Privacy policy for Derbyshire Technology Consultancy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal data in compliance with EU General Data Protection Regulation (GDPR).

Updated: 16 May 2026

1. Who we are

Derbyshire Technology Consultancy (“we”, “us”, or “our”) is the data controller for the personal data you provide through our website. Our registered address is [insert address]. You can contact us about your personal data by email at [insert privacy email] or by phone at [insert phone number].

2. What personal data we collect

We may collect the following personal data from you:

  • Name, email address, phone number, job title, and company name when you contact us via our enquiry form or email.

  • Technical information such as your IP address, browser type, and device information when you visit our website for analytics and security purposes.
    We only collect information that is necessary for the purposes described in this notice.

3. Why and how we use your data

We use your personal data for the following purposes:

  • To respond to your enquiries and provide the services you request.

  • To keep records of our communications for business administration and legal compliance.

  • To improve and secure our website, for example through analytics and anti‑fraud measures.

Our lawful bases for processing your data include:

  • Your consent (for example, if you sign up for marketing communications).

  • Contractual necessity (to respond to your enquiries and provide services).

  • Legitimate interests, such as running our business, improving our website, and ensuring security, provided your rights are not overridden.

4. Who we share your data with

We may share your personal data with:

  • IT and website‑hosting providers necessary to operate and maintain our site.

  • Email‑service providers used to send and receive business communications.

  • Other third‑party service providers where necessary to provide our services, all of whom are required to protect your data and comply with applicable data‑protection laws.

We do not sell your personal data to advertisers or other third parties.

If your data is transferred outside the European Economic Area (EEA), we will only do so where appropriate safeguards are in place, such as EU standard contractual clauses approved by the European Commission. Where relevant, we may also rely on adequacy decisions or other GDPR‑compliant mechanisms.

5. How long we keep your data

We keep your personal data only for as long as necessary for the purposes described in this notice, including any legal, tax, or accounting requirements. For example:

  • Enquiry and contact‑form data is typically retained for up to 3 years from the end of our relationship with you.

  • Website analytics data is stored in anonymised or aggregated form after a reasonable period.

When retention is no longer required, we will securely delete or anonymise your data.

6. Your data‑protection rights under GDPR

Because our services are provided to users within the EU, your rights are governed by the General Data Protection Regulation (GDPR). You have the following rights:

  • The right to access the personal data we hold about you.

  • The right to rectification of any inaccurate or incomplete information.

  • The right to erasure (“right to be forgotten”), in certain circumstances.

  • The right to restrict processing or object to certain types of processing, including direct marketing.

  • The right to data portability, where applicable.

  • The right to withdraw consent at any time, without affecting the lawfulness of processing that occurred before withdrawal.

To exercise any of these rights, please contact us at info@derbyshire-technology-consultancy.com We will respond to your request within one month, although this period may be extended in more complex cases, in line with GDPR requirements.

7. Cookies and similar technologies

Our website uses cookies and similar technologies to improve your experience, analyse traffic, and support security. You can manage your cookie preferences through your browser settings or via any cookie banner on our site. More detailed information about the cookies we use and how to opt out can be found in our Cookie Policy (link to your Cookie Policy page). For users in the EU, we will obtain your prior consent before setting non‑essential cookies, in line with the ePrivacy Directive.

8. Data security and updates

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. However, no online system can be guaranteed to be completely secure.

We may update this privacy notice from time to time; when we do, we will publish the new version on this page and indicate the date of the latest revision.

If you have any questions or concerns about your privacy, please contact us at [insert privacy email]. You also have the right to complain to the supervisory authority in your EU country if you believe we have not handled your data in accordance with the GDPR.