Skip to main content

Privacy Policy

1. Introduction

Finney and Hardicker Limited (“Company”, “we”, “our”, “us”) is committed to protecting the privacy and security
of personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
This Privacy Policy explains how we collect, process, store, and share personal data and your rights in relation to such data.

2. Data Controller

The Company is the Data Controller for personal information collected through our website, services, or other communications.

3. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Contact information: name, email address, postal address, and telephone number;
  • Identification information: job title, company name, and business contact details;
  • Website usage information: IP address, browser type, operating system, pages viewed, and session duration;
  • Marketing preferences and communication history.

4. Lawful Basis for Processing

We process personal data on the following lawful bases:

  • Consent: where you have explicitly opted-in for marketing communications;
  • Contractual necessity: where processing is necessary to provide services you have requested;
  • Legal obligation: where we must process data to comply with statutory requirements;
  • Legitimate interests: where processing is necessary for our business operations, security, and fraud prevention.

5. Purpose of Processing

We use personal data for purposes including but not limited to:

  • Responding to enquiries and providing requested services;
  • Maintaining and improving our website and services;
  • Communicating marketing information (subject to consent);
  • Legal, regulatory, and compliance obligations.

6. Sharing and Disclosure of Personal Data

We will not sell, rent, or trade personal data. Personal data may be shared with:

  • Service providers who process data on our behalf (e.g., IT, marketing, and analytics providers);
  • Regulatory or law enforcement authorities, where required by law;
  • Potential acquirers in the context of business mergers or asset sales.

7. International Transfers

Where personal data is transferred outside the UK, we will ensure appropriate safeguards, such as
standard contractual clauses approved by the UK Information Commissioner’s Office, are in place.

8. Data Retention

Personal data will be retained only for as long as necessary to fulfil the purposes outlined in this Policy
or to comply with legal obligations. Retention periods will vary depending on the type of data and purpose of processing.

9. Your Rights

You have the following rights under UK GDPR:

  • Right of access;
  • Right to rectification;
  • Right to erasure;
  • Right to restrict processing;
  • Right to object to processing;
  • Right to data portability;
  • Right to withdraw consent at any time.

Requests to exercise these rights should be directed to:
Insert contact email/address

10. Security

We implement appropriate technical and organisational measures to protect personal data against
unauthorised or unlawful processing, accidental loss, destruction, or damage.

11. Changes to this Policy

We may update this Privacy Policy periodically. The most recent version will always be available on our website.