Legal

Privacy Policy

How we collect, use and protect your personal data — in accordance with UK GDPR and the Data Protection Act 2018.

Last updated: March 2025
Section 1

Aim

E2E Integration Ltd aims to ensure that all Personal and Special Category Data that is provided to us is stored and processed in accordance with the Data Protection Act 2018 and UK GDPR.

This applies to all data, regardless of whether it is in paper or electronic format.

Section 2

Legislation & Guidance

This Data Privacy Notice meets the requirements of the Data Protection Act 2018 and UK GDPR, and is based on guidance published by the Information Commissioner's Office.

Section 3

Roles & Responsibilities

The Directors have overall responsibility for ensuring that E2E Integration Ltd complies with its obligations. Day-to-day responsibilities rest with our Data Protection Officer, who ensures that all staff are aware of their data protection obligations and oversees any queries related to the storing or processing of personal data.

Section 4

Definitions

TermDefinition
Personal data Data from which a person can be identified, including data that, when combined with other readily available information, leads to a person being identified.
Special Category Data Data such as: racial or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; sex life; sexual orientation; genetic data; biometric data; physical and mental health; whether a person has committed, or is alleged to have committed, an offence. This does not include personal data about criminal allegations, proceedings or convictions, as separate rules apply.
Processing Obtaining, recording or holding data.
Data subject The person whose personal data is held or processed.
Data Controller A person or organisation that determines the purposes for which, and the manner in which, personal data is processed.
Data Processor A person, other than an employee of the Data Controller, who processes the data on behalf of the Data Controller.
Section 5

Data Protection Principles

All personal data we hold is processed in accordance with the following principles:

  • Processed lawfully, fairly and in a transparent manner.
  • Collected for specified, explicit and legitimate purposes ('purpose limitation').
  • Adequate, relevant and limited to what is necessary.
  • Accurate and, where necessary, kept up to date.
  • Kept in a form which permits identification of data subjects for no longer than is necessary.
  • Processed in a manner that ensures appropriate security of the personal data.
Section 6

Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access — you have the right to ask us for copies of your personal information.
  • Right to rectification — you have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Right to erasure — you have the right to ask us to erase your personal information in certain circumstances.
  • Right to restriction of processing — you have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Right to object to processing — you have the right to object to the processing of your personal information in certain circumstances.
  • Right to data portability — you have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Please contact us at dpo@e2e-integration.co.uk if you wish to make a request.

Section 7

Privacy & Fair Processing

We hold Personal Data about our clients and our third-party strategic partners so that we can deliver our products and services. We may, from time to time, access our clients' systems as part of our services. Our access for fixing IT issues does not involve the processing of data. We, and occasionally our third-party strategic partners, may be able to see the data that our clients hold. Our DPO and Data Redaction service will include the processing of our clients' data and may use fully compliant third-party software. The Data Controller/Data Processor information and agreement is provided within the contract between ourselves and our clients.

From our clients we collect:

  • Contact details
  • Address
  • Billing information

From general enquiries we collect:

  • Contact information

We will only retain the data we collect for as long as is necessary to satisfy the purpose for which it has been collected. We may share contact information with our third-party strategic partners to support the provision of our services.

The lawful basis for the processing is contractual (clients) and legitimate interest (enquiries).

Section 8

Consultants & Third-Party Processors

E2E Integration Ltd may engage consultants or third-party service providers ("Processors") to carry out specific data processing activities on its behalf. Such parties shall:

  • Process personal data only on documented instructions from E2E Integration Ltd.
  • Be bound by written contractual terms ensuring confidentiality and compliance with UK GDPR and the Data Protection Act 2018.
  • Implement appropriate technical and organisational measures to safeguard the data against unauthorised or unlawful processing and against accidental loss, destruction, or damage.
  • Permit E2E Integration Ltd to conduct or request audits, inspections, or evidence of compliance where appropriate.
  • Immediately inform E2E Integration Ltd if any instruction appears to infringe applicable data protection legislation.

E2E Integration Ltd will ensure that only processors providing sufficient guarantees to meet the requirements of UK data protection law are appointed to process data on its behalf.

Section 9

Data Storage & Security

Paper-based records, digital records and portable electronic devices — such as laptops and hard drives — that contain personal information all comply with the Data Protection Act 2018 and are regularly assessed by our DPO. Destruction and archiving of Personal Data procedures are also aligned to the DPA.

Section 10

Cookies

Our website uses cookies to improve your experience and help us understand how visitors use the site. We use the following technologies:

  • Google Analytics (G-65KV52G3WS) — used to collect anonymised information about how visitors use our site, including pages visited and time spent. This data is used to improve the website experience. Analytics cookies are only set with your consent.
  • Microsoft Clarity — used to record anonymised session data including mouse movements, clicks and scrolling behaviour to help us identify usability issues. Clarity data is only collected with your consent.
  • Google reCAPTCHA — used on our contact forms to protect against spam and abuse. reCAPTCHA uses cookies and may collect data about your interaction with the form. This is necessary for the security of our services.

You can withdraw your consent to analytics and tracking cookies at any time by clicking "Essential Only" in the cookie banner, or by adjusting your browser settings. Essential cookies required for the security and operation of the site (such as reCAPTCHA) cannot be disabled.

Section 11

How to Make a Complaint

If you feel that we have mishandled your Personal and/or Special Category data at any time, you can make a complaint to our DPO by:

Alternatively, you can contact the Information Commissioner's Office by visiting ico.org.uk/make-a-complaint or by calling their helpline on 0303 123 1113. Please note that the ICO expects an individual to address any complaints with us before contacting them.