top of page

Privacy Policy

 

Introduction

AEY Strategic Risk Consultancy Ltd ("we", "our", "us") is committed to the highest standards of data security and information governance. This policy outlines how we collect, process, and protect your personal data when you interact with our website or engage our consultancy services, in strict accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Collection & Scope

As a B2B consultancy, we minimize the collection of personal data. We may collect and process the following information:

  • Identity & Contact Data: Names, professional titles, corporate email addresses, and phone numbers provided via our contact forms or direct correspondence.

  • Technical Data: Internet Protocol (IP) addresses, browser types, and standard analytics data gathered by our website hosting infrastructure to ensure site security and optimize user experience.

Purpose & Lawful Basis for Processing

We will only use your personal data when the law allows us to. Most commonly, we process data under the following lawful bases:

  • Performance of a Contract: To provide you with requested strategic risk governance proposals, audit reports, and consultancy services.

  • Legitimate Interests: To maintain the security of our digital infrastructure, manage corporate administration, and respond to professional inquiries.

  • Legal Compliance: To fulfill statutory or regulatory obligations, including financial reporting.

Data Infrastructure & Third-Party Processing

AEY Strategic Risk Consultancy Ltd operates a secure digital ecosystem. We do not sell, trade, or otherwise exploit personal data. To facilitate our operations, data may be securely processed by trusted enterprise partners, including:

  • Our website hosting and infrastructure provider (Wix).

  • Our regulated corporate banking partners.

  • Secure cloud-based document management systems used for audit and report generation.

  • Note: All third-party providers are strictly vetted for UK GDPR compliance.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. Professional correspondence and project data are securely archived in line with standard industry liability periods.

Your Legal Rights Under UK Data Protection Laws 

You possess rights regarding your personal data, including the right to:

  • Request access to your personal data.

  • Request correction of incomplete or inaccurate data.

  • Request erasure of your data under specific circumstances.

  • Object to the processing of your data.

Contact Information

If you have any questions regarding this Information Governance & Privacy Policy, or wish to exercise your legal rights, please contact our administrative team:

AEY Strategic Risk Consultancy Ltd Email: [Insert your professional email, e.g., info@aeyrisk.com]

Registered Address: [Insert your Edgcott address]

Company Registration Number: [Insert Companies House Number once registered]

bottom of page