Privacy Policy

Orion Data Analytics Ltd ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information when you visit our website oriondata.co.uk ("Website") or interact with us. Our Website is hosted on the Cloudflare platform, which provides essential security and performance services on our behalf.

Regulatory Compliance: We comply with the UK GDPR (post-Brexit) and are registered with the Information Commissioner's Office (ICO) under registration number C1591283.

For the purposes of UK and EU data protection laws, Orion Data Analytics Ltd is the "data controller" of your personal information. Cloudflare, MailerLite, and Google act as "data processors" and process your personal data on our behalf as described below.

We may collect the following types of personal information through our Website:

• Personal Identification Information: Such as your name, email address, phone number, and company name, which you may voluntarily provide when filling out forms or subscribing to our newsletter via MailerLite.
• Technical Data: Including your IP address, browser type, operating system, and browsing behaviour. Some of this is collected automatically via Cloudflare (for security). Analytics data (via Google Analytics) is only collected if you have accepted cookies via our cookie consent banner.
• Professional Information: Information related to your business interests shared during consultations.

Under the UK GDPR and, where applicable, the EU GDPR, we process your personal data on the following legal bases:

• Consent: Where you have given explicit consent for specific purposes (e.g., subscribing to our newsletter via MailerLite).
• Contractual Obligation: Where processing is necessary to fulfil a contract with you or to take steps at your request before entering into a contract.
• Legitimate Interests: Where processing is required for our legitimate interests (e.g., improving our Website, security via Cloudflare), provided these are not overridden by your data protection rights.
• Consent (analytics): We use Google Analytics only after you have accepted non-essential cookies via our cookie consent banner. We use Google Consent Mode to communicate your consent choice to Google.
• Legal Obligation: To comply with legal or regulatory requirements.

We use the information we collect for the following purposes:

• Providing Services: To respond to inquiries and provide requested data strategy services.
• Marketing Communications: To send newsletters and updates via MailerLite, provided you have given explicit consent.
• Analytics and Optimisation: To monitor Website performance and user experience using Google Analytics, only when you have accepted cookies via our cookie consent banner.
• Security: To protect our infrastructure from malicious activity using Cloudflare's security suite.

Our Website uses a cookie consent banner so you can choose whether to allow non-essential cookies. We only use Google Analytics after you have clicked "Accept all" on the banner. Cloudflare may set essential cookies for security regardless of your choice; MailerLite may set cookies in connection with newsletter sign-up and marketing where you have consented.

Please see our Cookie Policy for more details about the consent banner, the types of cookies we use, and how you can manage or withdraw your preferences.

We share your data with the following essential service providers:

• Cloudflare: For website hosting, security, and performance.
• MailerLite: To manage our newsletter subscriptions and email marketing.
• Google LLC: For website analytics (Google Analytics), only when you have accepted cookies via our consent banner.
• Legal Compliance: To comply with court orders or regulatory investigations.

Our Website infrastructure is powered by Cloudflare. They process technical data to ensure the security and stability of our platform. Cloudflare complies with global data protection standards and maintains rigorous security certifications.

If we transfer your personal data outside the UK or the EEA, we will ensure that appropriate safeguards are in place, such as standard contractual clauses approved by relevant authorities. Cloudflare, Google, and MailerLite may transfer data internationally as part of their services; they maintain compliance with recognised data protection frameworks.

We, along with our service providers (Cloudflare, MailerLite, Google), implement appropriate security measures to protect your personal data from unauthorised access, loss, or disclosure. However, no method of transmission over the internet is completely secure.

We retain your personal data only for as long as necessary for the purposes for which it was collected or as required by law. Our processors (Cloudflare, MailerLite, Google) may retain data in accordance with their own data retention policies, which we require to be consistent with our instructions and applicable law.

Under the UK GDPR and, where applicable, the EU GDPR, you have the following rights:

• Right to Access: Request access to your personal data.
• Right to Rectification: Request corrections to any inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data under certain circumstances.
• Right to Restrict Processing: Request restriction of your data processing.
• Right to Data Portability: Request a copy of your data in a commonly used format.
• Right to Object: Object to data processing for direct marketing or where processing is based on legitimate interests.
• Right to Withdraw Consent: Withdraw your consent at any time, where processing is based on consent.

To exercise these rights, please contact us at enquiries@oriondata.co.uk. We will respond within one month or as required by applicable laws. You also have the right to lodge a complaint with the ICO (see Contact Us).

We do not use automated decision-making or profiling in our data processing activities.

We may update this Privacy Policy periodically. The latest version will be posted on this page with an "Effective Date." Please review this policy regularly to stay informed about how we handle your information.