The Nest. Privacy Policy Last updated: 29 May 2026 This Privacy Policy explains how we collect, use, store and protect your personal information when you visit our website, sign up to our newsletter or waiting list, or complete one of our online scorecards. We are committed to protecting your privacy and handling your data openly and lawfully, in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. 1. Who we are The Nest is a trading name of Bastian & Nelly Limited, which is the “data controller” responsible for your personal information. This means we decide how and why your data is used. You can contact us about anything in this policy, including to exercise your rights, at: •Email: nicola@thenest.uk.com •Post: Hay Barn, Rectory Farm, Little Chishill, Royston, Hertfordshire, SG8 8PB 2. What information we collect We only collect the information we need. Depending on how you interact with us, this may include: •Contact details: your name, email address and (where you provide them) business name and business type. •Your preferences: the topics you tell us you want to hear about when you sign up, so we can send you relevant content. •Scorecard responses: the answers you give when you complete a scorecard through our scorecard provider (ScoreApp), along with the contact details you submit with it. •Messages you send us: the content of any enquiry, email or form you submit. •Technical and usage data: information such as your IP address, browser type, and how you use our site, collected automatically through cookies and similar technologies (see Section 8). 3. How we collect your information We collect personal information when you: •Sign up to our newsletter or waiting list; •Complete a scorecard or other form on our website; •Contact us by email or through a contact form; or •Browse our website, through cookies and similar technologies. 4. Why we use your information and our lawful basis Under UK GDPR we must have a lawful basis for using your data. We rely on the following: Consent. Where you have signed up to our newsletter or waiting list, we send you updates, content and occasional marketing based on the topics you have chosen. You gave your consent at sign-up and can withdraw it at any time (see Sections 7 and 9). Legitimate interests. We use your information to respond to enquiries, operate and improve our website, and understand how our content is received. We only rely on this where your interests and rights do not override ours. Legal obligation. We may process your data where we are required to do so to comply with the law. 5. Who we share your information with We do not sell your personal information, and we never share it for other organisations’ marketing. We do use trusted third-party service providers to run our business. These providers act as our “data processors” and may only use your data on our instructions. They are: •Wix: our website hosting and email marketing platform, which stores the data you submit and helps us send our newsletter. •ScoreApp: our scorecard platform, which collects and stores the responses and contact details you provide when completing a scorecard. We may also disclose your information if required to do so by law, or to protect our legal rights. Some of our providers may store or process data outside the UK. Where they do, we take steps to ensure your information is protected by appropriate safeguards, such as the UK’s International Data Transfer Agreement or equivalent protections. 6. How long we keep your information We keep your personal information only for as long as we need it for the purposes set out in this policy. If you are subscribed to our newsletter or waiting list, we keep your details until you unsubscribe or ask us to remove them. After that, we delete or anonymise your data within a reasonable period, unless we are required to keep it to meet a legal obligation. 7. Your rights Under UK data protection law you have the right to: •Be informed about how your data is used (this policy); •Access the personal information we hold about you; •Have inaccurate or incomplete data corrected; •Have your data erased (the “right to be forgotten”); •Restrict or object to how we use your data; •Request a copy of your data in a portable format; and •Withdraw your consent at any time, where we rely on consent. To exercise any of these rights, please contact us at nicola@thenest.uk.com. We will respond within one month. 8. Cookies and tracking Our website uses cookies and similar technologies to help the site function, to remember your preferences, and to understand how the site is used. Some cookies are set by Wix to run and secure the site; others help us measure traffic and performance. You can control or disable cookies through your browser settings, though some parts of the site may not work properly if you do. 9. How to unsubscribe or withdraw consent You can unsubscribe from our newsletter at any time by clicking the “unsubscribe” link at the bottom of any email we send, or by emailing us at nicola@thenest.uk.com. Withdrawing your consent will not affect the lawfulness of any processing carried out before you withdrew it. 10. Making a complaint We hope to resolve any concerns you have, so please contact us first. You also have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection: •Website: ico.org.uk •Helpline: 0303 123 1113 11. Changes to this policy We may update this Privacy Policy from time to time. Any changes will be posted on this page and take effect when posted. Where changes are significant, we will take reasonable steps to let you know. Please review this page periodically to stay informed. 12. Contact us If you have any questions about this policy or how we handle your personal information, please contact us at: •Email: nicola@thenest.uk.com •Post: Hay Barn, Rectory Farm, Little Chishill, Royston, Hertfordshire, SG8 8PB