GDPR & Data Protection Policy [Insert Company Name]

Effective Date: 14/04/2026
Last Updated: 14/04/2026

 

1. Introduction

corb Biogas Consultancy LTD provides consultancy services and is committed to ensuring the security and protection of the personal information that we process. We comply with all applicable data protection laws, including the UK/EU General Data Protection Regulation (GDPR). Lumière Consultancy

 

2. Scope

This policy applies to all employees, workers, and consultants working on behalf of [Insert Company Name]. It covers all personal data processed by us, whether electronically or on paper, relating to clients, contacts, and other third parties. Joint Industry Board +4

 

3. Data Protection Principles

We process personal data in accordance with the following seven principles:

• Lawfulness, fairness, and transparency: Processed lawfully, fairly, and in a transparent manner.
• Purpose limitation: Collected only for specified, explicit, and legitimate purposes.
• Data minimisation: Adequate, relevant, and limited to what is necessary.
• Accuracy: Accurate and kept up to date.
• Storage limitation: Kept only for as long as necessary.
• Integrity and confidentiality (Security): Processed securely to prevent unauthorised access, loss, or destruction.
• Accountability: We take responsibility for complying with these principles. Joint Industry Board +1

 

4. Data We Collect

As a consultancy, we may collect:

• Personal details: Names, addresses, contact details (email/phone).
• Business information: Job roles, company details.
• Financial information: Bank details, VAT numbers (if necessary for billing).
• Project data: Information required to perform consultancy services. Rocket Lawyer +1

 

5. Lawful Basis for Processing 

We only process data when we have a legal basis to do so, primarily: 

• Contract: To perform the consultancy contract between us.
• Legitimate Interests: For our legitimate business interests (e.g., providing services, direct marketing), provided these do not override your rights.
• Legal Obligation: To comply with legal requirements. www.syntaxconsultancy.com +1

 

6. Data Subject Rights

Individuals have the following rights, which we will uphold:

• Right to be informed: About how we use their data.
• Right of access: To receive a copy of their data.
• Right to rectification: To correct inaccurate data.
• Right to erasure (Right to be forgotten): To request deletion of data.
• Right to restrict processing: To limit how we use data.
• Right to data portability: To receive data in a usable format.
• Right to object: To our use of their data. Levett Consultancy +2

 

7. Data Security

We implement appropriate technical and organisational measures to protect personal data, including: 

• Storing data securely on encrypted, password-protected servers.
• Limiting access to personal data to staff who need it for their work.
• Using secure, compliant third-party software (e.g., CRM systems). Kind Consultancy +3

 

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. www.syntaxconsultancy.com +4

 

9. Data Breaches

We have procedures in place to deal with any suspected personal data breach. In the event of a breach that poses a high risk to individuals, we will notify the affected individuals and the relevant supervisory authority (e.g., the ICO in the UK) within 72 hours. grcsolutions.io +4

 

10. Contact Information

If you have any questions about this policy or our data protection practices, please contact:

• Paul Corbridge
• Email: info@corbbiogasconsutlancy.co.uk
• Phone: 07495 517011