NVT Group Privacy Policy
Last updated: [30-Jul-2025]
NVT Group Ltd (“NVT Group”, “we”, “us”, “our”) is committed to full compliance with the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018. This policy explains how we collect, use, disclose and protect personal data in the course of our operations.
1. Controller Details
For the purposes of data protection law, NVT Group Ltd is the Data Controller for the personal data we collect and process.
Registered Office:
Earn House, Earn Avenue, Bellshill, ML4 3LW, United Kingdom
Company Number: [SC113455]
Email: info@nvt.co.uk
Tel: +44 (0)1698 749000
2. What Personal Data We Collect and Why
We only collect personal data that is necessary for the specific purposes set out below. The type of data and lawful basis for processing are listed below.
| Purpose of Processing | Type of Data | Lawful Basis (Art. 6) |
|---|---|---|
| Contract delivery | Name, email, telephone, business address, job title, device IDs | Article 6(1)(b) – performance of a contract |
| General enquiries | Contact details, nature of enquiry | Article 6(1)(f) – legitimate interests |
| Email marketing | Name, email address | Article 6(1)(a) – consent Article 6(1)(f) – legitimate interests |
| Service monitoring (calls/emails) | Audio recordings, written correspondence | Article 6(1)(f) – legitimate interests |
| Network activity tracking (e.g. logs) | IP address, device identifiers | Article 6(1)(f) – legitimate interests (security) |
3. How We Collect Data
We collect personal data through:
- Direct interactions: contact forms, emails, phone calls, or meetings.
- Contracts or service agreements.
- Automated technologies: cookies, server logs, monitoring tools.
- Third parties or partners providing services on your behalf (if applicable).
We do not collect data from publicly accessible sources without a legal basis or transparency notice.
4. Special Category Data
We do not intentionally collect special category data (e.g., health, ethnicity, political views). If such data is inadvertently collected or processed, it is subject to additional protection under Article 9 UK GDPR and will only be processed with your explicit consent or as legally required.
5. Disclosure of Personal Data
We do not sell personal data under any circumstances.
We may share your personal data with:
- Trusted third-party processors who provide IT, cloud hosting, communications or operational services under binding contractual agreements.
- Legal, regulatory, or governmental authorities, where disclosure is required by law.
- Other professional service providers, such as auditors or insurers, for legitimate compliance or operational purposes.
- Where applicable, other parties involved in a business merger or acquisition.
All third parties are required to meet data protection standards and may only process your data on our documented instructions.
6. International Data Transfers
We may transfer personal data outside the UK (e.g., to cloud-based service providers). In all cases, such transfers are made lawfully using one of the following:
- UK adequacy regulations
- UK International Data Transfer Agreement (IDTA)
- Standard Contractual Clauses (as adapted for UK use)
- Binding Corporate Rules (where applicable)
You may request further information or copies of safeguards in place by contacting us.
7. Retention of Personal Data
We retain personal data only as long as necessary for the original purpose of collection, including for legal, accounting, or reporting obligations. This typically includes:
- Enquiry and marketing data: retained for up to 2 years unless consent is withdrawn earlier.
- Contractual records: retained for up to 6 years after termination.
We may record calls and, if we do, these will be retained for up to 12 months, unless part of an active investigation.
All data is securely erased or anonymised after retention periods expire.
8. Data Subject Rights
Under UK GDPR, you have the following rights:
- Right of access – to obtain a copy of your personal data.
- Right to rectification – to correct inaccurate or incomplete data.
- Right to erasure – to request deletion in certain circumstances.
- Right to restrict processing – to limit how we use your data.
- Right to object – to processing for marketing or where based on our legitimate interests.
- Right to data portability – to transfer your data to another service provider.
- Right to withdraw consent – at any time, where processing is based on consent.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
https://ico.org.uk/make-a-complaint/
To exercise your rights, contact: info@nvt.co.uk
9. Security of Personal Data
We implement appropriate technical and organisational security measures to protect personal data, including:
- Network and endpoint security tools
- Encryption of data in transit (TLS) and at rest
- Access controls, multi-factor authentication
- Regular risk assessments and audits
- Staff training in data protection awareness
10. Automated Decision Making
We do not use personal data for profiling or automated decision-making that has legal or similarly significant effects.
11. Cookies and Tracking
We use cookies for essential website functionality and to improve performance. Non-essential cookies (e.g., analytics) are only used with your prior consent.
See our Cookie Policy for more details.
12. Updates to This Policy
We may amend this Privacy Policy from time to time to reflect changes in legal or business practices. Any updates will be posted on this page, and where material changes occur, we will notify you directly where possible.
13. Contact Us
If you have questions or concerns about this policy or how we handle personal data:
NVT Group Ltd
Earn House, Earn Avenue, Bellshill, ML4 3LW
Email: info@nvt.co.uk
Phone: +44 (0)1698 749000
Email: info@nvt.co.uk