Opal Privacy Policy

1. Introduction
Opal Access Limited is committed to protecting and respecting your privacy.
This policy explains how we collect, use and protect your personal data when you use our website or contact us regarding our services.
We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Who We Are
Opal Access Limited
Registered in the United Kingdom
(Insert registered office address)
(Insert company number)
Email: (Insert contact email)
Phone: (Insert phone number)
For the purposes of data protection law, Opal Access Limited is the data controller.
3. What Data We Collect
We may collect and process the following types of personal data:
Information you provide directly:

• Name

• Email address

• Telephone number

• Company name

• Enquiry details submitted via forms or email

Automatically collected data:

• IP address

• Browser type and version

• Pages visited and time spent on site

• Device and usage data

4. How We Use Your Data
We use your data to:

• Respond to enquiries and provide quotations

• Deliver and manage our services

• Communicate with you about projects or requests

• Improve our website and user experience

• Meet legal and regulatory obligations

We do not sell or rent your personal data to third parties.
5. Lawful Basis for Processing
We process your personal data under the following lawful bases:

• Legitimate interests – responding to enquiries and running our business

• Contract – where processing is necessary to deliver services

• Legal obligation – where required by law

• Consent – where applicable (e.g. cookies or marketing)

6. Data Sharing
We may share your data with:

• Professional advisors (accountants, legal advisors)

• Service providers (e.g. website hosting, analytics providers)

• Regulatory authorities where required

All third parties are required to respect the security of your data and process it lawfully.
7. Data Retention
We only retain personal data for as long as necessary:

• Enquiry data: typically up to 12 months

• Client/project data: retained in line with contractual and legal requirements

• Financial records: retained for statutory periods (usually 6 years)

8. Your Rights
Under UK GDPR, you have the right to:

• Access your personal data

• Request correction of inaccurate data

• Request deletion of your data (where applicable)

• Restrict or object to processing

• Request data portability

• Withdraw consent where processing is based on consent

To exercise your rights, contact us using the details above.
9. Cookies
Our website uses cookies to improve functionality and analyse website traffic.
These may include:

• Essential cookies (required for site operation)

• Analytics cookies (e.g. Google Analytics)

You can control or disable cookies through your browser settings. Where required, consent will be obtained via a cookie banner.
10. Data Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss or misuse.
11. Third-Party Links
Our website may contain links to external websites. We are not responsible for the privacy practices of those sites.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page.
13. Contact
If you have any questions about this policy or how your data is handled, please contact:
Email: (Insert email)
Phone: (Insert number)