PRIVACY POLICY

1. Introduction Spaniae Risk Management is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR 2025) and the Data Protection Act 2018.

2. Data We Collect We may collect the following types of personal data:

  • Identity Data: Name, surname, company details.

  • Contact Data: Email address, phone number, postal address.

  • Technical Data: IP address, browser type, device information.

  • Usage Data: Information about how you use our website and services.

  • Security Data: If you use our security services, we may collect relevant information as required by law.

3. How We Collect Data We collect personal data through:

  • Forms on our website.

  • Direct interactions (emails, calls, or meetings).

  • Automated technologies (cookies, server logs, and analytics tools).

4. How We Use Your Data We process your data for the following purposes:

  • To provide and manage our security services.

  • To communicate with you and respond to inquiries.

  • To improve our website and customer experience.

  • To comply with legal and regulatory obligations.

  • For security and fraud prevention purposes.

5. Legal Basis for Processing Data We process personal data based on the following legal grounds:

  • Consent: When you provide explicit consent (e.g., newsletter subscriptions).

  • Contractual Necessity: To perform services you have requested.

  • Legal Obligation: To comply with UK laws and regulations.

  • Legitimate Interest: To enhance our services and maintain security standards.

6. Data Sharing and Third Parties We do not sell your personal data. However, we may share it with:

  • Service providers (e.g., IT support, analytics providers).

  • Law enforcement or regulatory authorities when required.

  • Business partners when necessary to deliver our services.

7. International Data Transfers As an international security services provider, we may transfer personal data outside the UK. In such cases, we ensure that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place.

8. Data Retention We retain personal data only as long as necessary for the purposes outlined in this policy or as required by law. Once no longer needed, data is securely deleted or anonymised.

9. Your Rights Under UK GDPR 2025, you have the following rights:

  • Right to access your data.

  • Right to rectification (correct inaccurate data).

  • Right to erasure (“right to be forgotten”).

  • Right to restrict processing.

  • Right to data portability.

  • Right to object to processing.

  • Right to lodge a complaint with the Information Commissioner’s Office (ICO).

10. Security Measures We implement technical and organisational measures to safeguard personal data, including encryption, access controls, and regular security assessments.

11. Changes to This Policy We may update this Privacy Policy as necessary. Any changes will be posted on our website with an updated “Last Updated” date.

12. Contact Information For any inquiries about this Privacy Policy or to exercise your rights, contact us at:

  • Email: enquires@spaniaerisk.com

  • Postal Address: 128 City Road, London EC1V 2NX, United Kingdom

  • Phone: +34637444891

Last updated: 03/ 2025