Privacy & Data Protection

Privacy Policy

This policy explains how Barrowman Services Ltd collects, uses, stores, and protects personal data in line with the UK GDPR, the EU GDPR where applicable, and the Data Protection Act 2018.

Controller Barrowman Services Ltd
ICO Registration ZC115915
Last Updated 24 April 2026

1. Personal Data We Collect

Personal data may be collected when enquiries are submitted through the website or when direct contact is made by email. This may include name, email address, organisation details, and project information voluntarily provided.

2. Lawful Bases for Processing

Data is processed only where there is a lawful basis under Article 6 GDPR, including:

  • Legitimate interests, for responding to business enquiries and managing client relationships.
  • Contract, where processing is necessary to deliver services or take steps before entering a contract.
  • Legal obligation, where records must be retained to meet legal or regulatory requirements.
  • Consent, where required for specific optional communications.

3. How Data Is Used

  • To respond to enquiries and provide requested information.
  • To deliver consultancy, training, and advisory services.
  • To maintain internal records, improve services, and manage operations securely.
  • To comply with legal, accounting, and regulatory obligations.

4. Data Sharing and Transfers

Personal data is not sold. Data may be shared with trusted service providers where necessary to run the website or deliver services, under appropriate data processing agreements. If data is transferred outside the UK or EEA, suitable safeguards are applied, such as adequacy regulations or standard contractual clauses.

5. Data Retention

Personal data is retained only for as long as necessary for the purposes set out in this policy, including legal, contractual, and operational requirements. Retention periods are reviewed periodically.

6. Data Subject Rights

Individuals have rights under GDPR, including the right to access, rectify, erase, restrict processing, object, and data portability where applicable. Requests can be made using the contact details below. Individuals also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).

7. Security Measures

Appropriate technical and organisational security measures are used to help protect personal data against unauthorised access, disclosure, alteration, or loss.

8. Contact

For privacy questions or to exercise data rights, contact outreach@barrowmanservices.co.uk.