This Privacy Policy outlines how Northage Ltd (“we,” “us,” or “our”) collects, uses, shares, and protects your personal data in compliance with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection
Regulation (EU GDPR), and other applicable laws. By using our website, you agree to the terms of this policy.
1. Data We Collect
A. Information You Provide Directly
- Contact Form: Full name, email address, phone number, company name, message content.
- Newsletter Subscription: Email address.
B. Automatically Collected Information
When you visit our website, we collect:
- Technical Data: IP address, browser type and version, device type (e.g., mobile, desktop), operating system.
- Usage Data: Pages visited, time spent on pages, clickstream data (navigation paths), referral source (e.g., search engine, social media).
- Marketing Data: Cookies and tracking pixels (e.g., from Google Analytics, Meta Pixel), interactions with ads or campaigns (e.g., clicks, impressions).
C. Third-Party Sources
We may receive data from:
- Social media platforms (e.g., LinkedIn, Facebook) if you interact with our content.
- Analytics providers (e.g., Google Analytics, Hotjar).
2. Legal Basis for Processing
Under GDPR, we process your data based on:
- Consent: For newsletters and non-essential cookies (you may withdraw consent anytime).
- Contractual Necessity: To fulfill requests submitted via the contact form.
- Legitimate Interests: Improving website performance, fraud prevention, and marketing.
- Legal Obligations: To comply with applicable laws.
3. How We Use Your Data
- Respond to inquiries submitted via the contact form and provide customer support.
- Send newsletters and promotional offers (if subscribed).
- Analyze website performance using tools like Google Analytics and Hotjar.
- Personalize ads on platforms like Google Ads, Meta Ads, and LinkedIn.
- Monitor for fraudulent activity or unauthorized access.
- Share data if required by law enforcement or regulators.
4. Data Sharing
We share your data only as necessary with:
- Service Providers: Email marketing tools (e.g., Mailchimp), analytics platforms (e.g., Google Analytics), CRM systems (e.g., Salesforce), and hosting providers (e.g., AWS).
- Legal Authorities: If required by law (e.g., court orders).
- Business Transfers: In case of mergers, acquisitions, or asset sales.
International Data Transfers
Data may be transferred outside the UK/EEA to countries with GDPR-approved safeguards (e.g., Standard Contractual Clauses).
5. Data Retention
- Contact Form Data: Retained for 3 years after your last interaction.
- Newsletter Data: Retained until you unsubscribe (opt-out links are included in every email).
- Analytics Data: Anonymized after 14 months.
- Cookies: Session cookies expire when you close your browser; persistent cookies last up to 12 months.
6. Your Rights Under GDPR/UK GDPR
- Access: Request a copy of your personal data.
- Rectification: Correct inaccurate or incomplete data.
- Erasure: Request deletion of your data (subject to legal limitations).
- Restrict Processing: Limit how we use your data in specific circumstances.
- Data Portability: Receive your data in a structured, machine-readable format.
- Object: Opt out of processing based on legitimate interests or direct marketing.
- Withdraw Consent: For newsletters or cookies at any time.
To exercise these rights, email us at [email protected] or use the opt-out links in our communications.
7. Cookies and Tracking Technologies
We use:
- Essential Cookies: Required for website functionality (e.g., form submissions).
- Analytics Cookies: To analyze traffic (e.g., Google Analytics).
- Marketing Cookies: For ad targeting (e.g., Meta Pixel).
Manage Preferences
- Adjust settings via our cookie consent banner.
- Disable cookies via your browser settings (may affect website functionality).
8. Security Measures
- SSL encryption for data transmission.
- Regular security audits and penetration testing.
- Access controls to limit internal data access.
- Staff training on data protection best practices.
9. Children’s Privacy
Our website is not intended for users under 16. We do not knowingly collect their data. If we discover such data, we will delete it immediately.
10. Third-Party Links
Our website may link to external sites (e.g., social media). We are not responsible for their privacy practices.
11. Automated Decision-Making
We do not use fully automated systems (e.g., profiling) for decision-making.
12. Policy Updates
We will notify you of material changes via email or a website notice. Minor updates will be reflected in the “Last Updated” date.
13. Contact Us
Northage Ltd
Email: [email protected]
Postal Address: 71-75 Shelton Street Covent Garden London WC2H 9JQ UNITED KINGDOM
Supervisory Authorities:
