Privacy Policy

Last Updated 15th November 2025

 

1. Introduction

This Privacy Policy explains how MACH ENERGY SERVICES LTD (“we,” “us,” or “our”) collects and processes personal data under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
We are committed to protecting your privacy and only collecting personal data where it is strictly necessary for work-related purposes.

2. Data Controller

For the purposes of UK GDPR, the data controller is:
MACH ENERGY SERVICES LTD
Email: info@machenergy.co.uk
Phone: +44 7777777777

3. Personal Data We Collect

We only collect personal information required to carry out our work-related functions. This may include:

Name

Contact information (email address, telephone number, business address)

Work-related documents you provide

Information necessary for communication, service delivery, or contractual obligations

We do not collect personal data for marketing, analytics, or any non-essential purposes.

4. Lawful Basis for Processing

We process personal data solely on the following lawful bases:

Contractual necessity – to perform work or deliver services

Legal obligation – to comply with UK law

Legitimate interests – limited to essential business operations
We do not process personal data based on consent for marketing or unrelated purposes.

5. How We Use Personal Data

Personal information is used only for work-related purposes, including:

Providing and managing our services

Communicating with clients, suppliers, or partners

Managing accounts, records, and internal operations

Meeting legal or regulatory obligations

We do not sell, share, or use personal data for advertising, profiling, or any non-work-related activity.

6. Data Sharing

We only share personal data when necessary to:

Complete work-related tasks

Fulfil contractual or legal obligations

Use trusted third-party service providers (e.g., secure email, document storage)

Any third-party processors must follow strict data protection rules under formal agreements.

7. International Transfers

If personal data is transferred outside the UK, it will only be done where adequate safeguards are in place, such as UK-approved standard contractual clauses.

8. Data Security

We use appropriate technical and organisational measures to protect data against:

Unauthorised access

Loss or theft

Misuse or alteration

Only authorised personnel have access to personal data.

9. Data Retention

Personal data is retained only as long as necessary for work-related purposes or legal requirements. When no longer needed, it is securely deleted or anonymised.

10. Your Rights Under UK GDPR

You have the right to:

Access your personal data

Request correction of inaccurate data

Request deletion (where legally permissible)

Restrict or object to processing in certain situations

Request data portability

Complain to the Information Commissioner’s Office (ICO)

You can exercise these rights by contacting us at the details provided.

ICO Contact Details

Information Commissioner’s Office (ICO)
Website: www.ico.org.uk
Helpline: 0303 123 1113

11. Changes to This Policy

We may update this Privacy Policy from time to time. Updated versions will be published with an amended “Last Updated” date.

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.