Privacy Policy

Data controller: NDO CONSULTANCY LTD

Registered address: Suite 57-58, Capital Business Centre, 22 Carlton Road, South Croydon, United Kingdom, CR2 0BS

Email: info@ndoconsultancy.com

We provide business consultancy services helping SMEs enter the UK market.

We may process the following categories of personal data:

• Identity and contact data: Name, email, phone number, company name.
• Enquiry data: Information you submit via contact forms, quote requests, or consultancy applications.
• Technical data: IP address, browser type, device information, pages visited, cookie identifiers.
• Marketing preferences: Newsletter subscriptions or communication opt-ins (with consent).

We process personal data for the following purposes:

• Responding to enquiries and providing consultancy services (contract, legitimate interests).
• Managing client relationships and communications (legitimate interests, contract).
• Complying with legal obligations (legal obligation).
• Website security, analytics, and improving user experience (legitimate interests; analytics cookies require consent).
• Sending marketing communications (consent).

We use cookies as described in our Cookie Policy. Non-essential cookies require your consent under PECR.

We may share data with service providers (hosting, email, analytics), professional advisers, and authorities where required by law.

We require processors to protect your data through appropriate contractual safeguards.

As a UK-based company, your data may be processed in the United Kingdom. Where data is transferred outside the UK, we ensure appropriate safeguards (such as UK International Data Transfer Agreements or adequacy regulations) are in place.

We retain personal data only as long as necessary for the purposes collected, including legal, accounting, and reporting requirements.

Enquiry records are typically kept for 2 years; contract-related records for statutory periods; technical logs up to 12 months.

You have the following rights:

• Right of access to your personal data.
• Right to rectification of inaccurate data.
• Right to erasure ('right to be forgotten') in certain circumstances.
• Right to restrict processing.
• Right to data portability.
• Right to object to processing based on legitimate interests.
• Right to withdraw consent at any time (where processing is consent-based).
• Right not to be subject to solely automated decision-making with legal effect.

To exercise your rights, contact us at info@ndoconsultancy.com. We respond within one month.

You may also lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe your data protection rights have been breached.

We implement appropriate technical and organisational measures including access controls, encryption, secure hosting, and staff confidentiality obligations.

We may update this policy to reflect legal or operational changes. The latest version is published on this page.

For questions about your personal data or this policy:

info@ndoconsultancy.com

Go to contact page