Skip to main content
Privacy Policy

Privacy Policy

This Privacy Policy explains how Correct Conditions collects, uses, stores and protects personal information when you use our website, contact us, request a review or work with us.

Websitewww.correctconditions.co.uk
Contactinfo@correctconditions.co.uk
Last updatedJuly 2026

1. Who we are

Correct Conditions provides commercial heat pump design assurance reviews, system health checks, monitoring support and performance improvement services.

For the purposes of data protection law, Correct Conditions is the data controller for the personal information we collect through this website, enquiry forms, email communication and direct business contact.

Business name: Correct Conditions
Website: www.correctconditions.co.uk
Email: info@correctconditions.co.uk

Summary

We only aim to collect information that is necessary to respond to enquiries, provide our services, manage client projects, meet legal obligations and improve how our website and business operate.

We do not sell personal information.

2. Information we may collect

Contact information

Name, company name, job title, email address, phone number and business address where provided.

Project information

Project name, site details, system type, heat pump information, enquiry details, issues, objectives and information provided in relation to a review.

Communication records

Emails, form submissions, meeting notes, call notes, proposal records and other communication relating to enquiries or projects.

Website information

Basic website usage information such as pages visited, form interactions, device type, browser type, approximate location and referral source where analytics or cookies are used.

Billing information

Purchase order details, invoice information, payment status, company billing details and accounting records.

Technical documents

Where provided for a project, we may receive schematics, schedules, BMS data, fault logs, operating notes, equipment selections and other project information.

3. How we collect information

We may collect personal information when you:

  • Submit a website enquiry or review request form
  • Contact us by email, phone, LinkedIn or other business channels
  • Request a proposal, review, report or monitoring service
  • Provide project documents or site information
  • Attend meetings, calls or site visits
  • Use our website
  • Become a client, supplier or business contact

4. Why we use your information

We use personal information for the following purposes:

  • To respond to enquiries and review requests
  • To assess whether we can assist with a project
  • To prepare proposals, quotations and scopes of work
  • To deliver design assurance reviews, system health checks, PIP and related services
  • To manage client relationships and project communication
  • To issue invoices, manage payments and keep accounting records
  • To improve our services, website and internal processes
  • To meet legal, tax, accounting and regulatory obligations
  • To protect our business, clients, systems and legal position

5. Lawful bases for using personal information

PurposeLawful basis
Responding to enquiries and review requestsLegitimate interests and/or steps before entering into a contract
Preparing proposals and delivering servicesContract and legitimate interests
Managing client projects and communicationContract and legitimate interests
Billing, accounting and tax recordsLegal obligation and contract
Improving our website, services and processesLegitimate interests
Marketing updates where applicableConsent or legitimate interests, depending on the communication type
Protecting our business, systems and legal positionLegitimate interests and legal obligation where applicable

6. Project documents and technical data

Correct Conditions may receive technical project information as part of a design review, system health check or monitoring service. This may include schematics, schedules, equipment selections, BMS data, fault logs, site notes, commissioning information and operational data.

We treat project information as confidential unless it is already public or agreed otherwise. We only use project information for the purpose of assessing, quoting, delivering or managing the relevant service.

Where documents include personal information, such as names, email addresses, signatures or contact details, that information will be handled in line with this Privacy Policy.

AI and client data

We will not knowingly upload confidential client documents or personal information into an AI workflow unless there is an appropriate business reason, the use is permitted by policy, and suitable confidentiality and data protection controls are in place.

Where possible, project information should be minimised, redacted or anonymised before being used in any AI-assisted workflow.

7. Who we may share information with

We may share personal information with trusted third parties where necessary to run our business, deliver services, meet legal obligations or protect our legal position.

Business systems

Website hosting, CRM, forms, email, document storage, project management and business administration platforms.

Professional advisers

Accountants, bookkeepers, legal advisers, insurance providers and other professional advisers where required.

Project parties

Clients, consultants, contractors, manufacturers or project stakeholders where necessary for the agreed scope of work.

Payment and finance providers

Banks, payment processors, accounting software and finance systems used for billing and payment administration.

Legal or regulatory bodies

HMRC, regulators, courts, insurers or law enforcement where we are legally required or where it is necessary to protect our position.

Technical support providers

IT support, cyber security, hosting, backup and system maintenance providers where necessary.

8. International transfers

Some of the systems and service providers we use may process or store information outside the United Kingdom. Where this happens, we will take reasonable steps to ensure appropriate safeguards are in place in line with applicable data protection law.

These safeguards may include using providers with appropriate contractual protections, recognised transfer mechanisms, UK or EU data protection terms, or other suitable controls.

9. How long we keep information

We only keep personal information for as long as reasonably necessary for the purpose it was collected, including to meet legal, accounting, reporting, contractual and operational requirements.

Record typeTypical retention period
General enquiries and leadsUp to 24 months unless opted out, deleted earlier or converted into a client/project record
Client project recordsRetained for the contracted period and then archived or deleted in line with project closure policy
Quotes, proposals and commercial recordsKept for business, legal and accounting purposes
Invoices and accounting recordsKept as required by tax and accounting rules
Marketing preferencesKept until you unsubscribe or ask us to remove/update your preferences

10. How we protect information

We use reasonable technical and organisational measures to protect personal information against unauthorised access, loss, misuse, alteration or disclosure.

These measures may include password protection, access controls, secure cloud systems, device security, limited user permissions, backups and internal data handling procedures.

No online system is completely risk-free, but we aim to handle information responsibly and keep access limited to those who need it.

11. Cookies and website analytics

Our website may use cookies or similar technologies to make the website work, understand how visitors use the site and improve user experience.

Essential cookies may be used to operate the website. Analytics or marketing cookies will only be used where enabled and where the required consent or lawful basis applies.

You can usually control cookies through your browser settings. If a cookie banner is used on this website, you can manage your preferences through that banner.

12. Your data protection rights

Depending on the circumstances, you may have the following rights in relation to your personal information:

Access

Ask for a copy of the personal information we hold about you.

Correction

Ask us to correct information that is inaccurate or incomplete.

Erasure

Ask us to delete personal information where there is no reason for us to keep it.

Restriction

Ask us to restrict how we use your information in certain circumstances.

Objection

Object to certain uses of your information, including some legitimate interest processing.

Portability

Ask for certain information to be provided in a portable format where applicable.

Withdraw consent

Withdraw consent where we rely on consent as the lawful basis.

Complain

Raise a concern with us or with the UK Information Commissioner’s Office.

To exercise your rights, contact us at: info@correctconditions.co.uk

13. Marketing communication

We may contact business contacts with relevant information about our services, insights or updates where permitted by law.

You can ask us to stop sending marketing communication at any time by using the unsubscribe option where provided or by contacting us directly.

We will not sell your personal information to third parties for marketing purposes.

14. Complaints

If you have a concern about how we handle your personal information, please contact us first so we can try to resolve the issue.

You also have the right to complain to the UK Information Commissioner’s Office.

Visit the ICO complaints page

15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business, services, systems or legal requirements.

The latest version will be published on this page with the updated date shown at the top.

Questions about this policy?

Contact Correct Conditions if you have any questions about how we handle personal information.

Email Correct Conditions