info@theepitome.co.uk     |     +44 (0) 207 665 0783
info@theepitome.co.uk     |     +44 (0) 207 665 0783
Get in touch

Privacy Policy

Privacy Policy for www.theepitome.co.uk

Last Updated – 1st June, 2025

Effective Date – 1st June, 2025

 

At www.theepitome.co.uk (“we,” “us,” or “our”), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our website in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data (Use and Access) Act 2025. By accessing or using www.theepitome.co.uk, you agree to the practices described in this Privacy Policy.

This Privacy Policy applies to all personal information we process about you, regardless of how we collect it. We are the data controller responsible for your personal information.

 

Information We Collect

We collect various types of information, including:

  • Personal Information We may collect personal information, such as your name, email address, and other contact details when you sign up for our services or submit forms on our website. We collect this information only when you voluntarily provide it to us. 

 

  • Usage Information We collect information about your use of our website, such as the pages you visit, your browsing history, and your interactions with our content. This helps us understand how visitors use our website and improve your experience. 

 

  • Cookies and Tracking Technologies We use cookies and similar technologies to collect information about your browsing behaviour, such as your IP address, browser type, and operating system. For more detailed information about the cookies we use, please see our Cookie Policy [link to Cookie Policy]. You can manage your cookie preferences through our cookie consent banner or by adjusting your browser settings.

 

  • Special Categories of Data We do not intentionally collect any special categories of personal data (such as information about your health, racial or ethnic origin, political opinions, religious beliefs, or sexual orientation) unless required for a specific purpose with your explicit consent. 

 

  • Children’s Data Our website and services are not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected personal information from a child under 13, please contact us immediately at info@theepitome.co.uk so we can take appropriate steps to remove this information.

 

How We Use Your Information

We use the information we collect for the following purposes, based on the corresponding legal bases:

2.1 To Provide Services: We use your personal information to provide and manage the services you request, such as responding to your inquiries and processing registrations. The legal basis for this processing is the performance of a contract with you or taking steps at your request prior to entering into a contract.

 

2.2 Analytics and Improvements: We use data about your use of our website to analyse and enhance our services, content, and user experience. The legal basis for this processing is our legitimate interest in maintaining and improving our website and services.

 

2.3 Marketing and Communications: We may use your contact information to send you updates, newsletters, and promotional materials. The legal basis for this processing is either your consent or our legitimate interest in promoting our services. You can opt-out of marketing communications at any time.

 

2.4 Legal Obligations: We may use your information to comply with legal obligations and protect our rights and interests. The legal basis for this processing is compliance with a legal obligation to which we are subject.

 

2.5 Recognised Legitimate Interests: In accordance with the Data (Use and Access) Act 2025, we may process your data for certain recognised legitimate interests, such as fraud prevention, network security, and direct marketing (where applicable), without conducting a legitimate interest assessment.

 

Data Sharing and Disclosure

We may share your information with third parties in the following situations:

3.1 Service Providers and Data Processors: We may share your data with third-party service providers who assist us in delivering our services, maintaining our website, and performing other business functions. These providers act as our data processors and are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.

 

3.2 Legal Compliance: We may disclose your information to comply with legal obligations or to respond to lawful requests from governmental authorities, including to meet national security or law enforcement requirements.

 

3.3 Business Transfers: In the event of a merger, acquisition, or sale of all or part of our assets, your information may be transferred to the acquiring entity. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information.

 

3.4 With Your Consent: We may share your personal information with third parties when we have your consent to do so.

 

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

 

Your Rights

Under the UK GDPR and the Data (Use and Access) Act 2025, you have several rights regarding your personal information:

4.1 Right to Access You have the right to request copies of your personal information. We may charge a reasonable fee when a request is manifestly unfounded, excessive, or repetitive.

4.2 Right to Rectification You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

4.3 Right to Erasure You have the right to request that we erase your personal data, under certain conditions.

4.4 Right to Restrict Processing You have the right to request that we restrict the processing of your personal information, under certain conditions.

4.5 Right to Object to Processing You have the right to object to our processing of your personal information, under certain conditions, particularly if the processing is based on legitimate interests or for direct marketing.

4.6 Right to Data Portability You have the right to request that we transfer the data we have collected to another organisation, or directly to you, under certain conditions.

4.7 Rights Related to Automated Decision Making You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless this is necessary for a contract with you, authorized by law, or based on your explicit consent.

To exercise any of these rights, please contact us at dpo@theepitome.co.uk. We will respond to all legitimate requests within one month.

 

Data Retention We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

Details of retention periods for different aspects of your personal data are available upon request.

 

 

Security

We take appropriate technical and organisational measures to protect your information from unauthorized access, disclosure, alteration, or destruction.

These measures include:

  • Encryption of personal data where appropriate 
  • Regular security assessments 
  • Access controls and authentication procedures 
  • Staff training on data protection

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner’s Office (ICO) within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay.

 

International Data Transfers: We may transfer your personal data to countries outside the UK. When we do so, we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards.

We may transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the UK government. Alternatively, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.

 

Changes to this Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. Your continued use of www.theepitome.co.uk after we post any modifications to the Privacy Policy will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

 

Contact Us

If you have any questions or concerns about our Privacy Policy or the handling of your personal information, please contact us at: Email: info@theepitome.co.uk Address: Maple Works, 73 Maple road, Surbiton. KT6 4AG Phone: 0207 665 0783. 

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Effective Date:1st June 2025

 

Cookie Policy: Our website uses cookies and similar technologies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

What are cookies? Cookies are small text files that are placed on your computer or mobile device when you visit a website. Cookies are widely used by website owners to make their websites work, or to work more efficiently, as well as to provide reporting information.

Types of cookies we use –

Strictly Necessary Cookies: These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. –

Analytical/Performance Cookies: These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. – **Functionality Cookies**: These are used to recognize you when you return to our website. –

Targeting Cookies: These cookies record your visit to our website, the pages you have visited, and the links you have followed.

Managing Cookies: You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

Under the Data (Use and Access) Act 2025, certain analytics cookies may not require consent. However, we still provide you with the option to control your cookie preferences through our cookie consent banner.

 

 

Data Protection Officer: We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the DPO using the details set out below: Email: dpo@theepitome.co.uk  Address: Maple Works, 73 Maple road, Surbiton. KT6 4AG Phone: 0207 665 0783.

 

Please read this Privacy Policy carefully and check back periodically for updates. Your continued use of www.theepitome.co.uk constitutes your acceptance of any changes made to this policy.