Call Us
Menu

Privacy Policy

Privacy Policy for Ashington Hill
Effective Date: 01/07/2025
Last Updated: 22/07/2025

1. Introduction

At Ashington Hill, we are committed to protecting the privacy and confidentiality of all personal and corporate data entrusted to us. As a RICS-regulated construction consultancy specialising in design, cost, and project management, we adhere to the highest standards of data protection under the General Data Protection Regulation (GDPR), the Data Protection Act 2018, and other applicable privacy laws. This Privacy Policy outlines how we collect, use, store, and protect your data, ensuring transparency and trust in our professional relationship.

2. Definitions

For clarity, the following terms are defined as:

  • Personal Data: Any information relating to an identified or identifiable individual (e.g., names, contact details, project roles).
  • Corporate Data: Information related to organisations, such as company names, project details, or contractual terms.
  • Data Subject: An individual whose personal data is processed by us.
  • Controller: Ashington Hill, the entity responsible for determining the purposes and means of processing personal data.
  • Processor: Third parties (e.g., subcontractors, IT providers) who process data on our behalf.

3. Data We Collect

We collect and process the following types of data:

  • Personal Data:
    • Contact information (e.g., names, email addresses, phone numbers).
    • Professional details (e.g., job titles, roles in projects, qualifications).
    • Project-related data (e.g., site visits, client communications, performance metrics).
  • Corporate Data:
    • Company names, addresses, and registration details.
    • Project specifications, contracts, and financial records.
    • Supplier and subcontractor information.
  • Sources of Data:
    • Directly from you (e.g., project proposals, contracts, client meetings).
    • Indirectly from third parties (e.g., public registers, industry partners).

4. Purposes of Processing

We process your data to:

  • Deliver construction consultancy services (e.g., design reviews, cost analysis, project scheduling etc.).
  • Manage contracts, payments, and compliance with RICS and legal standards.
  • Communicate with clients, partners, and stakeholders.
  • Ensure health and safety, quality assurance, and risk management.
  • Fulfil legal obligations (e.g., tax reporting, audit trails).

5. Legal Basis for Processing

Our processing activities are lawful under one or more of the following GDPR bases:

  1. Contractual Necessity: To perform services outlined in our agreements.
  2. Legal Compliance: To meet obligations under RICS regulations or other laws.
  3. Legitimate Interests: For business operations (e.g., fraud prevention, quality improvement).
  4. Consent: Where explicitly provided (e.g., for marketing communications).

6. Data Sharing and Transfers

We may share data with:

  • Third-Party Processors: IT providers, cloud storage services, or subcontractors.
  • Professional Advisors: Legal, accounting, or insurance partners.
  • Regulatory Bodies: RICS or government authorities as required by law.
  • International Transfers: Data may be transferred outside the UK/EU only if the recipient ensures an adequate level of protection (e.g., via GDPR-compliant contracts or EU adequacy decisions).

7. Data Subject Rights

You have the right to:

  • Access: Request a copy of your personal data.
  • Rectify: Correct inaccurate or incomplete information.
  • Erase: Request deletion (subject to legal obligations).
  • Restrict Processing: Limit how your data is used.
  • Object: Challenge processing for legitimate interests or direct marketing.
  • Data Portability: Obtain and reuse your data in a structured format.
  • Withdraw Consent: At any time (if processing is based on consent).

To exercise these rights, contact our Data Protection Officer at [email protected].

8. Data Retention

We retain data only for as long as necessary to achieve the purposes outlined in this policy, or to comply with legal, accounting, or reporting requirements (typically 10 years for construction projects).

9. Data Security

We implement technical and organisational measures to protect data, including:

  • Encryption for sensitive data in transit and at rest.
  • Access controls and role-based permissions.
  • Regular staff training on data protection.
  • Audits and incident response plans for breaches.

10. Data Breach Notification

In the event of a breach likely to risk your rights, we will notify you and the Information Commissioner’s Office (ICO) within 72 hours, as required by GDPR.

14. Cookie Policy

Ashington Hill uses cookies and similar technologies on our website to enhance your browsing experience, analyse site traffic, and provide relevant content. This section explains what cookies are, which ones we use, and your options for managing them.

14.1 What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They store information about your visit, such as preferences or login status, and help the website function effectively.

14.2 Types of Cookies We Use

We use the following categories of cookies:

  • Strictly Necessary Cookies
    These are essential for the website to operate properly (e.g., session management, form security). They do not require your consent.
  • Performance & Analytics Cookies
    These help us understand how visitors interact with the website (e.g., pages visited, time spent) using tools like Google Analytics. We use this information to improve our site and services.
  • Functionality Cookies
    These allow the website to remember your preferences (e.g., region or language).
  • Marketing Cookies (if applicable)
    These may be set by advertising partners to deliver personalised ads. We only use these with your explicit consent.

14.3 Managing Cookies

When you first visit our website, you will see a cookie banner allowing you to:

  • Accept all cookies
  • Reject non-essential cookies
  • Customise your cookie preferences

You can also control cookies through your browser settings at any time. Please note that disabling some cookies may affect website functionality.

14.4 Third-Party Cookies

We may use third-party services (e.g., Google Analytics, embedded YouTube videos) that set cookies on your device. These providers have their own privacy and cookie policies.

14.5 Retention and Expiry

Cookies are either:

  • Session cookies – deleted automatically when you close your browser.
  • Persistent cookies – remain until they expire or you delete them.

Cookie lifespans vary by type and purpose (typically 1 day to 2 years).

14.6 Contact and Further Information

If you have questions about our cookie usage, please contact our Data Protection Officer at:

Email: [email protected]
Phone: 07881284901

For more on cookies and your rights, visit https://ico.org.uk/your-data-matters/online/cookies.

11. Changes to This Policy

We may update this policy to reflect legal changes or business needs. The revised version will be posted on our website and communicated to stakeholders.

12. Contact Information

For questions or concerns, contact:
Data Protection Contact
Laura Rogers
[email protected]
07881284901

13. Signature and Acceptance

By engaging with Ashington Hill, you acknowledge that you have read and agreed to this Privacy Policy.

Version Control:

  • Version 1.0 – 01/07/2025
  • Version 1.1 – 22/07/2025
Facebook-f Instagram