Ember Tech Solutions

Privacy Policy

How we collect, use, and protect information for Ember Tech Solutions’ websites, automation platforms, and client services.

Last updated: 9 November 2025

1. Who we are

Ember Tech Solutions (“Ember”, “we”, “us”) designs and operates bespoke automation, data collection, and reporting systems for UK businesses. We are based in Newmarket, United Kingdom and serve clients UK‑wide. You can contact us at paul@ember-tech-solutions.co.uk.

2. Data we collect

We collect and process information in four ways:

  • Website interactions – When you browse our site, we store essential cookies/local storage to keep the site running and to remember cookie preferences. We do not use advertising or profiling cookies.
  • Contact forms & enquiries – If you submit a form, book a consultation, or email us, we collect your name, contact details, company information, and project description so we can respond.
  • Client projects – When engaged, we process the data you provide (e.g. watch lists, KPIs, schedule configurations) and the information our systems collect on your behalf (e.g. market listings, stock availability). Sources are limited to what you instruct us to use.
  • Operational telemetry – To maintain reliability, we log system health information (timestamps, error events, job counts). These logs exclude the personal data of your end users unless such data is inherent in the project you commission.

3. Why we use your data

We rely on the following lawful bases under UK GDPR:

  • Legitimate interests – To respond to enquiries, improve services, secure our platforms, and provide analytics that keep your systems running as expected.
  • Contractual necessity – To deliver the automation, dashboarding, and alerting services you have asked us to build and support.
  • Consent – For optional communications (e.g. newsletters) or where you request access to beta features. You can withdraw consent at any time.
  • Legal obligation – To meet financial, taxation, or regulatory obligations in the UK.

4. Cookies and similar technologies

We keep cookies simple:

  • Essential cookies/local storage – Used to remember cookie preferences, secure form submissions, and keep session-based features functioning.
  • Optional integrations – Contact forms may use third-party processors (e.g. secure email form services) that set strictly necessary cookies to prevent abuse. We only enable these where required for the functionality you request.
  • No advertising or analytics cookies – We do not run ad networks, retargeting, or behavioural analytics that track you across sites.

You can manage cookie choices via your browser settings or by updating your preferences at any time using the link in our cookie banner.

5. Third-party processors

We work with carefully selected providers, all of whom commit to GDPR-compliant processing:

  • Hosting & infrastructure – Firebase Hosting (Google Cloud, EU/UK data centres) for static site delivery and CDN security.
  • Communication tools – Email and secure form providers to handle inbound enquiries.
  • Automation infrastructure – Cloud services required to run the data collection and reporting tasks you commission (e.g. job schedulers, storage buckets, queueing services). These are provisioned per project and detailed in your Statement of Work.

We enter into data processing agreements with each provider and limit access to what is required to operate your solution.

6. Data retention

We retain data for only as long as necessary:

  • Enquiry information: 24 months after last contact unless you become a client.
  • Client project data: for the duration of the agreement plus up to 12 months to support renewals or migrations, unless a different period is defined in your contract.
  • Operational logs: typically 90 days, extended only for investigation or compliance needs.
  • Financial records: 7 years, per HMRC requirements.

When data is no longer needed, we securely delete or anonymise it.

7. Your rights

If you are based in the UK or EU, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate or incomplete data
  • Request deletion (where we are not legally required to retain it)
  • Object to or restrict processing in certain circumstances
  • Receive a copy of your data in a portable format
  • Lodge a complaint with the Information Commissioner’s Office (ICO) at https://ico.org.uk/

To exercise any of these rights, email paul@ember-tech-solutions.co.uk. We will respond within one calendar month.

8. International transfers

Our primary infrastructure is located in the UK or EU. Where data must leave the UK/EU (for example, if a specialist tool operates in another region), we use providers that apply appropriate safeguards such as Standard Contractual Clauses. Any such transfers are documented in your project agreement.

9. Security

We implement layered security controls including encrypted transport (HTTPS/TLS), access controls, audit logging, rate limiting, and regular monitoring. For bespoke systems, we provide you with documentation covering authentication, data flow, and incident response procedures.

10. Children

Our services are intended for business users. We do not knowingly collect or process personal data relating to children under 16.

11. Updates to this policy

We review our privacy policy whenever we introduce new services or change how we process data. Any material updates will be highlighted on this page and, where appropriate, communicated directly to clients. The date at the top shows when this policy was last updated.

12. Contact

If you have questions about this policy or how we handle your data, contact:

Ember Tech Solutions
Newmarket, United Kingdom
paul@ember-tech-solutions.co.uk