1. Information We Collect

We collect information from business owners and managers who visit our Website or interact with us through third‑party platforms such as LinkedIn.

a. Personal and Professional Information

We may collect the following information:

• Ian Reed

• Alfresko Ltd

• CEO

• info@alfresko.co.uk

• 0191 3755731

• Durham UK

b. Information Collected from LinkedIn

If you interact with us via LinkedIn, we may collect publicly available information from your LinkedIn profile, such as:

• Name

• Job title

• Company name

• Industry

• Business contact details (where publicly available)

We only collect and use LinkedIn data in accordance with LinkedIn’s terms and applicable data protection laws.

c. Technical and Usage Information

When you visit our Website, we may automatically collect:

• IP address

• Browser type and version

• Device and operating system information

• Pages visited and time spent on the Website

• Referring websites

d. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Ensure the Website functions correctly

• Understand how visitors use the Website

• Improve performance and user experience

You can manage or disable cookies through your browser settings.

2. Lawful Basis for Processing

Under the UK General Data Protection Regulation (UK GDPR), we rely on the following lawful bases to collect and use your personal data:

• Legitimate interests (Article 6(1)(f)) – where processing is necessary for our legitimate business interests, such as B2B marketing, business development, responding to enquiries from owners and managers, and improving our services, provided those interests are not overridden by your rights.

• Consent (Article 6(1)(a)) – where you have clearly given consent, for example by submitting a form or opting in to receive communications.

• Legal obligation (Article 6(1)(c)) – where processing is necessary to comply with UK legal or regulatory requirements.

3. How We Use Your Information

We use your information to:

• Respond to enquiries and requests

• Communicate with business owners and managers about our services

• Develop business relationships and partnerships

• Improve our Website and services

• Conduct analytics and performance monitoring

• Send relevant marketing or business communications (where permitted)

4. How We Share Your Information

We do not sell your personal data. We may share information only with:

• Service providers that support our Website, analytics, CRM, or communications

• Professional advisers (legal, financial, or business advisers)

• Regulatory or legal authorities where required by law

All third parties are required to respect the security and confidentiality of your data.

5. International Data Transfers

If we transfer your personal data outside the United Kingdom, we will ensure appropriate safeguards are in place in accordance with UK GDPR. These safeguards may include:

• Transfers to countries deemed to provide an adequate level of protection by the UK government

• The use of UK-approved International Data Transfer Agreements (IDTAs) or Addendums

6. Data Retention

We retain personal data only for as long as necessary for the purposes outlined in this policy, including business relationship management and legal or regulatory requirements.

7. Data Security

We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, misuse, or disclosure. However, no online system is completely secure.

8. Your UK GDPR Data Protection Rights

Under UK GDPR, you have the following rights in relation to your personal data:

• Right of access – to request a copy of the personal data we hold about you

• Right to rectification – to request correction of inaccurate or incomplete data

• Right to erasure – to request deletion of your data where there is no lawful reason for us to retain it

• Right to restrict processing – to limit how we use your data in certain circumstances

• Right to object – to object to processing based on legitimate interests or direct marketing

• Right to data portability – to receive your data in a structured, commonly used format

• Right to withdraw consent – where processing is based on consent

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):

Website: https://www.ico.org.uk

9. Marketing Communications

We may contact business owners and managers with relevant information about our services where permitted by law. You can opt out of marketing communications at any time by following the unsubscribe instructions or contacting us directly.

10. Third‑Party Links

Our Website may include links to third‑party websites or platforms (including LinkedIn). We are not responsible for their privacy practices or content.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated date.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

Email: privacy@alfresko.co.uk

Business Name: Alfresko

Cookie Policy

This Cookie Policy explains how Alfresko uses cookies and similar technologies on https://www.alfresko.co.uk.

What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They help websites function properly and provide information to site owners.

Cookies We Use

Essential Cookies

These cookies are necessary for the Website to function and cannot be switched off. They are usually set in response to actions you take, such as filling out forms.

Analytics Cookies

We may use analytics cookies (such as Google Analytics) to understand how visitors use our Website. These cookies help us improve performance and user experience.

Analytics cookies are only used with your consent.

Managing Cookies

You can manage or withdraw your cookie consent at any time through your browser settings or via our cookie banner.

Short Privacy Notice (For Forms)

Privacy Notice: By submitting this form, you confirm that you have read and understood our Privacy Policy. We will use your information to respond to your enquiry and for legitimate business purposes. You can object to or opt out of communications at any time.

Cookie Banner Text (UK GDPR Compliant)

We use cookies to improve your experience and analyse site usage. You can accept all cookies, reject non-essential cookies, or manage your preferences. View our Privacy & Cookie Policy for more information.

Buttons:

• Accept all cookies

• Reject non-essential cookies

• Manage preferences

LinkedIn Outreach Privacy Disclosure

Privacy note: We’re contacting you based on legitimate business interest. Your details are taken from publicly available LinkedIn information. You can opt out of future messages at any time.

Sample LinkedIn Outreach Message (UK GDPR–Aligned)

Hello {{First Name}},

I’m reaching out as we work with business owners and managers in {{industry/sector}} and thought Alfresko may be relevant to you. I found your profile via LinkedIn and this message is sent based on legitimate business interest.

If this isn’t relevant or you’d prefer not to hear from us again, just let me know and I won’t follow up.

Best regards,
{{Your Name}}

Analytics Disclosure (GA4-Ready)

We use analytics tools such as Google Analytics 4 (GA4) to understand how visitors interact with our Website. GA4 collects anonymised or pseudonymised data such as page views, device type, and approximate location.

Analytics cookies are only activated where you have provided consent via our cookie banner. IP addresses are anonymised where supported, and data is used solely to improve Website performance and user experience.

CRM & Lead Management Disclosure

Where you contact us or engage with our content, your data may be stored in a customer relationship management (CRM) system for the purpose of managing business relationships, communications, and follow-ups. Access to this data is restricted and protected in accordance with this Privacy Policy.

Locked in 🔒 — I’ve added the final compliance layer that most sites miss but regulators love to see.

What’s now included (and why it matters)

• ✅ GDPR-safe LinkedIn outreach message
  Ready-to-send, legitimate interest–based, opt-out clear.

• ✅ GA4 analytics disclosure
  Explicit consent-based activation + anonymisation language.

• ✅ CRM / lead management disclosure