Privacy Policy
This Privacy Policy explains how Correct Conditions collects, uses, stores and protects personal information when you use our website, contact us, request a review or work with us.
1. Who we are
Correct Conditions provides commercial heat pump design assurance reviews, system health checks, monitoring support and performance improvement services.
For the purposes of data protection law, Correct Conditions is the data controller for the personal information we collect through this website, enquiry forms, email communication and direct business contact.
Business name: Correct Conditions
Website: www.correctconditions.co.uk
Email: info@correctconditions.co.uk
Summary
We only aim to collect information that is necessary to respond to enquiries, provide our services, manage client projects, meet legal obligations and improve how our website and business operate.
We do not sell personal information.
2. Information we may collect
Contact information
Name, company name, job title, email address, phone number and business address where provided.
Project information
Project name, site details, system type, heat pump information, enquiry details, issues, objectives and information provided in relation to a review.
Communication records
Emails, form submissions, meeting notes, call notes, proposal records and other communication relating to enquiries or projects.
Website information
Basic website usage information such as pages visited, form interactions, device type, browser type, approximate location and referral source where analytics or cookies are used.
Billing information
Purchase order details, invoice information, payment status, company billing details and accounting records.
Technical documents
Where provided for a project, we may receive schematics, schedules, BMS data, fault logs, operating notes, equipment selections and other project information.
3. How we collect information
We may collect personal information when you:
- Submit a website enquiry or review request form
- Contact us by email, phone, LinkedIn or other business channels
- Request a proposal, review, report or monitoring service
- Provide project documents or site information
- Attend meetings, calls or site visits
- Use our website
- Become a client, supplier or business contact
4. Why we use your information
We use personal information for the following purposes:
- To respond to enquiries and review requests
- To assess whether we can assist with a project
- To prepare proposals, quotations and scopes of work
- To deliver design assurance reviews, system health checks, PIP and related services
- To manage client relationships and project communication
- To issue invoices, manage payments and keep accounting records
- To improve our services, website and internal processes
- To meet legal, tax, accounting and regulatory obligations
- To protect our business, clients, systems and legal position
5. Lawful bases for using personal information
| Purpose | Lawful basis |
|---|---|
| Responding to enquiries and review requests | Legitimate interests and/or steps before entering into a contract |
| Preparing proposals and delivering services | Contract and legitimate interests |
| Managing client projects and communication | Contract and legitimate interests |
| Billing, accounting and tax records | Legal obligation and contract |
| Improving our website, services and processes | Legitimate interests |
| Marketing updates where applicable | Consent or legitimate interests, depending on the communication type |
| Protecting our business, systems and legal position | Legitimate interests and legal obligation where applicable |
6. Project documents and technical data
Correct Conditions may receive technical project information as part of a design review, system health check or monitoring service. This may include schematics, schedules, equipment selections, BMS data, fault logs, site notes, commissioning information and operational data.
We treat project information as confidential unless it is already public or agreed otherwise. We only use project information for the purpose of assessing, quoting, delivering or managing the relevant service.
Where documents include personal information, such as names, email addresses, signatures or contact details, that information will be handled in line with this Privacy Policy.
AI and client data
We will not knowingly upload confidential client documents or personal information into an AI workflow unless there is an appropriate business reason, the use is permitted by policy, and suitable confidentiality and data protection controls are in place.
Where possible, project information should be minimised, redacted or anonymised before being used in any AI-assisted workflow.
7. Who we may share information with
We may share personal information with trusted third parties where necessary to run our business, deliver services, meet legal obligations or protect our legal position.
Business systems
Website hosting, CRM, forms, email, document storage, project management and business administration platforms.
Professional advisers
Accountants, bookkeepers, legal advisers, insurance providers and other professional advisers where required.
Project parties
Clients, consultants, contractors, manufacturers or project stakeholders where necessary for the agreed scope of work.
Payment and finance providers
Banks, payment processors, accounting software and finance systems used for billing and payment administration.
Legal or regulatory bodies
HMRC, regulators, courts, insurers or law enforcement where we are legally required or where it is necessary to protect our position.
Technical support providers
IT support, cyber security, hosting, backup and system maintenance providers where necessary.
8. International transfers
Some of the systems and service providers we use may process or store information outside the United Kingdom. Where this happens, we will take reasonable steps to ensure appropriate safeguards are in place in line with applicable data protection law.
These safeguards may include using providers with appropriate contractual protections, recognised transfer mechanisms, UK or EU data protection terms, or other suitable controls.
9. How long we keep information
We only keep personal information for as long as reasonably necessary for the purpose it was collected, including to meet legal, accounting, reporting, contractual and operational requirements.
| Record type | Typical retention period |
|---|---|
| General enquiries and leads | Up to 24 months unless opted out, deleted earlier or converted into a client/project record |
| Client project records | Retained for the contracted period and then archived or deleted in line with project closure policy |
| Quotes, proposals and commercial records | Kept for business, legal and accounting purposes |
| Invoices and accounting records | Kept as required by tax and accounting rules |
| Marketing preferences | Kept until you unsubscribe or ask us to remove/update your preferences |
10. How we protect information
We use reasonable technical and organisational measures to protect personal information against unauthorised access, loss, misuse, alteration or disclosure.
These measures may include password protection, access controls, secure cloud systems, device security, limited user permissions, backups and internal data handling procedures.
No online system is completely risk-free, but we aim to handle information responsibly and keep access limited to those who need it.
11. Cookies and website analytics
Our website may use cookies or similar technologies to make the website work, understand how visitors use the site and improve user experience.
Essential cookies may be used to operate the website. Analytics or marketing cookies will only be used where enabled and where the required consent or lawful basis applies.
You can usually control cookies through your browser settings. If a cookie banner is used on this website, you can manage your preferences through that banner.
12. Your data protection rights
Depending on the circumstances, you may have the following rights in relation to your personal information:
Access
Ask for a copy of the personal information we hold about you.
Correction
Ask us to correct information that is inaccurate or incomplete.
Erasure
Ask us to delete personal information where there is no reason for us to keep it.
Restriction
Ask us to restrict how we use your information in certain circumstances.
Objection
Object to certain uses of your information, including some legitimate interest processing.
Portability
Ask for certain information to be provided in a portable format where applicable.
Withdraw consent
Withdraw consent where we rely on consent as the lawful basis.
Complain
Raise a concern with us or with the UK Information Commissioner’s Office.
To exercise your rights, contact us at: info@correctconditions.co.uk
13. Marketing communication
We may contact business contacts with relevant information about our services, insights or updates where permitted by law.
You can ask us to stop sending marketing communication at any time by using the unsubscribe option where provided or by contacting us directly.
We will not sell your personal information to third parties for marketing purposes.
14. Complaints
If you have a concern about how we handle your personal information, please contact us first so we can try to resolve the issue.
You also have the right to complain to the UK Information Commissioner’s Office.
15. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our business, services, systems or legal requirements.
The latest version will be published on this page with the updated date shown at the top.
Questions about this policy?
Contact Correct Conditions if you have any questions about how we handle personal information.
Email Correct Conditions