Privacy Policy

Effective Date: 19 May 2026

This Privacy Policy explains how Aztec Metalwork Ltd (“we”, “us”, “our”) collects, uses, stores, and protects personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Information We Collect

We may collect and process the following types of personal data:

Identity information such as name and business name (if provided)

Contact information such as email address, telephone number, and postal address

Enquiry details including project specifications, quotes, and correspondence

Transaction information such as order history and payment status (where applicable)

Technical data such as IP address, browser type, and device information when interacting with our website

Usage data relating to how you use our website or services

We only collect data that is necessary for legitimate business purposes.

2. How We Use Your Information

We use personal data to:

Respond to enquiries and provide quotations

Deliver products and services

Manage customer relationships

Process transactions and maintain records

Improve our services and website functionality

Comply with legal and regulatory obligations

3. Lawful Basis for Processing

We process personal data under the following lawful bases:

Contractual necessity – to provide goods or services requested

Legitimate interests – to operate and improve our business

Legal obligation – where required by law or regulation

Consent – where you have explicitly agreed (for example, marketing communications where applicable)

4. Data Sharing

We do not sell personal data.

We may share data with:

Service providers assisting with business operations (e.g. IT support, delivery services, or subcontractors)

Professional advisers such as accountants or legal representatives

Regulatory bodies where required by law

All third parties are required to handle personal data securely and in compliance with UK GDPR.

5. Data Retention

We retain personal data only for as long as necessary to:

Fulfil the purposes for which it was collected

Meet legal, accounting, or reporting requirements

Retention periods vary depending on the nature of the data and legal obligations.

6. Cookies and Website Tracking

If we operate a website, it may use cookies or similar technologies to:

Improve user experience

Analyse website traffic and performance

Ensure website functionality

You may control or disable cookies through your browser settings.

7. Your Data Protection Rights

Under UK GDPR, you have the right to:

Access your personal data

Request correction of inaccurate data

Request deletion of your data (where applicable)

Object to or restrict processing

Request data portability

Withdraw consent at any time (where consent is the lawful basis)

Requests will be handled in accordance with applicable data protection law.

8. Data Security

We take appropriate technical and organisational measures to protect personal data against:

Unauthorised access

Loss or misuse

Alteration or disclosure

These measures are regularly reviewed and updated where necessary.

9. International Transfers

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place to protect your information in accordance with UK GDPR requirements.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. The latest version will always apply.

If you want, I can also turn this into a website-ready version (HTML) or add a cookie policy and terms and conditions to match it.