X close
linkedin linkedin
header background slide
mobile top
27 Years 1999 - 2026
Privacy policy

Privacy policy

This privacy policy applies to John D Scotcher Limited (company number 05710078, registered in England and Wales at 3 Warren Yard, Wolverton Mill, Milton Keynes, MK12 5NW), the company behind three trading brands:

  • Pearson Treehouse Web Development – bespoke web development, website applications and AI workflow automation;
  • Sea Change AI – AI advisory, education, training and automation;
  • Tovi – a branded e-learning platform for course providers.

Throughout this policy, “we”, “us” and “our” refer to John D Scotcher Limited.  You can contact us by email at [email protected] or by phone on 01604 807752.

About this policy

This policy covers personal data we collect and process as the data controller – typically for our own customers, prospects, suppliers and contacts across all three brands.  Where we process personal data on behalf of a client (for example, when handling data inside a website we build or run for a client, when delivering an AI or automation project, or when course providers use Tovi to manage their own learners) we act as a data processor.  In those cases the client is the data controller and you should refer to their privacy policy first; our role and obligations are set out in the relevant contract or data processing agreement.

Just so you know, the lawful bases we rely on to process your data are:

  • Contract – where we have a contract with you or are taking steps to enter one (for example, an existing customer or supplier).
  • Consent – where you’ve explicitly opted in (for example, to receive a newsletter).
  • Legitimate interests – where it’s needed to respond to enquiries, manage relationships, secure our systems, or operate the business fairly.
  • Legal obligation – where we’re required to by law (for example, accounting and tax records).

Personal Information

Any personal information you give us, either via this website (for example, via a contact form), via email or direct mail, phone contact or direct contact in person, will never be sold, rented or made public without your consent.

We take your privacy seriously.  We’ll only use your information to administer your account or provide the products, services and/or information you’ve asked for. Sometimes, to do that, we might need to pass information on to a third party (for example via our CRM, accounting system or email infrastructure).  When we do, we use safe, reliable, GDPR-compliant services that won’t pass your personal details anywhere else. You can see who we use under “Third Party Processors” below.

Information we collect

1. Site visits tracking

We collect visitor behaviour on our websites.  This tells us which pages are visited, the sorts of searches that are used to find us, and what people do on the site.  It doesn’t tell us anything personal about visitors – just what they do.

We use cookies to track that data.  Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information.

If you want to know more about cookies visit www.aboutcookies.org or www.allaboutcookies.org.

You can set your browser not to accept cookies.  The websites above will tell you how. But do bear in mind some of our website features may not function as a result.

2. Contact by form, email link and telephone

If you email us, either using a website contact form or by sending a direct email, we’ll receive that information by email.  That data isn’t stored on our website.

If you phone us and we need to store your details for any of the lawful bases explained, we’ll store them safely on company systems, with our CRM where appropriate.

We may keep a record of contacts (such as emails sent and received), but we won’t use the details for anything other than the lawful purposes stated.

3. Marketing

On occasion, we send marketing and information emails.  We only send these emails if you fall into one of the following categories:

  1. You’re an existing customer or supplier we currently do business with.
  2. You’ve asked to get emails via a newsletter signup form or documented social media request.

If you’ve asked to get our marketing, you may opt out at any time. There’ll be an unsubscribe link in each newsletter, or you can contact us directly.

Under 16?  Legally you must obtain parental consent before joining email newsletters.

4. Tovi e-learning platform

If you are a course provider using Tovi as your e-learning platform, we process the personal data you put into the platform (including data about your learners) as a data processor on your behalf.  Your contract with us governs how we handle that data.  Your learners should refer to your privacy policy for information about how their data is used; this policy covers only the account, billing and administrative data you provide to us as a Tovi customer.

What we do with that information

Where appropriate, we’ll use the information we keep about you to:

  1. Provide the products or services you’ve asked for.
  2. Send you information on products or services we think will interest you.
  3. Carry out our obligations arising from any contracts entered into between you and us.
  4. Notify you about changes to our services or products.
  5. Liaise with business partners, suppliers and sub-contractors for the performance of any contract we enter into with you.
  6. Meet our legal, accounting and tax obligations.

