privacy policy

ESG Solutions (IoW) Ltd – Privacy Policy

Last updated: 5 January 2026

 

ESG Solutions (IoW) Ltd (“we”, “us”, “our”) is committed to protecting your privacy and handling your personal data in a safe, transparent, and lawful manner. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website or contact us.

1. Who We Are

ESG Solutions (IoW) Ltd
Registered Address: Arnold House, 2 New Road, Brading, Sandown, Isle of Wight, PO36 0DT
Email: sandra.overbury@esgsolutionsiow.co.uk

We are the Data Controller for the personal data we collect through our website and direct communications.

2. What Personal Data We Collect

We may collect the following information:

2.1 Information you provide

  • Name
  • Email address
  • Telephone number
  • Company or organisation
  • Any message or content you include when contacting us

2.2 Technical data (if analytics or security tools are active)

  • IP address
  • Browser type, device information, operating system
  • Pages visited and time spent on the website
  • Referring website URLs
  • Cookie preferences

We do not intentionally collect special category data unless explicitly provided by you.

3. Legal Basis for Processing

We process your personal data under the following lawful bases of the UK GDPR:

  • Consent – when you voluntarily submit your details through a contact form or accept non‑essential cookies.
  • Contractual necessity – when processing is required to respond to your enquiry or provide requested services.
  • Legitimate interests – to improve our website, ensure security, and operate efficiently as a business.

4. How We Use Your Data

We may use your information to:

  • Respond to and manage your enquiry
  • Provide services you request
  • Maintain internal administrative records
  • Improve our website and user experience
  • Ensure the security and integrity of our systems
  • Comply with legal or regulatory obligations

We do not use your personal data for automated decision‑making or profiling.

5. Sharing Your Data

We do not sell or share your data for marketing purposes.

We may share your data with trusted third parties only when necessary, such as:

  • Website hosting providers
  • Email service providers
  • IT security or system support partners

All third parties operate under legally binding confidentiality and data‑protection obligations.

We may also share information with regulatory or legal authorities if required by law.

6. International Data Transfers

If any service provider is located outside the UK or EEA, we ensure appropriate safeguards are in place, such as:

  • UK International Data Transfer Agreements (IDTAs)
  • EU/UK Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable

7. Data Retention

We keep personal data only for as long as necessary for the purposes it was collected.

  • Enquiry records: up to 12 months unless continued correspondence or service delivery requires longer.
  • Client records: up to 6 years for legal, financial, or contractual reasons.

We review retention periods regularly and securely delete or anonymise data when no longer required.

8. Your Rights

Under the UK GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate information
  • Request erasure (“right to be forgotten”)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time (this does not affect prior lawful processing)
  • Lodge a complaint with the Information Commissioner’s Office (ICO)
    • Website: https://www.ico.org.uk
    • Phone: 0303 123 1113

To exercise any of your rights, contact:
sandra.overbury@esgsolutionsiow.co.uk

9. Cookies and Analytics

Our website may use cookies for:

  • Essential website functionality
  • Analytics (if enabled)
  • Performance and security

Non‑essential cookies (e.g., analytics) are only activated with your consent via the cookie banner. You can change or withdraw your cookie preferences at any time.

10. Data Security

We take the protection of your data seriously and use appropriate technical and organisational measures, including:

  • Encrypted data transmission (SSL/HTTPS)
  • Access controls and authentication
  • Secure data‑storage systems
  • Staff confidentiality controls

However, no method of online transmission is 100% secure, and we cannot guarantee absolute security.

11. Children

Our website is not intended for children under 13, and we do not knowingly collect information from minors.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Any changes will be posted on this page with an updated “Last updated” date.

13. Contact Us

For any questions or concerns regarding your privacy or this Policy, please contact:
sandra.overbury@esgsolutionsiow.co.uk

“It's your information, so you have control over it”

designer (30)

QUESTIONS?

If you’d like to find our more or are interested in working with us.

Contact Us