Privacy

Privacy Policy

1. Introduction

Glimvorten Energy Ltd ("we," "us," "our," or "Company") is committed to protecting your privacy and ensuring you have a positive experience on our website and when using our services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in accordance with the UK General Data Protection Regulation (GDPR), the Data Protection Act 2018, and other applicable UK and EU data protection laws.

This Privacy Policy applies to all information collected through our website (www.glimvorten.com), mobile applications, and any associated services, as well as offline collection methods. Please read this policy carefully. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide to us, including but not limited to:

  • Contact information (name, email address, phone number, postal address)
  • Company information (organisation name, industry, size, VAT number)
  • Service enquiry details and preferences
  • Correspondence and communications with us
  • Information provided when registering for events, webinars, or training
  • Payment and billing information
  • Feedback, comments, and survey responses

2.2 Information Collected Automatically

When you visit our website or use our services, we automatically collect certain information, including:

  • IP address and device identifiers
  • Browser type and operating system
  • Pages visited, time spent on pages, and navigation paths
  • Referring website and links clicked
  • Search terms and queries
  • Access times and frequency

2.3 Cookies and Tracking Technologies

We use cookies, web beacons, pixels, and similar tracking technologies to enhance your experience, understand usage patterns, and improve our services. These may be used to remember your preferences, track online activities, and deliver targeted content. Please refer to our separate Cookie Policy for detailed information about how we use cookies.

2.4 Information from Third Parties

We may receive information about you from third parties, such as:

  • Business partners and referral sources
  • Service providers and data processors
  • Public databases and government registers
  • Social media platforms
  • Marketing and analytics providers

3. How We Use Your Information

We use the information we collect for various purposes, including:

  • Service Delivery: To provide, maintain, and improve our renewable energy audit and sustainability services
  • Communication: To respond to your enquiries, send updates, and communicate about our services
  • Marketing: To send promotional materials, newsletters, and marketing communications (with your consent)
  • Analytics: To understand user behaviour, website performance, and improve our digital presence
  • Legal Compliance: To comply with legal obligations, regulations, and contractual requirements
  • Security: To protect against fraud, detect security breaches, and ensure data integrity
  • Business Operations: For invoicing, accounting, auditing, and general business administration
  • Research and Development: To develop new services and improve existing offerings

4. Legal Basis for Processing

Under GDPR, we process your personal data only on the basis of one or more of the following legal grounds:

  • Contract: Processing is necessary to perform a contract with you
  • Consent: You have explicitly given consent for specific processing activities
  • Legal Obligation: Processing is required by UK or EU law
  • Legitimate Interests: Processing is necessary for our legitimate business interests or those of third parties
  • Public Task: Processing is necessary for tasks in the public interest
  • Vital Interests: Processing is necessary to protect vital interests of individuals

5. Data Sharing and Disclosure

5.1 Third-Party Service Providers

We may share your information with trusted service providers who assist us in operating our website, conducting business operations, and serving you. These include cloud storage providers, email marketing platforms, payment processors, and analytics services. All service providers are bound by confidentiality agreements and comply with data protection regulations.

5.2 Business Partners

With your consent, we may share information with business partners to deliver combined or co-branded services. We require all partners to maintain appropriate security measures and comply with data protection laws.

5.3 Legal Requirements

We may disclose your information when required by law, court order, or government request, or when we believe in good faith that such disclosure is necessary to:

  • Comply with applicable laws and regulations
  • Enforce our terms of service and other agreements
  • Protect the security or integrity of our services
  • Protect the rights, privacy, safety, and property of our company, users, and the public

5.4 Business Transfers

If Glimvorten Energy Ltd is involved in a merger, acquisition, bankruptcy, dissolution, reorganisation, or similar transaction, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

5.5 Anonymised Data

We may share anonymised or aggregated information that cannot reasonably be used to identify you with third parties for marketing, analytics, research, and other purposes without restriction.

6. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required by law or regulation. Specific retention periods include:

  • Contract-related data: For the duration of the contract and 7 years thereafter for tax and audit purposes
  • Marketing communications: Until you unsubscribe or withdraw consent
  • Website analytics: Typically 24 months from the date of collection
  • Enquiry data: For 3 years or as required by business necessity

When information is no longer needed, we will securely delete or anonymise it. However, we may retain data longer if required by law, for legal claims, or to exercise legal rights.

7. Your Rights Under GDPR

You have the following rights regarding your personal data:

7.1 Right of Access

You have the right to obtain confirmation of whether we process your data and to receive a copy of your personal data in a structured, commonly used, and machine-readable format.

7.2 Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data.

7.3 Right to Erasure

You have the right to request deletion of your personal data under certain circumstances, such as when data is no longer necessary or consent is withdrawn.

7.4 Right to Restrict Processing

You have the right to request that we limit the processing of your data while we verify the accuracy or assess the legitimacy of our processing.

7.5 Right to Data Portability

You have the right to receive your personal data in a portable format and to transmit it to another controller without hindrance.

7.6 Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we have compelling legitimate grounds or legal obligations.

7.7 Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing that significantly affects you.

7.8 Right to Withdraw Consent

Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, please contact us using the details provided in section 10 below.

8. Data Security

We implement comprehensive technical, physical, and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Secure password protocols and multi-factor authentication
  • Regular security audits and penetration testing
  • Access controls limiting data to authorised personnel
  • Secure disposal of redundant data
  • Staff training on data protection and privacy practices
  • Incident response procedures

However, no method of transmission over the internet is completely secure. While we strive to protect your information, we cannot guarantee absolute security. You acknowledge and accept these risks.

9. International Data Transfers

Following Brexit, the UK has independent data protection arrangements. Where we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place, including:

  • Adequacy decisions recognised by the UK government
  • Standard contractual clauses approved by regulatory authorities
  • Binding corporate rules where applicable
  • Explicit consent where required

10. Contact Us and Data Protection Officer

If you have questions about this Privacy Policy, wish to exercise your rights, or have concerns about our data processing practices, please contact us:

Glimvorten Energy Ltd

15-19 Bloomsbury Way

London WC1A 2TH

United Kingdom

Email: info@glimvorten.com

Phone: +44 20 3148 5590

VAT: GB921475306

Registration: 14205831

You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have breached your data protection rights:

Information Commissioner's Office (ICO)

Wycliffe House

Water Lane

Wilmslow

Cheshire SK9 5AF

Website: www.ico.org.uk

Phone: 0303 123 1113

11. Marketing and Communications

We may send you marketing communications about our services, industry insights, and updates if you have consented or where permitted by law. You can unsubscribe from marketing communications at any time by:

  • Clicking the "unsubscribe" link in any marketing email
  • Contacting us directly using the contact details above
  • Updating your preferences in your account settings

Unsubscribing from marketing communications will not affect transactional messages related to services you have requested or contracted.

12. Children's Privacy

Our services are not directed to children under 13 years of age, and we do not knowingly collect personal data from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information and terminate the child's account. Parents or guardians who believe their child has provided information to us should contact us immediately.

13. Third-Party Links

Our website may contain links to third-party websites and services that are not operated by us. This Privacy Policy does not apply to third-party websites, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services before providing your information.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "last revised" date. Your continued use of our services following notification of changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy regularly to stay informed about how we protect your information.

Last Revised: 2026

We use cookies Glimvorten Energy Ltd uses cookies to enhance your experience. Privacy · Cookies