How long we keep your information

We only keep your personal data for as long as we need it for the purpose it was collected, or as long as we have to under a legal or accounting obligation.  In practice, that means customer and supplier records are typically held for up to 7 years after our last contact to meet HMRC and accounting requirements.  Marketing contact details are kept until you unsubscribe.  Enquiry data from people who don’t become customers is kept for up to 12 months.  Client project data held in our CRM or systems is retained for the duration of the engagement plus a reasonable period afterwards for support, or as set out in the relevant contract.

Access to your information and correction

You have a number of rights, including the right to request a copy of the information held about you. If you’d like to know what information we hold, please contact us and we’ll reply by email.  Legally that’s within one calendar month, but we’ll aim to reply as soon as we can.  We want to make sure your personal information is accurate and up to date, so once you have any information, you can ask us to correct or remove anything you think is wrong. For a full list of your rights, have a look at the ICO website.

We’ll normally be happy to help at no charge. However, where requests are manifestly unfounded, excessive or repetitive after an initial, responded-to, request, we may charge an admin fee at our standard hourly rate.

Third Party Processors

We use a number of third parties to process personal data for us. These have been carefully chosen and, to the best of our knowledge, all of them comply with current legislation. We may need to share your information with them in order to deliver products or services. This may be within the UK or outside it, including in the United States and other countries outside Europe.  Where data is transferred outside the UK, we rely on safeguards such as the UK’s adequacy regulations, the UK International Data Transfer Agreement, or the UK Addendum to the EU Standard Contractual Clauses.

GoCreations

Our Pearson Treehouse and Tovi websites are hosted on servers owned by GoCreations. The servers are kept up to date with round-the-clock monitoring.  To see GoCreations’ privacy policy, click here.

Hostinger

The Sea Change AI website is hosted on Hostinger.  To see Hostinger’s privacy policy, click here.

Google

Gmail
We run company emails through Gmail as part of Google Workspace.  Emails sent both to and from us are stored on Google’s secure mail servers.

Google Analytics
We use Google Analytics to track user interaction. Although Google Analytics records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you. Google Analytics also records your IP address, which Google does not grant us access to. We consider Google to be a third-party data processor.

To see Google’s privacy and terms click here.

Microsoft Clarity

On the Pearson Treehouse website, we use Microsoft Clarity to capture behavioural metrics, heatmaps and session replays so we can improve the user experience. Website usage data is captured using first and third-party cookies and other tracking technologies. We also use this information for site optimisation, fraud/security purposes and advertising. For more information about how Microsoft collects and uses your data, see the Microsoft Privacy Statement.

ClickUp

We use ClickUp as our CRM and project management system. This operates in the cloud and is used to manage enquiries, projects and ongoing work.  To see ClickUp’s privacy policy, click here.

Xero

We use Xero as our cloud-based accounting software. Here we securely store details of customers, suppliers and transactions.  To see Xero’s privacy policy, click here.

GoCardless

We use GoCardless to process Direct Debit transactions. When customers sign up to pay by Direct Debit they do so directly with GoCardless.  To see GoCardless’s policies, click here.

Breaches

We will report any unlawful data breaches of data held by us to the ICO as required (https://ico.org.uk/for-organisations/report-a-breach/personal-data-breach/) within 72 hours of becoming aware of a breach if it is apparent that personal data stored in an identifiable manner has been compromised.

Other Information

All traffic (transferral of files) between our websites and your web browser is encrypted and delivered over HTTPS.

Our websites contain links to other websites. This privacy policy only applies to our own websites, so when you link to other websites you should read their own privacy policies.

Making a complaint

If you’re unhappy with how we’ve handled your personal data, please tell us first so we have the chance to put it right.  You can email us at [email protected] or phone us on 01604 807752.  We’ll acknowledge your complaint within 30 days and let you know the outcome without undue delay.

If you’re still not happy with our response, or you don’t hear back from us in a reasonable time, you have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk/make-a-complaint or on 0303 123 1113.

Contact information

As a small organisation, we are not legally required to appoint a Data Protection Officer. However, that role is voluntarily taken on by John Scotcher, our director. If you would like to speak with John, please contact the office by phone on 01604 807752 or email us at [email protected].

Future changes

This privacy policy may change from time to time in line with legislation or industry developments.  For minor changes, we’ll update this page.  For material changes that meaningfully affect how we use your data, we’ll let active customers know by email.  We recommend that you check this page occasionally for any policy changes.

This privacy policy was last updated on Friday 5 June 2026.

transparent gif