Privacy Policy

Last updated: 11th August 2024

1. Introduction

Crystal Route ("we," "our," or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website crystal-route.com or use our services.

This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Personal Data

We may collect the following personal data:

  • Name and contact information (email address, phone number, postal address)
  • Business information (company name, job title)
  • Communication records (emails, phone calls, meeting notes)
  • Website usage data (IP address, browser type, pages visited)
  • Marketing preferences and consent records

2.2 Technical Data

We automatically collect certain technical information:

  • IP address and location data
  • Browser type and version
  • Operating system and device information
  • Pages visited and time spent on our website
  • Referring website addresses

3. How We Use Your Information

We use your personal data for the following purposes:

  • Providing and improving our web development and e-commerce services
  • Communicating with you about our services and responding to enquiries
  • Sending marketing communications (with your consent)
  • Analysing website usage to improve user experience
  • Complying with legal obligations and protecting our rights
  • Processing payments and maintaining business records

4. Legal Basis for Processing

We process your personal data based on:

  • Consent: For marketing communications and non-essential cookies
  • Contract: To provide our services and fulfil contractual obligations
  • Legitimate Interest: For business development, website analytics, and service improvement
  • Legal Obligation: To comply with applicable laws and regulations

5. Data Sharing and Disclosure

We may share your personal data with:

  • Service providers and contractors who assist in our business operations
  • Professional advisors (lawyers, accountants, consultants)
  • Government authorities when required by law
  • Third parties in connection with business transfers or acquisitions

We do not sell your personal data to third parties for marketing purposes.

6. International Transfers

Your personal data may be transferred to and processed in countries outside the UK. When this occurs, we ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard contractual clauses
  • Other appropriate safeguards as approved by the UK ICO

7. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes outlined in this policy:

  • Client data: For the duration of our business relationship plus 7 years for tax purposes
  • Marketing data: Until you withdraw consent or we determine it's no longer relevant
  • Website analytics: Up to 26 months
  • Financial records: 7 years as required by UK law

8. Your Rights

Under UK GDPR, you have the following rights:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request limitation of data processing
  • Right to Data Portability: Request transfer of your data
  • Right to Object: Object to processing based on legitimate interest
  • Right to Withdraw Consent: Withdraw consent for marketing communications

To exercise these rights, contact us at [email protected].

9. Cookies and Tracking

We use cookies and similar technologies to:

  • Ensure proper website functionality
  • Analyse website performance and user behaviour
  • Personalise content and advertisements
  • Remember your preferences and settings

For detailed information about our cookie usage, please see our Cookie Policy.

10. Security

We implement appropriate technical and organisational measures to protect your personal data:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and staff training
  • Secure data storage and backup procedures
  • Incident response and breach notification procedures

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

12. Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

14. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

Crystal Route
45 Britannia Street
Manchester M1 3FY
United Kingdom

Email: [email protected]
Phone: +44 161 524 7892

15. Complaints

If you believe we have not handled your personal data in accordance with this policy, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Phone: 0303 123 1113
Website: ico.org.uk

Return to Homepage Terms of Service Cookie Policy