Abbotts Advisory Limited (“we”, “us”, “our”) is committed to protecting and respecting your personal data. This Privacy Policy explains how we collect, use, store, and protect personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
We act as a data controller in relation to our own business activities. Where we handle personal data on behalf of clients as part of a consulting engagement, we may also act as a data processor. Our approach to that role is set out in Section 9 below. If you have any questions, please contact us using the details in Section 2.
Company name: Abbotts Advisory Limited
Company number: 17157156
Registered office: Pipers Ridge, Brampton Abbotts, HR9 7JD
Data protection contact: contact@abbottsadvisory.co.uk
ICO Registration Number: ZC135669
We collect and process only the minimum personal data necessary to operate our business. This may include:
We do not intentionally collect sensitive personal data (special category data) as part of our ordinary business activities.
We do not use personal data for automated decision-making or profiling. Where we rely on consent as a lawful basis, you have the right to withdraw that consent at any time.
When data is no longer required, it is securely deleted or destroyed.
We do not sell or share personal data for marketing purposes. We may share personal data with trusted third parties where necessary to operate our business, including professional advisers, IT and cloud service providers, and business tools used for project management and communication. Where third parties process personal data on our behalf, we ensure appropriate contractual safeguards are in place.
Where we are engaged to deliver consultancy services, we may access or process personal data belonging to our clients or their end customers. In these circumstances, we act as a data processor on behalf of the client, who remains the data controller. We handle client data only as directed by the client, apply the same safeguards as we apply to our own data, and do not use, retain, or disclose client data beyond what is required to fulfil the engagement. Where required, we will agree a formal Data Processing Agreement prior to commencing work involving personal data.
Some of our service providers may process personal data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as transfer to countries covered by UK adequacy regulations or standard contractual clauses approved under UK data protection law.
We may use AI-based tools to support internal productivity. Where AI tools are used, no client personal data is knowingly shared with or used to train external AI models, data is handled in a controlled and proportionate manner, and human oversight is always applied to any AI-assisted output.
Our website does not set any cookies. A separate Cookie Policy is available on our website for further detail.
Our services are directed at business professionals and organisations. We do not knowingly collect personal data from individuals under the age of 18.
Under UK GDPR, you have the following rights in relation to your personal data:
To exercise any of these rights, please contact us at contact@abbottsadvisory.co.uk.
In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and, where required, notify affected individuals without undue delay.
If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk or on 0303 123 1113. We would appreciate the opportunity to address your concerns directly in the first instance.
We may update this Privacy Policy from time to time. The latest version will always be available on our website at abbottsadvisory.co.uk.