Privacy & Cookie Policy
Last updated: 14/01/2026
1. Introduction
BYTNAR LTD ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy & Cookie Policy explains how we collect, use, store, and protect personal data when you visit our website, contact us, or engage our professional services.
Website: https://www.bytnarengineeringsolutions.com
By using our website or services, you acknowledge that you have read and understood this policy.
2. Data Controller
BYTNAR LTD is the data controller for the purposes of the UK GDPR.
Registered Office:
75 Sir Henry Brackenbury Road
Ashford, TN23 3FJ, United Kingdom
Email: info@bytnar.co.uk
Data protection matters are handled by the company director or a designated senior representative.
Data Protection Officer
We are not required to appoint a Data Protection Officer (DPO) under UK GDPR and have not appointed one.
Data protection matters are handled by the company director or a designated senior representative.
If you have any questions about this policy or how we handle personal data, please contact us at info@bytnar.co.uk.
3. Legal Bases for Processing
We process personal data only where permitted under UK GDPR. The lawful bases we rely on depend on the purpose for which the data is used, as set out below:
• Contract – where processing is necessary to prepare quotations, enter into contracts, or deliver our professional engineering and design services.
• Legitimate interests – where processing is necessary for our legitimate business interests, including responding to enquiries, managing client and supplier relationships, delivering services efficiently, maintaining website security, preventing fraud, and improving our website and services. We ensure that our legitimate interests do not override the rights and freedoms of individuals.
• Legal obligation – where processing is required to comply with legal and regulatory obligations, including accounting, tax, insurance, and record-keeping requirements.
• Consent – where required for marketing communications to new contacts and for the use of non-essential cookies and similar technologies.
Where you contact us via our website contact form or by email, we process your personal data on the basis of our legitimate interests in responding to enquiries and managing business communications.
4. Providing Personal Data
In most cases, providing personal data is not a statutory requirement. However, certain personal data is required in order for us to respond to enquiries, prepare quotations, enter into contracts, and deliver our services.
If you choose not to provide required personal data, we may be unable to respond to your enquiry, provide a quotation, or perform our contractual obligations. In some cases, we are legally required to collect and retain certain information (such as financial records) to comply with our statutory obligations.
5. Personal Data We Collect
Data you provide
-
Name, address, email, phone number
-
Company name and role
-
Project-related information
-
Correspondence
-
CVs (where applicable)
Automatically collected data
-
IP address
-
Browser and device information
-
Website usage data
Financial data
-
Bank details for payment purposes
-
Invoices and transaction records
Photographs
-
Project photographs are used internally only for records and design purposes
6. Sources of Personal Data
In most cases, we collect personal data directly from individuals. However, we may occasionally receive personal data from third parties, including:
• Recruitment agencies or professional recruiters (e.g. CVs)
• Clients, professional contacts, or referrals
• Subcontractors or project partners
• Publicly available professional sources (such as business websites or professional networking platforms)
Where we receive personal data from third parties, we ensure that such data is handled in accordance with this Privacy & Cookie Policy and applicable data protection law.
7. How We Use Your Data
We use personal data to:
-
Provide professional engineering and design services
-
Communicate regarding enquiries and projects
-
Maintain business and regulatory records
-
Improve our website and services
-
Prevent fraud and protect business interests
We do not sell personal data.
Our website and services are not intended for children, and we do not knowingly collect personal data from individuals under the age of 16.
8. Marketing Communications
We may contact existing clients with information about our own services that are similar to those they have previously received, where permitted under applicable marketing laws and based on our legitimate interests.
We will only send marketing communications to new contacts where we have obtained appropriate consent or where another lawful basis applies.
You have an absolute right to object to direct marketing at any time. You can opt out by contacting us at info@bytnar.co.uk or by using the unsubscribe option included in any marketing communication.
9. Cookies & Analytics
What are cookies?
Cookies are small text files stored on your device when you visit a website. They help the website function correctly and provide information about how the site is used.
Types of cookies we use:
• Strictly necessary cookies – required for the operation and security of our website. These cookies do not require consent.
• Analytics cookies – used to understand how visitors interact with our website (for example, Google Analytics). These cookies are only set if you provide consent.
Cookies used
Cookie Provider Purpose Duration
_ga Google Website analytics 2 years
_gid Google Website analytics 24 hours
Consent and cookie control
Non-essential cookies are not placed on your device unless you provide consent via our cookie banner. You can manage or withdraw your cookie preferences at any time using the Cookie Settings option on our website.
Analytics cookies are processed on the basis of your consent under Article 6(1)(a) UK GDPR.
Cookies are used in accordance with UK GDPR and the Privacy and Electronic Communications Regulations (PECR).
10. Data Sharing
We may share personal data with trusted third parties where necessary to operate our business and provide our services. These include:
• Website hosting and IT service providers
• Email and communications providers
• Analytics providers (where consent has been given)
• Accounting and invoicing software providers
• Banks and payment service providers
• Insurers
• Professional advisers (legal and accounting)
• Subcontractors or project partners where required for service delivery
We only share personal data where necessary. All third parties are required to protect personal data and to process it only in accordance with our instructions and applicable data protection law.
11. International Data Transfers
Some of our third-party service providers are based outside the United Kingdom or process data on servers located outside the UK, particularly in the United States (for example, where we use analytics or embedded content providers).
Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, including the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses.
We also carry out transfer risk assessments where required and take steps to ensure that personal data continues to be protected to UK GDPR standards.
12. Data Storage & Security
We use reasonable technical and organisational measures to protect personal data, including password-protected systems and secure physical storage.
Electronic transmission of data cannot be guaranteed to be fully secure.
In the event of a personal data breach that is likely to result in a risk to individuals’ rights and freedoms, we will notify the Information Commissioner’s Office and affected individuals where legally required.
13. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, and professional obligations.
Our retention periods are as follows:
• Client project files: retained for the duration of the project and for up to 6 years thereafter.
• Financial and accounting records: retained for 6 years after the end of the relevant financial year.
• Marketing data: retained until consent is withdrawn or an objection to marketing is raised.
• CVs and recruitment data: retained for up to 12 months after the recruitment decision.
• Website enquiries and general correspondence: retained for up to 12 months after the last contact, unless a contract is entered into or longer retention is required for legal or contractual reasons.
• Emails and business correspondence relating to contracts, projects, or disputes: retained for up to 6 years.
14. Your Rights
You have the right to:
-
Access your personal data
-
Request correction or deletion
-
Restrict or object to processing
-
Withdraw consent
-
Request data portability (where applicable)
How to Exercise Your Rights
To exercise your data protection rights, please contact us at info@bytnar.co.uk. You may find it helpful to use the subject line “Data Protection Request”.
We may request additional information to verify your identity before responding to a request. This is to ensure that personal data is not disclosed to the wrong person.
We aim to respond to all valid requests within one month. Where a request is complex or multiple requests are received, this period may be extended in accordance with applicable data protection law. We will notify you if an extension is required.
You may also lodge a complaint with the Information Commissioner’s Office (ICO).
Information Commissioner’s Office (ICO)
Website: https://www.ico.org.uk
Telephone: 0303 123 1113
15. Automated Decision-Making
We do not use automated decision-making or profiling.
16. Third-Party Links
We are not responsible for the privacy practices of third-party websites linked from our site.
17. Policy Updates
This policy may be updated periodically. The latest version will always be published on our website.