Legal · GDPR

Privacy Policy.

This page is maintained by The Maverick Group and describes how we handle your personal data on the Maverick Growth Readiness Index (GRI) platform. It is written to reflect our obligations under the UK GDPR and the Data Protection Act 2018. Last updated: July 2026.

1. Who we are

The Maverick Group ("we", "us") is the data controller for personal data collected via this platform. You can reach us at hello@themaverickgroup.org.

2. What we collect

  • Account data: your name, email address, and (where you provide it) organisation details.
  • Assessment data: your responses to the AIDRA questions and the resulting scores and reports.
  • Feedback data: your answers to the post-assessment survey.
  • Consent flags: whether you've accepted these policies and opted in to marketing, and when.
  • Technical data: minimal cookies required to keep you signed in and gate the beta.

3. How we use it and our lawful bases

  • To provide the service (calculating your GRI, generating reports, saving drafts) — lawful basis: performance of a contract.
  • To improve the platform (analysing aggregate survey responses and usage patterns) — lawful basis: legitimate interests.
  • To send you marketing communications — only where you have explicitly opted in; lawful basis: consent, which you can withdraw at any time.
  • To meet legal obligations — lawful basis: legal obligation.

4. Sharing your data

We do not sell your data. We share it only with:

  • Our infrastructure providers (hosting, database, email delivery) acting as processors on our behalf
  • Regulators or law enforcement where we are legally required to do so

5. How long we keep it

We keep your account and assessment data for as long as your account is active, and for up to 24 months after you last use the platform, so you can return to your report. You can request deletion at any time.

6. Your rights under UK GDPR

You have the right to:

  • Access the personal data we hold about you
  • Correct data that is inaccurate
  • Erase your data ("right to be forgotten")
  • Restrict or object to certain processing
  • Receive your data in a portable format
  • Withdraw consent to marketing at any time
  • Lodge a complaint with the UK Information Commissioner's Office (ico.org.uk)

To exercise any of these rights, email hello@themaverickgroup.org.

7. Security

We use appropriate technical and organisational measures to protect your data, including encryption in transit, encrypted session cookies, row-level access controls on our database, and least-privilege access for our team.

8. Cookies

We use a small number of strictly-necessary cookies to keep you signed in and to remember that you've unlocked the beta. We do not use advertising or third-party tracking cookies.

9. International transfers

Some of our processors are based outside the UK. Where that's the case we rely on the UK International Data Transfer Addendum or equivalent safeguards approved by the ICO.

10. Changes to this policy

If we make material changes we'll notify you by email or in-app. The version date at the top of this page always reflects the latest update.