EEA), including in countries which have a lower standard of protection for personal data than in the UK/EEA.

Where required by data protection laws, we will ensure that appropriate safeguards are in place to protect personal information when it is transferred outside of the UK/EEA. For example, putting appropriate contractual agreements, such as standard contractual clauses or the ICO’s International Data Transfer Agreement (IDTA), in place. You can request more information or a copy of these by getting in touch with us using the contact details set out at the start of this policy.

How We Protect Your Personal Information

We have in place appropriate security measures to seek to prevent your personal information from unauthorised access, disclosure or use. In addition, we limit access to your personal information to those of our employees, agents, contractors and other third parties who have a business need-to-know. Despite this, please remember that transfers of information over the internet can never be 100% secure.

We have put in place procedures to deal with any personal data breaches and will notify you and any applicable regulator of a breach where we are legally required to do so.

How Long We Keep Your Personal Information

We will only keep your personal information for as long as necessary to fulfil the purposes we collected it for, or as otherwise required for legal purposes.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of it, the purposes for which we process your personal information and whether we can achieve those purposes through other means. We also take into account legal and regulatory requirements which require the retention of personal information for a minimum period of time and limitation periods for taking legal action.​

Your Rights Regarding Your Personal Information

You have certain rights under the data protection laws in relation to your personal information. You can:

  • request access to your personal information and information on how we process it
  • request correction or completion of the personal information that we hold about you
  • ask us to delete your personal information
  • object to us processing your personal information
  • request the restriction of processing of your personal information
  • request the transfer of your personal information to you or to a third party
  • withdraw consent at any time where we are relying on consent to process your personal information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. Please note that even after you have chosen to withdraw your consent we may be able to continue to process your personal information to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.

The exercise of these rights may in some cases be subject to certain conditions.​

Queries or Complaints

We strive to process your personal information in accordance with applicable data protection legislation but if you have any queries or complaints, please contact us using the details in the contact details section at the start of this policy.

Whilst we would encourage you to contact us with any complaints in the first instance, you also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the supervisory authority for data protection in the UK.

Updating this Policy

We may update this Policy at any time. When we do, we will post the updated Policy on our Website and we will revise the date at the bottom of this page. We encourage users to frequently check this page for any changes to stay informed. Where we make any material changes, we will actively notify you of those changes, where possible.

This policy was last updated: April 2024