top of page

Privacy Policy

1. Who we are

Featherstone Safety
Email: thomasfeatherstone@outlook.com
Phone: +44 7528 703903
Service area: Cotswolds | Oxfordshire | wider UK where agreed
ICO registration number: ICO:00013933398

For the purposes of UK data protection law, Featherstone Safety is the data controller for the personal information described in this Privacy Policy.

2. The personal information we collect

Depending on how you use our website or services, we may collect and use:

  • your name;

  • business name;

  • job title or role;

  • email address;

  • telephone number;

  • postal address, business address or site address;

  • details about your enquiry;

  • information you provide when requesting a quote;

  • information relevant to delivering our services;

  • billing and payment information;

  • correspondence between you and Featherstone Safety;

  • website usage data, where applicable;

  • information from forms, checklists, templates or documents you choose to send to us.

If you become a client, we may also process information needed to provide our services, such as workplace contact details, training records, accident or near-miss information, risk assessment information, site details, staff roles and responsibilities, and other information you choose to provide that is relevant to the agreed service.

3. Special category or sensitive information

In some cases, where relevant to the agreed service, we may process more sensitive information. This may include information relating to workplace accidents, injuries, health-related incidents, training or competence records, incident reports, or other safety-related records provided by you.

We will only process this type of information where it is necessary for the agreed service, where you have provided it to us, where it is needed for legal, insurance, risk management or record-keeping purposes, or where another lawful basis and special category condition applies.

We ask clients not to send unnecessary sensitive personal information unless it is relevant to the service being provided.

4. How we collect your information

We may collect personal data:

  • directly from you when you contact us;

  • when you complete a form on our website;

  • when you request a quote or book a service;

  • when you send us documents or information for review;

  • during the course of providing services to you;

  • through email, phone, video call or social media correspondence;

  • through cookies or analytics tools, where used on the website.

5. How we use your personal information

We may use your information to:

  • respond to enquiries;

  • provide quotations and proposals;

  • deliver our services;

  • prepare documents and records related to our services;

  • review documents, templates, risk assessments, action plans or safety arrangements;

  • manage client relationships;

  • provide follow-up support;

  • issue invoices and keep accounting records;

  • keep business and financial records;

  • improve our website, services and client experience;

  • manage insurance, legal or professional obligations;

  • comply with legal and regulatory obligations.

6. Our lawful bases for processing

We rely on one or more lawful bases when processing personal data. The ICO explains that at least one UK GDPR lawful basis is required whenever personal information is handled.

We generally rely on the following lawful bases:

Contract

Where processing is necessary to provide a quotation, take steps before entering into a contract, enter into a contract, or deliver agreed services to you.

Legitimate interests

Where processing is necessary for the legitimate interests of Featherstone Safety, such as responding to enquiries, managing client relationships, running our business, keeping appropriate records, improving our services, contacting relevant business contacts, and protecting our legal or commercial interests, provided those interests are not overridden by your rights and interests.

Legal obligation

Where we need to comply with legal or regulatory requirements, including tax, accounting, insurance, legal claims, data protection or other legal obligations.

Consent

Where consent is required, for example in relation to certain cookies or similar technologies, or where we ask your permission for a specific use of your information.

Where we rely on consent, you can withdraw that consent at any time.

7. Marketing communications

We may contact business contacts about our services where we believe there is a relevant and legitimate business interest, unless you have opted out.

If we send marketing or introductory emails, you can ask us to stop contacting you at any time by replying to the email or contacting us at:

thomasfeatherstone@outlook.com

We will not sell your personal data or share it with third parties for their own marketing purposes.

8. Cookies and website analytics

Our website may use cookies or similar technologies.

Some cookies may be essential for the website to function. Others, such as analytics or marketing cookies, may only be used with your consent where required.

Where non-essential cookies are used, our website should provide clear information and a way to accept or reject them. The ICO explains that consent for non-essential cookies must involve a clear positive action and should not rely simply on someone continuing to use the website.

If analytics, advertising pixels or non-essential cookies are used on this website, we will provide appropriate information through a cookie notice or cookie banner.

9. Who we share your information with

We do not sell your personal data.

We may share your personal information where necessary with trusted third parties such as:

  • website hosting or form providers;

  • email providers;

  • cloud storage providers;

  • payment processors;

  • accountants, bookkeepers or professional advisers;

  • insurers;

  • IT or software providers;

  • legal advisers;

  • regulators, authorities or law enforcement where required;

  • subcontractors or specialist consultants, but only where agreed or necessary for the service.

We only share information where it is necessary and appropriate for the operation of the business, delivery of services, or to comply with legal obligations.

10. International transfers

Some of the third-party services we use, such as website, email, cloud storage, analytics, payment or software providers, may process personal data outside the UK.

Where this happens, we take reasonable steps to ensure appropriate safeguards are in place, such as UK adequacy regulations, approved contractual protections, or other lawful transfer mechanisms.

11. How long we keep your information

We keep personal information only for as long as necessary for the purpose it was collected, including to:

  • respond to enquiries;

  • deliver services;

  • maintain business and financial records;

  • manage client relationships;

  • deal with legal, tax, insurance or regulatory requirements;

  • establish, exercise or defend legal claims.

As a general guide:

  • enquiry data may be kept for up to 12 months after your last contact;

  • client and project records may be kept for up to 6 years after the end of the service;

  • financial and invoice records may be kept for 6 years, or longer where required by law;

  • marketing contact information may be kept until you unsubscribe, object, or ask us to stop contacting you.

We may retain information for longer where necessary to establish, exercise or defend legal claims.

12. Data security

We take reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, disclosure, alteration or destruction.

These measures may include secure devices, password protection, controlled access, secure storage, appropriate software, and limiting access to information where possible.

However, no method of transmission over the internet or electronic storage is completely secure, so we cannot guarantee absolute security.

13. Personal data breaches

If we become aware of a personal data breach, we will assess the risk and take appropriate steps to contain and address it.

Where required by law, we will report relevant personal data breaches to the ICO and, where necessary, inform affected individuals. The ICO states that notifiable breaches should be reported without undue delay and, where feasible, within 72 hours of becoming aware of them.

14. Your data protection rights

Under UK data protection law, you may have the right to:

  • request access to your personal data;

  • ask for inaccurate data to be corrected;

  • ask for your data to be erased in certain circumstances;

  • ask us to restrict processing in certain circumstances;

  • object to processing based on legitimate interests;

  • request transfer of your data where applicable;

  • withdraw consent where we rely on consent.

To exercise any of these rights, please contact us at:

thomasfeatherstone@outlook.com

We may need to confirm your identity before responding to a request.

15. Complaints

If you are unhappy with how we handle your personal data, please contact us first so we can try to resolve the issue.

You also have the right to complain to the Information Commissioner’s Office.

Information Commissioner’s Office
Website: ico.org.uk
Phone: 0303 123 1113

16. Third-party links

Our website may contain links to third-party websites. We are not responsible for the privacy practices, content or security of those websites.

You should read their privacy policies separately.

17. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

Any changes will be posted on this page with an updated effective date or last updated date.

18. Contact us

For any questions about this Privacy Policy or how we handle personal data, please contact:

Thomas Featherstone
Featherstone Safety
Email: thomasfeatherstone@outlook.com
Phone: +44 7528 703903

bottom of page