Privacy Policy

Last Updated: 29 October 2025

At Ignis Risk Management Limited, we are committed to protecting your privacy and ensuring compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website (ignisrisk.co.uk), use our services, or interact with us.

1. Who We Are

We are Ignis Risk Management Limited, a fire safety consultancy registered in England with the following details:

  • Registered Address: 23 Lower Brook Street, Ipswich, IP4 1AQ
  • Company Number: 12859562
  • Contact Email: info@ignisrisk.co.uk
  • Data Protection Officer: Liam Bee

We are the data controller responsible for your personal data.

2. Data We Collect

We may collect and process the following personal data:

  • Contact Information: Name, email address, phone number, and other details you provide via our contact forms or when requesting services.
  • Website Usage Data: IP address, browser type, device information, pages visited, and time spent on our site, collected via cookies and analytics tools (e.g., Google Analytics).
  • Marketing Preferences: Your consent to receive newsletters or promotional emails.
  • Correspondence: Records of communications with us, including emails or support requests.

We do not collect special categories of personal data (e.g., health, religion) unless explicitly required and consented to for specific services.

3. How We Collect Your Data

We collect data through:

  • Direct Interactions: When you fill out forms (e.g., contact or enquiry forms), subscribe to newsletters, or contact us via email or phone.
  • Automated Technologies: Cookies, server logs, and analytics tools that track your interaction with our website.
  • Third Parties: Analytics providers (e.g., Google Analytics) or social media platforms (e.g., X, LinkedIn).

4. How We Use Your Data

We use your data to:

  • Respond to enquiries and provide our fire safety consultancy services.
  • Improve our website’s functionality and user experience.
  • Send marketing communications (only with your explicit consent).
  • Comply with legal obligations (e.g., record-keeping for regulatory compliance).
  • Analyse website performance and visitor behaviour (e.g., via anonymised analytics).

Our lawful bases for processing under UK GDPR include:

  • Consent: For marketing emails or non-essential cookies.
  • Contract: To fulfil services you’ve requested.
  • Legitimate Interests: For website analytics, security, and improving services (where your rights are not overridden).
  • Legal Obligation: For compliance with UK laws.

5. Cookies

Our website uses cookies to enhance functionality, performance, and user experience. Cookies may include:

  • Essential Cookies: Required for site operation (e.g., navigation, form submissions).
  • Analytics Cookies: To track site usage (e.g., Google Analytics).
  • Marketing Cookies: To deliver personalised ads (if applicable).

You can manage cookie preferences via our cookie consent banner, displayed on your first visit. You may also disable cookies in your browser settings, but this may affect site functionality.

6. Sharing Your Data

We do not sell your personal data. We may share data with:

  • Service Providers: Trusted third parties providing hosting, analytics, or communication services (e.g., Google Analytics, WPForms, LiteSpeed Cache), all compliant with UK GDPR.
  • Legal Authorities: If required by law or to protect our rights.

All third parties are bound by data protection agreements to ensure your data’s security.

7. International Data Transfers

Some third-party services (e.g., Google Analytics) may process data outside the UK. We ensure these transfers comply with UK GDPR through:

  • Standard Contractual Clauses (SCCs).
  • Data protection agreements with adequate safeguards.

8. Data Security

We implement robust security measures, including:

  • SSL encryption (HTTPS) for data transmission.
  • Regular software updates and backups.
  • Access controls to limit data handling to authorised personnel.

Despite our efforts, no online system is 100% secure. We will notify you and the ICO within 72 hours of any data breach, as required by UK GDPR.

9. Data Retention

We retain data only as long as necessary:

  • Contact Form Data: Up to 2 years, unless required for ongoing services.
  • Analytics Data: Up to 26 months (Google Analytics default).
  • Marketing Data: Until you unsubscribe or consent is withdrawn.
  • Legal Records: As required by UK law (e.g., 6 years for tax purposes).

Data no longer needed is securely deleted or anonymised.

10. Your Rights

Under UK GDPR, you have the right to:

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate data.
  • Erasure: Request deletion of your data (subject to legal obligations).
  • Restriction: Limit data processing in certain cases.
  • Objection: Object to processing based on legitimate interests (e.g., marketing).
  • Data Portability: Receive your data in a structured, machine-readable format.
  • Withdraw Consent: Opt out of marketing or cookies at any time.

To exercise these rights, contact us at info@ignisrisk.co.uk. We will respond within 1 month, free of charge, unless requests are complex or excessive.

11. Third-Party Links

Our website may contain links to third-party sites (e.g., X, LinkedIn). We are not responsible for their privacy practices. Please review their policies before sharing data.

12. Complaints

If you have concerns about our data practices, contact us at info@ignisrisk.co.uk. You may also lodge a complaint with the UK’s Information Commissioner’s Office (ICO):

13. Changes to This Policy

We may update this Privacy Policy to reflect legal or operational changes. Updates will be posted here with a revised “Last Updated” date. Significant changes will be communicated via email or a website notice.

14. Contact Us

For questions or to exercise your data rights, contact: