Privacy & GDPR

General Data Protection Regulation & Privacy Statement

 

GDPR Privacy Statement

Enviss Ltd (“we”, “us”, “our”) is committed to protecting and respecting your privacy in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This statement explains how we collect, use, store, and share your personal data when you visit our website or engage our consultancy services.

Data Controller

Enviss Ltd
Registered Office: 71-75 Shelton Street, Covent Garden, London. WC2H 9JQ
Company Number:  16656732
ICO Registration Reference: ZB962354

If you have any questions about this statement or how we process your data, please contact our Data Protection Officer at privacy@enviss.co.uk.

Personal Data We Collect

We may collect the following categories of personal data:

  • Contact information (name, email address, telephone number)
  • Organisation details and job title when you request tailored consultancy services
  • Usage data (IP address, browser type, pages visited) when you browse our website
  • Cookies and tracking technologies to improve website performance and user experience

Purpose and Lawful Basis for Processing

We process your personal data for the following purposes:

  • Responding to enquiries and providing consultancy services (Contractual necessity)
  • Sending marketing communications where you have consented (Consent)
  • Improving our website and service offerings (Legitimate interests)
  • Complying with legal and regulatory obligations (Legal obligation)

Data Retention

We retain your personal data only as long as necessary for the purposes stated above, specifically:

  • Enquiry and project records: up to 7 years after project completion
  • Marketing consent records: until you withdraw consent
  • Website analytics data: aggregated or anonymised after 13 months
  • Financial and compliance records: up to 7 years to meet statutory requirements

Data Sharing and Transfers

We do not sell your personal data. We may share data with:

  • Authorized third-party service providers (IT hosting, analytics platforms) under strict confidentiality agreements
  • Regulatory bodies or law enforcement if legally required
  • Professional advisers (accountants, auditors) for compliance purposes

All third-party processors adhere to GDPR requirements and safeguard your rights.

Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate or incomplete data
  • Erase data where there is no lawful basis for processing
  • Restrict or object to certain processing activities
  • Port your data to another controller where feasible
  • Withdraw consent at any time for marketing communications

To exercise any of these rights, please write to privacy@enviss.co.uk or contact our registered office.

Cookies and Tracking

Our website uses cookies to distinguish you from other users, improve usability, and gather analytics. You can manage your cookie preferences via your browser settings.