Privacy Policy

Last updated: 09 January 2025

Welcome to the privacy policy of britishsolutioncor.info (the "Website"). We are committed to protecting your personal data and respecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (PECR), and other applicable UK data protection laws.

This policy explains how we collect, use, store, share, and protect your personal information when you visit our Website or use our services. It also informs you of your rights and how the law protects you.

Please read this policy carefully. If you do not agree with any part of it, you should stop using our Website immediately.

1. Important Information and Who We Are

1.1 Controller

britishsolutioncor.info is operated by British SolutionCor Ltd (company number [registered number], registered in England and Wales). For the purposes of UK data protection law, we are the data controller of your personal data.

Registered address: [Insert full registered office address, e.g., 123 Example Street, London, EC1A 1BB, United Kingdom]

Correspondence address: [Insert same or different address for data protection matters]

Email: [Insert GDPR-specific email, e.g., privacy@britishsolutioncor.info]

Telephone: [Insert optional telephone number]

1.2 Data Protection Officer (DPO)

We have appointed a Data Protection Officer to oversee compliance with this policy. If you have any questions, requests, or complaints regarding your personal data, please contact our DPO:

  • Email: [Insert DPO email, e.g., dpo@britishsolutioncor.info]
  • Address: [Same as registered address above, marked "FAO: Data Protection Officer"]
  • Phone: [Insert optional DPO phone number]

1.3 Changes to This Policy

We may update this policy from time to time. Material changes will be notified to you via a prominent notice on our Website or by email. Your continued use of the Website after such changes constitutes acceptance of the updated policy. We recommend you review this page periodically.

2. What Personal Data We Collect

We collect only the personal data necessary to provide our services, comply with legal obligations, or improve your experience. The types of data we may collect include:

2.1 Information You Provide Directly

  • Identity Data: Full name, username or similar identifier, title, date of birth (if requested).
  • Contact Data: Email address, telephone number, billing address, delivery address.
  • Financial Data: Payment card details (processed securely via third-party payment processors—we do not store full card numbers), bank account details.
  • Transaction Data: Details of purchases, orders, subscriptions, or services you have obtained from us.
  • Profile Data: Username and password, preferences, feedback, survey responses, and support requests.
  • Communications Data: Records of correspondence when you contact us via email, phone, or live chat.

2.2 Information We Collect Automatically

  • Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, device type.
  • Usage Data: Information about how you use our Website, products, and services, including page views, clickstream data, and search queries.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and third parties, and your communication preferences.
  • Cookies and Similar Technologies: As detailed in our Cookie Policy (Section 11), we use cookies, web beacons, and similar tracking technologies to collect data about your browsing behaviour.

2.3 Third-Party Sources

We may receive personal data about you from third parties, such as:

  • Analytics providers (e.g., Google Analytics, Hotjar).
  • Advertising networks and social media platforms (e.g., Facebook, LinkedIn, Twitter) when you interact with our ads.
  • Payment processors (e.g., Stripe, PayPal) for transaction verification.
  • Publicly available sources (e.g., Companies House, electoral roll) to verify identity or comply with legal obligations.

3. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we rely on the following legal bases under UK GDPR:

  • Consent: You have given clear consent for us to process your personal data for a specific purpose (e.g., marketing emails).
  • Contractual Necessity: Processing is necessary to perform a contract with you or to take steps at your request before entering into a contract (e.g., to provide a service you ordered).
  • Legal Obligation: Processing is necessary for compliance with a legal or regulatory obligation (e.g., fraud prevention, tax reporting).
  • Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. Examples include direct marketing (where consent is not required), network security, and business analytics.

3.1 Specific Purposes

Below is a table of the purposes for which we use your data, the categories of data involved, and our legal basis:

Purpose Data Categories Legal Basis
To register you as a new user/customer Identity, Contact Contractual necessity
To process and deliver your orders/purchases Identity, Contact, Financial, Transaction Contractual necessity
To manage payments, fees, and charges Financial, Transaction Contractual necessity, Legal obligation
To manage our relationship with you (customer support, notifications) Identity, Contact, Profile, Communications Contractual necessity, Legitimate interests
To enable you to participate in surveys, contests, or promotions Identity, Contact, Profile, Usage Consent
To administer and protect our Website (including troubleshooting, data analysis, testing, security) Technical, Usage Legitimate interests (network security, business continuity)
To deliver relevant website content and advertisements to you Identity, Contact, Profile, Usage, Marketing Consent (where required), Legitimate interests (direct marketing)
To use data analytics to improve our Website, products, services, marketing, and user experience Technical, Usage Legitimate interests (improving business)
To comply with legal or regulatory obligations (e.g., anti-money laundering, data subject rights) Identity, Contact, Transaction Legal obligation

4. Marketing and Advertising

4.1 Direct Marketing

We may use your Identity, Contact, Technical, Usage, and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services, and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have:

  • Requested information from us or purchased goods or services from us; and
  • You have not opted out of receiving that marketing; or
  • You have provided your explicit consent to receive marketing (e.g., by ticking a box).

