Privacy Policy

1.0 Introduction 

Franks Portlock Consulting Ltd (hereinafter referred to as the “Company”, “We”, “Us” or “Our”) is committed to safeguarding personal data and protecting the privacy of individuals. 

This Privacy Policy explains how we collect, use, disclose and protect personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations (PECR). 

This policy applies to: 

• Visitors to our website 

• Individuals who contact or are contacted by the Company 

• Clients and prospective clients using our services 

• Individuals engaging with our marketing or training services 

2.0 Data Controller 

Franks Portlock Consulting Ltd is the data controller for the purposes of applicable data protection legislation. 

For all data protection enquiries and to exercise your rights, please contact: 

• Email: [email protected] 

• Telephone: 0191 4193116 

• Address: Unit 1A Hylton Park, Sunderland, SR5 3HD 

3.0 Data We Collect 

We may collect and process the following categories of personal data: 

• Identity Data: Full name, job title 

• Contact Data: Email address, telephone number, postal address 

• Professional Data: Organisation, role, training and certification records 

• Financial Data: Bank details for billing and payment history 

• Transaction Data: Invoices and services requested or delivered 

• Technical Data: IP address, device and browser type, usage data from visits to our website 

• Engagement Data: Areas of interest, correspondence and marketing preferences 

• Property Information: Site or project-related plans and documentation 

4.0 How We Collect Your Data 

We collect personal data through: 

• Direct interactions (telephone, email, post or face-to-face) 

• Website forms and enquiries 

• Service contracts and proposals 

• Training registrations and surveys 

• Automated technologies such as website analytics 

• Trusted third-party sources, including publicly available information and tendering platforms 

5.0 How We Use Your Personal Data 

We process personal data only where there is a lawful basis to do so. These lawful bases include performance of a contract, compliance with a legal obligation, legitimate interests or consent where required. 

We use personal data for the following purposes: 

• Delivering services and managing contracts 

• Responding to enquiries and providing support 

• Maintaining training and certification records 

• Sending service updates and marketing communications where permitted 

• Improving website functionality and user experience 

• Managing financial records and legal compliance 

• Conducting customer feedback and surveys 

6.0 Marketing and PECR 

In accordance with the Privacy and Electronic Communications Regulations (PECR), we will only send marketing communications where: 

• You have provided consent; or 

• You are an existing customer, and the communication relates to similar services. 

• You can opt out of marketing communications at any time by using the unsubscribe link or by contacting us at [email protected] 

We do not sell, trade or rent personal data to third parties. 

7.0 Cookies and Tracking 

We use cookies and similar technologies to: 

• Understand how visitors use our website 

• Improve functionality and performance 

Where non-essential cookies are used, we will obtain your consent in accordance with PECR. Cookie preferences can be managed through your browser or cookie settings where available. 

8.0 Sharing Your Data 

We may share personal data with: 

• Employees, contractors and consultants on a need-to-know basis 

• Service providers, including IT support, payment processors and marketing platforms 

• Regulatory authorities, legal advisors or courts where required 

• Tendering partners where necessary for contract delivery or references 

• All data sharing is subject to appropriate confidentiality and data protection safeguards. 

9.0 International Transfers 

We do not routinely transfer personal data outside of the UK or European Economic Area (EEA). 

Where such transfers are necessary, they will only take place where appropriate safeguards are in place, including adequacy regulations or approved transfer mechanisms such as the UK International Data Transfer Agreement (IDTA). 

10.0 Data Retention 

We retain personal data only for as long as necessary to: 

• Fulfil the purposes outlined in this Policy 

• Comply with legal and regulatory requirements 

• Establish, exercise or defend legal claims 

For example, financial records are typically retained for a minimum of 7 years in line with tax legislation. 

11.0 Data Security 

We implement appropriate technical and organisational measures to protect personal data, including: 

• Secure systems and network protections 

• Controlled access to authorised personnel 

• Encryption and secure backups 

• Staff training and internal data protection policies 

12.0 Your Rights 

Under data protection legislation, you have the right to: 

• Access your personal data 

• Request correction of inaccurate or incomplete data 

• Request erasure of your data where applicable 

• Restrict processing of your data 

• Object to processing based on legitimate interests or for direct marketing 

• Request data portability 

• Withdraw consent where consent is relied upon 

To exercise your rights, please contact: [email protected]. We may request identification to verify your request. 

13.0 Complaints 

If you are not satisfied with how your personal data is handled, you may raise a complaint with the Information Commissioner’s Office (ICO): 

Website: https://ico.org.uk/make-a-complaint/ 

Telephone: 0303 123 1113 

Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF 

14.0 Review 

This Policy will be reviewed periodically to ensure that it remains accurate, effective and aligned with legal requirements and operational practices.