This Privacy Policy informs you about how DNZ Consultancy Limited uses and protects any personal data you provide to us, including through our website at www.dnzconsultancy.co.uk (our “Site”). We are committed to protecting and respecting your privacy in compliance with the UK GDPR and the Data Protection Act 2018.

1. Important Information and Who We Are

Data Controller

DNZ Consultancy Limited is the data controller and is responsible for your personal data collected via this Site or during our business interactions (referred to as “We”, “Our”, or “Us”).

Professional Status

DNZ Consultancy Limited is a consultancy company. Our principal/founder is registered with the Solicitors Regulation Authority (SRA) as a Registered Foreign Lawyer (RFL). While the company itself is not a registered law firm, we maintain the highest standards of professional conduct, integrity, and client confidentiality in line with our professional obligations.

Privacy Manager

We have appointed a Privacy Manager to oversee data protection matters. If you have any questions about this Privacy Policy, please contact our Privacy Manager at: deniz@dnzconsultancy.co.uk (Subject line: ‘For the attention of the Privacy Manager’).

Your Duty to Inform Us

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

2. The Data We Collect About You

Personal data means any information about an individual from which that person can be identified. We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together as follows:

• Identity Data: Includes your first name and last name.
• Contact Data: Includes your email address, telephone number, billing address, and corporate address.
• Enquiry & Correspondence Data: Includes details about your enquiries regarding our advisory services and any communications exchanged between us.
• Technical Data: Includes your internet protocol (IP) address, browser type and version, time zone setting, operating system, and platform used to access our Site.

We do not collect any Special Categories of Personal Data about you (such as details about your race, religious beliefs, sexual orientation, political opinions, or health information), nor do we collect any information about criminal convictions and offences unless strictly necessary to perform a legal service or comply with a statutory obligation.

3. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we use your data in the following circumstances:

• Performance of a Contract: Where it is necessary to perform the contract we are about to enter into or have entered into with you for our advisory services.
• Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., managing our business operation and securing our IT infrastructure).
• Legal or Regulatory Obligation: Where we need to comply with a legal or regulatory obligation (e.g., identity verification and anti-money laundering checks).

No Marketing

We do not engage in direct marketing or targeted promotional activities using your personal data. We do not use your information to track your behavior across third-party websites for advertising purposes.

4. Sharing Your Personal Data

We treat all information provided to us with the strictest confidentiality. We may share your personal data only with the following parties for the purposes set out above:

• Internal colleagues, employees, or self-employed consultants who require access to provide services.
• Professional advisers including lawyers, bankers, auditors, and insurers.
• Regulators and authorities (such as HM Revenue & Customs, the SRA, or the Information Commissioner’s Office) who require reporting of processing activities in certain circumstances.
• Trusted third-party service providers who provide IT, system administration, and essential website hosting services.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. Third-party providers are only permitted to process your data based on our explicit instructions.

5. Cookies

Our Site uses essential and functional cookies to ensure the website operates correctly and securely. You can set your browser to refuse all or some browser cookies. If you disable or refuse cookies, please note that some parts of this Site may become inaccessible or not function properly.

6. International Transfers

If we transfer your personal data outside the United Kingdom, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• Transferring data to countries that have been deemed to provide an adequate level of protection by the UK authorities.
• Using specific Standard Contractual Clauses (SCCs) or International Data Transfer Agreements (IDTAs) approved for use in the UK which give personal data the same protection it has in the UK.

7. Data Security

We have put in place appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. Access to your personal data is strictly limited to those who have a business need to know.

8. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements.

9. Your Legal Rights

Under data protection laws, you have rights in relation to your personal data, including the right to request access, correction, erasure, restriction, or transfer of your personal data, or to object to its processing.

If you wish to exercise any of these rights, please email us at deniz@dnzconsultancy.co.uk.

You also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us first.

10. Third-Party Links

Our Site may include links to third-party websites, plug-ins, and applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.