We will always obtain your opt-in consent before sharing your data with third parties for their own marketing purposes, except where we rely on the "soft opt-in" exception under PECR for similar products/services (and you have not opted out).

4.2 Opting Out

You can ask us to stop sending you marketing messages at any time by:

  • Clicking the "unsubscribe" link in any marketing email;
  • Contacting us using the details in Section 1.2.

If you opt out of marketing, we will still send you service-related messages (e.g., order confirmations, password resets) unless you also object to those.

4.3 Advertising and Retargeting

We may use third-party advertising networks (e.g., Google Ads, Facebook Ads) to display our ads on other websites. These networks may use cookies and similar technologies to serve ads based on your previous visits to our Website. You can manage your preferences via our Cookie Consent Tool (see Section 11) or directly through your browser or device settings.

5. Disclosure of Your Personal Data

We may share your personal data with the following categories of third parties for the purposes set out in Section 3:

  • Service providers: IT hosting, payment processing, analytics, email delivery, customer support, and marketing automation.
  • Professional advisers: Lawyers, accountants, auditors, and insurers who provide consultancy, legal, or insurance services.
  • Regulatory authorities: The Information Commissioner's Office (ICO), HM Revenue & Customs (HMRC), law enforcement, or other public bodies where required by law.
  • Business partners: Affiliates and joint venture partners with whom we deliver co-branded services or promotions (only with your consent).
  • Social media platforms: Facebook, LinkedIn, Twitter, etc., for targeted advertising (subject to your consent).
  • Third parties in a corporate transaction: If we sell, merge, or transfer part or all of our business, we may disclose your data to the prospective buyer or new owner.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes unless you have given explicit consent.

6. International Transfers

Some of our third-party service providers (e.g., cloud hosting, analytics) may be based outside the United Kingdom. When we transfer your personal data to countries that are not subject to an adequacy decision by the UK government or the European Commission, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) adopted by the UK Information Commissioner's Office (ICO) or European Commission;
  • Binding Corporate Rules (BCRs) for intra-group transfers;
  • An International Data Transfer Agreement (IDTA) under UK GDPR.

You can request a copy of the safeguards we have in place by contacting our DPO (Section 1.2).

7. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process your data, and whether we can achieve those purposes through other means.

Examples of retention periods:

  • Transaction data (including financial records) – 6 years after the end of the tax year in which the transaction occurred (to comply with HMRC requirements).
  • Marketing preferences – until you unsubscribe or 2 years after your last interaction with us (whichever is sooner).
  • Cookies and usage data – as set out in our Cookie Policy (Section 11).

In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

8. Your Legal Rights Under UK GDPR

Under UK data protection law, you have the following rights in relation to your personal data. We will respond to any request within one month (or up to two months if the request is complex or you have made multiple requests).

  • Right to be informed: You have the right to be told how we collect, use, and share your data (this policy fulfils that right).
  • Right of access: You can request a copy of the personal data we hold about you, free of charge, along with details of how we use it.
  • Right to rectification: You can ask us to correct any inaccurate or incomplete data we hold about you.
  • Right to erasure ("right to be forgotten"): You can ask us to delete your personal data where there is no good reason for us to continue processing it, or where you have withdrawn consent and no other legal basis applies.
  • Right to restrict processing: You can ask us to suspend the processing of your data in certain circumstances (e.g., if you contest its accuracy).
  • Right to data portability: You can request a copy of your data in a structured, commonly used, and machine-readable format (e.g., CSV), and have it transferred to another controller, where processing is based on consent or contract and is automated.
  • Right to object: You have the right to object to processing based on our legitimate interests (including profiling) and to direct marketing. We will comply unless we can demonstrate compelling legitimate grounds.
  • Rights in relation to automated decision-making and profiling: You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects or similarly significant effects. We do not currently engage in such automated decision-making.

To exercise any of these rights, please contact our DPO using the details in Section 1.2. You will not have to pay a fee to access your personal data (or to exercise any of the other rights), unless your request is clearly unfounded, repetitive, or excessive, in which case we may charge a reasonable fee or refuse to act.

9. Security of Your Personal Data

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, accessed in an unauthorised way, altered, or disclosed. These include:

  • Encryption of data in transit (TLS/SSL) and at rest.
  • Firewalls, intrusion detection systems, and regular vulnerability scanning.
  • Access controls based on the principle of least privilege for employees and contractors.
  • Regular staff training on data protection.
  • Procedures for dealing with data breaches (including notification to the ICO and affected individuals where required).

We also require our third-party service providers to maintain equivalent security standards.

10. Complaints

If you have a complaint about how we handle your personal data, please contact our DPO in the first instance (Section 1.2). We will investigate and respond to you within 30 days.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues:

  • Website: https://ico.org.uk
  • Phone: 0303 123 1113
  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us first.

11. Cookie Policy

Our Website uses cookies and similar tracking technologies to distinguish you from other users, improve your browsing experience, and deliver relevant advertising. This section explains what cookies are, which ones we use, and how you can control them.

11.1 What Are Cookies?

Cookies are small text files placed on your device (computer, tablet, or mobile) when you visit a website. They are widely used to make websites work more efficiently, as well as to provide information to the website owners. Some cookies are essential for the Website to function; others are optional and used for analytics, performance, or targeting.

11.2 Types of Cookies We Use

Category Purpose Examples Duration
Strictly Necessary Essential for the Website to function; cannot be disabled. These enable core functionality like security, network management, and accessibility. Cookie consent preference cookie, session ID cookie Session / up to 1 year
Performance / Analytics Collect aggregated, anonymous information about how visitors use the Website. We use this data to improve performance and user experience. Google Analytics (_ga, _gid, _gat) Session / up to 2 years
Functionality Remember choices you make (e.g., language, region) to provide enhanced, more personal features. Language preference cookie Up to 1 year
Targeting / Advertising Used to deliver adverts more relevant to you and your interests, limit ad frequency, and measure campaign effectiveness. These may be set by us or third-party advertising networks. Google Ads (_gcl_), Facebook Pixel (fbp) Session / up to 3 months

11.3 Your Cookie Choices

When you first visit our Website, a cookie consent banner will appear asking you to accept or reject non-essential cookies. You can:

  • Accept all: Consent to all categories (including analytics and advertising).
  • Reject all: Only strictly necessary cookies will be set.
  • Customise: Choose which categories to allow (e.g., accept analytics but reject advertising).

You can change your preferences at any time by clicking the "Cookie Settings" link in the footer of our Website. Additionally, most browsers allow you to manage or block cookies via their settings (e.g., Chrome, Firefox, Safari, Edge). Please note that blocking all cookies, including strictly necessary ones, may impair Website functionality.

11.4 Third-Party Cookies

Some of the cookies on our Website are set by third parties (e.g., Google Analytics, Facebook). These third parties have their own privacy policies, and we encourage you to review them. For example:

You can also opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

11.5 Updates to This Cookie Policy

We may update this Cookie Policy from time to time. Any changes will be posted on this page, and if material, we will notify you via a banner or email.

12. Children's Privacy

Our Website is not intended for children under the age of 13 (or under 16 in some contexts). We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact our DPO immediately (Section 1.2). We will delete such data as soon as reasonably possible.

13. Third-Party Links

Our Website may contain links to third-party websites, plug-ins, and applications (e.g., social media buttons). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices. We encourage you to read the privacy policy of every website you visit.

14. Contact Us

If you have any questions about this Privacy Policy, our data practices, or you wish to exercise your rights, please contact us using the details below:

  • Data Protection Officer: [Insert DPO name or title]
  • Email: dpo@britishsolutioncor.info
  • Phone: [Insert optional phone number]
  • Postal address: [Insert full postal address, e.g., British SolutionCor Ltd, 123 Example Street, London, EC1A 1BB, United Kingdom]

We aim to respond to all legitimate requests within one month. Occasionally, it may take longer if your request is particularly complex or you have made multiple requests. In that case, we will notify you and keep you updated.

15. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of England and Wales. Any disputes arising out of or in connection with this policy shall be subject to the exclusive jurisdiction of the courts of England and Wales.