Privacy Notice

Changelog

Date Notes
1st January 2026 Latest release

Introduction
Everything Data respects your privacy. The privacy notice is an information document to provide you with details about the privacy practices of Everything Data with regards to it’s website and services.

The notice will apply if you are a customer, supplier, job applicant, contractor (including ex employees and contractors).

The document informs you about the data collected, the purposes for which it will be used, where and how it will be processed, opt out mechanisms and your rights as data subjects.

Data Controller
The data controller for personal data collected, processed and stored by Everything Data is Everything Data Limited with it’s registered address at

Office 15281, 182-184 High Street North, East Ham, London, .E6 2JA

All questions or requests regarding the processing of data may be addressed to:
enquiries@everythingddatasolutions.com

Personal data collection
We collect the following types of personal data:

• Name – This is your full name. We may store this data type for more than one person within your organisation where, for example, the accounting contact is different to the main point of contact for the engagement.

• Street Address – This is the physical address where your offices are located or where the registered office is (for example, your accountant).

• Email Address – This is the emial address which we will use for communication with you. Where we hold multiple contacts for different reasons, then we will use the most apporpriate email address.

• Telephone number – This is the telephone number which we will use for communication with you. We may hold more than 1 phone number for example main office and mobile.

• Relationship – This is types of services that may interest you, contact preferences, and marketing choices.

• Transaction - Information about your engagements with Everything Data. Purchases, enquiries, customer account information, billing information, transaction and correspondence history.

All data is either collected directly from you as the data subject or generated by Everything Data.

No information is collected from third parties.

Purposes
Your data is used to provide our services, process orders and to conduct business transactions such as billing.

Customer engagement
Your data is used to provide services, process orders and business related activities including accounting.

Legal basis: Article 6(1)(b) – Performance of contract

Customer experience
We may use your data to improve your interactions with Everything Data. We continually assess how we can make the entire lifecycle better, from your initial outreach to any post engagement support.

Project updates
Throughout your engagement with Everything Data, we will use your information to keep you updated on every aspect of the project including time spent, costs incurred, additional works and any forseeable complications.

Legal basis: Article 6(1)(b) – Performance of contract

Keeping you informed
We may send you periodic newsletters, more information about our service offerings and any new options that may be of interest to you. This is based on your previous interactions with us.

Legal basis: Consent

Job applications
If you apply to work at Everything Data, your information will be used to process your application.

Legal basis: Consent

Cookies
Everything Data’s website only uses cookies classified as “strictly necessary” in order for the site to function correctly.

Our emails do not contain any cookies or other tracking technologies.

You can control all of your cookie behaviour via your browser settings.

Everything Data strongly recommends that you do this and enable any “do not track” options as well as tracking technology rejection.

Sharing of information
Everything Data do not, and will never, sell or trade your personal information to outside parties.

Trusted third parties
Depending on the exact nature of your engagement with us, we may transfer your personal data to selected, trusted third parties in order to provide the service offerings for which you have requested and for the purposes listed above.

Where the project is such that a third party is involved, Everything Data requires them to comply with the terms of our Data Processing Addendum (DPA) with them, which include confidentiality obligations. This contractual agreement prohibts them from selling, using, marketing or trading Everything Data customer information.

In such circumstances as a third party component, you will be advised, in advance, of the statement of works with said third party and the extent to which they access or process your data.

Legal requirements
Disclosure of your information may be required if we believe is it appropriate in order to comply with law or to protect our property, safety or rights.

Where we receive requests for data from law enforcement, we will notify our customer(s) unless prohibited from doing so.

Data retention
We keep your data only for the minimum time needed to

All financial related data including transactions, payments, credits will be retained for a minimum of seven (7) years to comply with Her Majesty Revenue and Customs (HMRC) regulations.

All other data will be stored by us for a period of five (5) years after the exprity of your last active contract. This is to allow Everything Data to revert back to historic data should you re-engage with us during that time, avoid any unnecessary duplication and have any required information available for audit cycles.

Consent withdrawl
By default, you do not consent to any of the purposes listed above unless, or until, you explictly advise us otherwise.

Where Everything Data processes your personal data on the legal basis of consent, you can withdraw, opt out or re-authorise that consent at any time.

In order to do so, simply send an email to dpo@everythingdatasolutions.com specifying the email address and your wishes and this will be exercised within seven (7) days.

Your rights as data subjects
The responsibility lays with you for the provision of true, accurate, current and complete information to Everything Data. Additionally, you are responsible for the maintaing and updating of that information to keep it so (by communicating any changes to Everything Data).

As data subjects, you have rights enshrined in law. These are:

Informed – Be told what data is being collected, how it’s being used, for how long and any sharing.

Access – Request a copy of the information that we hold pertaiing to you

Rectification – Have any inaccurate or incomplete data corrected

Objecttion – Challenge certain types of processing (for example, direct marketing)

Profiling – Object to activities involving automated decisions or based on personal data

Identification will be required to verify the authenticity of any such requests.

To the extent of applicable law, you may also have the rights to:

Erasure - You can ask us to erase any personal data stored

Portability – Request transfer of your personal data

Restrict - Request that we limit use of personal data

In all cases, you also have the right to lodge a complaint with a supervisory authority.

To exercise these, or any data subject rights, please send us an email.

Data that is inaccurate, not current, untrue or incomplete, or if we have reaosnable grounds of suspicion of the same, we reserve the right to suspend, refuse or terminate any and all current and future service provisions.

Safeguards
Technical, organisational, physical and human measures have been implemented to prevent unauthorised access to, and the prevention and recovery from the loss of Confidentiality, Integrity and Availability (CIA), of personal data. Such measures include:

• The establishment of a Data Protection Policy governing processing and handling of personal data
• Deployment of data minimisation, data segregation working practices
• Training (at least) annually regarding CIA and privacy matters
• Access controlled data facilities, storage and restricted movement of physical media
• Restricted access to systems holding or processing personal data

Applicable and relevant laws
Everything Data is committed to protecting the personal data of it’s clients.

Everything Data will fully respect the rights, freedoms and actions established and provisioned for in applicable regional laws and regulations.

Changes
Material changes to this privacy notice are published on the website, complete with the new date and what has changed.

Group Data Protection Officer

Everything Data Limited
Unit 15281

182-184 High Street North
East Ham

London

E6 2JA
dpo@everythingdatasolutions.com