Privacy Policy
This privacy policy explains how NRJ Tech Ltd ("we", "us", "our") collects, uses, stores and protects your personal data when you visit our website or get in touch with us. We are committed to protecting your privacy and handling your data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who we are
NRJ Tech Ltd is the data controller responsible for your personal data.
- Company: NRJ Tech Ltd
- Company number: 11231906 (registered in England & Wales)
- Registered area: East Sussex, United Kingdom
- Contact for data matters: contact@nrjtech.co.uk
2. What personal data we collect
We only collect data you choose to give us, plus limited technical data needed to run the website. Specifically:
Information you give us
When you complete our contact form, we collect:
- Your name
- Your email address
- Your company name (if you provide it)
- The content of your message
- If you request a callback: your phone number and your preferred time to call
If you email us directly, we receive whatever information you choose to include in that email.
Information collected automatically
Our website is hosted on Netlify. Like most websites, the hosting platform automatically logs limited technical information for security and operational purposes, which may include your IP address, browser type, and the pages you visit. We do not use this to identify you personally.
Cookies
This website uses only essential cookies required for it to function and to protect our forms from spam. We do not use advertising or third-party tracking cookies.
3. How we use your data, and our lawful basis
Under UK GDPR we must have a lawful basis for processing your data. We rely on the following:
| Why we use your data | Lawful basis |
|---|---|
| To respond to your enquiry or callback request | Legitimate interests (responding to someone who has contacted us about our services) |
| To provide services if you become a client | Performance of a contract |
| To keep records required by law (e.g. tax, accounting) | Legal obligation |
| To keep our website and forms secure | Legitimate interests (security) |
We do not use your contact-form data for marketing without your separate, explicit consent.
4. How long we keep your data
We keep personal data only as long as necessary:
- Enquiries that don't become clients: we retain your enquiry for up to 24 months from your last contact, then delete it.
- Clients: we retain relevant records for the duration of our relationship and for as long afterwards as required by law (for example, financial records are typically kept for six years).
5. Who we share your data with
We do not sell your personal data. We share it only with service providers who help us run our business, and only as far as necessary. These include:
- Netlify — our website host and contact-form processor.
- 123-reg — our domain and DNS provider.
- Microsoft — we use Microsoft 365 for our own email and business operations.
Each of these acts as a data processor on our behalf and is required to protect your data.
6. International transfers
Some of our service providers (such as Netlify and Microsoft) are based in, or store data in, countries outside the UK, including the United States. Where data is transferred outside the UK, we rely on safeguards recognised under UK data protection law, such as the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or an adequacy decision (for example the UK Extension to the EU–US Data Privacy Framework).
7. How we protect your data
We take appropriate technical and organisational measures to keep your data secure, including encrypted connections (HTTPS) across our website, access controls, and use of reputable service providers with their own security measures. No method of transmission over the internet is completely secure, but we work to protect your data and follow good security practice.
8. Your rights
Under UK GDPR you have the right to:
- Be informed about how your data is used (this policy)
- Access the personal data we hold about you
- Have inaccurate data corrected
- Have your data erased ("right to be forgotten"), where applicable
- Restrict or object to our processing of your data
- Data portability, where applicable
- Withdraw consent at any time, where we rely on consent
To exercise any of these rights, email contact@nrjtech.co.uk. We will respond within one month.
9. Complaints
If you have a concern about how we handle your data, please contact us first and we'll do our best to put it right. You also have the right to complain to the UK's supervisory authority, the Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Helpline: 0303 123 1113
10. Changes to this policy
We may update this policy from time to time. The "last updated" date at the top shows when it was last revised. Significant changes will be reflected here.