PRIVACY POLICY

This Privacy Policy explains how Access UK Ltd ("we", "us", or "our") processes personal data in connection with our B2B reporting platform (the "Platform").

Access UK Ltd (company registration 2343760) is the data controller for the purposes of this Privacy Policy. We are part of The Access Group, which comprises numerous legal entities that are wholly owned subsidiaries of The Access Technology Group Limited (company registration 05575609).

This Privacy Policy applies to business customers and their authorised users who access and use our Platform.

1. INTRODUCTION

2. CONTACT INFORMATION

3. PERSONAL DATA WE COLLECT

When you use our Platform, we collect limited personal data solely for the purpose of providing and improving our B2B reporting services:

Information We Collect Automatically:

• Usage Analytics Data: Information about how you interact with the Platform, including features used, reports generated, frequency of access, and performance metrics
• Technical Data: IP addresses, browser type and version, time zone settings, operating system and platform
• Cookie Data: Information collected through cookies and similar technologies (see Section 10)
• Cookie Preferences: Your cookie consent choices and preferences

Information You Provide:

• Account Data: Business email address, name and company information when creating or managing your account
• Support Data: Information provided when contacting our support team

4. HOW WE USE YOUR PERSONAL DATA

We process personal data for the following purposes and legal bases:

Purpose	Legal Basis
To provide and maintain the Platform	Performance of contract
To manage your account and authenticate users	Performance of contract
To analyse Platform usage and generate aggregated analytics	Legitimate interests (improving our services)
To provide customer support	Performance of contract / Legitimate interests
To send service-related communications	Performance of contract
To ensure Platform security and prevent fraud	Legitimate interests (security)
To comply with legal obligations	Legal obligation
To manage cookie preferences	Consent / Legitimate interests (remembering preferences)

5. DATA SHARING AND DISCLOSURE

We may share personal data with:

• Group Companies: Other entities within The Access Group for internal administration purposes
• Professional Advisers: Lawyers, auditors, and insurers where necessary
• Regulatory Authorities: Where required by law or to protect our rights
• Business Transfers: In connection with any merger, acquisition, or sale of assets

We do not sell personal data to third parties.

6. INTERNATIONAL TRANSFERS

Personal data is primarily stored and processed in the UK. Where any international transfers occur within The Access Group or to service providers, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the UK ICO
• Adequacy decisions where applicable
• Your explicit consent where required

7. DATA SECURITY

We implement appropriate technical and organisational measures to protect personal data, including:

• Encryption of data in transit and at rest
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Employee training on data protection
• Incident response procedures

8. DATA RETENTION

We retain personal data for as long as necessary to fulfil the purposes outlined in this Privacy Policy:

• Cookie Consent Preferences: 6 months from the date of consent

9. YOUR RIGHTS

Under UK GDPR, you have the following rights:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data (subject to legal obligations)
• Restriction: Request limited processing of your data
• Portability: Receive your data in a structured format
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Where processing is based on consent (including cookie consent)

To exercise these rights, contact: Access.DPO@theaccessgroup.com

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

10. COOKIES

Our Platform uses cookies to:

• Maintain your session and authentication
• Remember your preferences
• Enhance security
• Offer additional functionality and personalisation such as live chat support.

Types of cookies used:

• Essential Cookies: Required for Platform functionality (cannot be disabled)
• Functional Cookies: Enable enhanced functionality and personalisation of the Platform (optional)

Managing Cookie Preferences:

• You can manage your cookie preferences at any time through the Preferences -> Manage cookie preferences section of your user settings. The cookie preferences popup allows you to select which categories of cookies you accept or reject.
• Your cookie consent choices are stored for 6 months, after which you will be asked to confirm your preferences again
• You can also manage cookies through your browser settings, though disabling certain cookies may impact Platform functionality

For more information about the cookies we use, please refer to our Cookie Policy.

11. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy periodically. We will notify you of material changes via email or Platform notification.

The "Last Updated" date at the top of this Privacy Policy indicates when it was last updated.

12. ADDITIONAL INFORMATION FOR EEA USERS

For users in the European Economic Area, our EU Representative under Article 27 GDPR is Access Workspace Ireland, contactable at Core.DPO@theaccessgroup.com.