GDPR Compliance

Last updated: June 25, 2026

Our Commitment to Data Protection

We are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws. This page explains how we comply with GDPR requirements and what rights you have regarding your personal information.

Legal Basis for Processing

We process your personal data under the following legal bases:

• Consent: When you provide your information through our contact forms or consultation requests
• Contract: When processing is necessary for the performance of a contract with you
• Legitimate interests: When we have a legitimate interest in processing your data, such as improving our services
• Legal obligation: When we need to comply with a legal requirement

Data We Collect

We collect the following categories of personal data:

• Identity data: name, business title
• Contact data: email address, business address
• Technical data: IP address, browser type, device information
• Usage data: information about how you use our website
• Communication data: your enquiries and correspondence with us

How We Use Your Data

We use your personal data for the following purposes:

• To respond to your enquiries and provide requested information
• To deliver our services and fulfil contractual obligations
• To improve our website functionality and user experience
• To comply with legal and regulatory requirements
• To protect our business interests and enforce our terms

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

• Consultation enquiries: 2 years from last contact
• Service contracts: 7 years after contract completion (for legal and accounting purposes)
• Marketing communications: until you withdraw consent
• Website analytics: 26 months

Your Rights Under GDPR

You have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of the personal data we hold about you. This is commonly known as a "data subject access request."

Right to Rectification

You have the right to request correction of any inaccurate or incomplete personal data we hold about you.

Right to Erasure

You have the right to request deletion of your personal data in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain situations.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used format and to transmit that data to another controller.

Right to Object

You have the right to object to our processing of your personal data based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where we rely on consent as the legal basis for processing, you have the right to withdraw that consent at any time.

Data Security

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication procedures
• Staff training on data protection principles
• Incident response and breach notification procedures

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area. When we do so, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.

Data Protection Officer

For any questions about our data processing activities or to exercise your rights, you can contact us at:

[email protected]

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of alleged infringement. In the UK, the supervisory authority is the Information Commissioner's Office (ICO).

Changes to This Policy

We may update this GDPR compliance statement from time to time. We will notify you of any significant changes by posting the new policy on this page with an updated revision date.