Privacy Policy

1. Privacy Policy Overview

RURAL ASSET CONSULTING ("we", "us", or "our") is committed to protecting the privacy and confidentiality of the individuals and organisations we work with. This Privacy Policy sets out how we handle personal data in connection with our website and our professional environmental consulting, sustainability guidance, land-use advisory, and compliance support services.

We process personal data in accordance with applicable UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We aim to be transparent about what information we collect, how we use it, and the rights you have in relation to your personal data.

This Privacy Policy applies to visitors to our website, prospective and existing clients, representatives of businesses we interact with, and any individuals who contact us with enquiries or booking requests.

2. Data Collection Practices

We collect and process different types of personal data depending on how you interact with our website and services. The categories of data we may collect include:

2.1 Information you provide directly

When you use our website or contact us, you may provide us with:

• Contact details such as your name, business name, job title, email address, phone number, and correspondence address.
• Inquiry and booking information submitted through our contact or inquiry forms on the Contact Us page, including details about your project, the services you are interested in, timelines, and preferences.
• Communication records including the content of emails, telephone discussions (summarised in our notes), or other correspondence you have with us.
• Billing and engagement information such as purchase order details, invoicing information, and records relating to consulting agreements, where relevant.

2.2 Information collected automatically

When you visit our website, we may automatically collect certain technical and usage information, which may constitute personal data when it relates to an identifiable individual. This can include:

• Device and browser information such as IP address, browser type and version, operating system, device identifiers, and similar technical details.
• Usage data including pages visited (for example our Services, Consulting, Advisory, Sustainability, Compliance, Credentials, or Insights pages), time spent on pages, navigation paths, referral sources, and interactions with on-page elements.
• Cookie data and similar identifiers collected via cookies and analytics tools as described in the "Cookies and Tracking Technologies" section below.

2.3 Information from third parties

We may receive personal data about you from trusted third-party sources, such as:

• Referrals or introductions from existing clients or professional partners.
• Publicly available sources and professional platforms relevant to land-use and environmental consulting, where this is appropriate and lawful.

3. How We Use Your Information

We use personal data only where we have a legal basis to do so, including the performance of a contract, our legitimate interests, compliance with legal obligations, or your consent where required. The main purposes for which we process your personal data include:

• Responding to enquiries and booking requests – to respond to questions sent via our website forms, email, or phone, provide information about our services, and arrange consultations or site visits.
• Providing and managing our services – to deliver environmental consulting, sustainability guidance, project advisory, and compliance services; manage client relationships; administer engagements; and communicate about ongoing work.
• Internal planning and analytics – to monitor website performance, understand how visitors engage with our Services and Insights content, improve our user experience, and enhance the relevance, quality, and accessibility of our offerings.
• Business administration – to manage billing, accounting, project records, and other internal administrative functions.
• Compliance and risk management – to comply with our legal obligations, respond to regulatory or law enforcement requests, and maintain appropriate records for auditing, risk management, and dispute resolution.
• Marketing and communications – to send updates, insights, or information about our services where we are permitted to do so, and always with the ability to opt out of such communications.

Where our processing is based on your consent (for example, for certain types of marketing or optional cookies), you can withdraw that consent at any time using the contact details provided in the "Contact Details" section below or using any unsubscribe options we provide.

4. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to help provide a secure, reliable, and user-friendly experience. Cookies are small text files that are placed on your device when you visit our site.

4.1 Types of cookies we may use

• Strictly necessary cookies – required for the website to function properly, such as enabling basic navigation, security features, and access to page content.
• Performance and analytics cookies – used to understand how visitors use our website, measure traffic to pages like Services, Consulting, and Contact Us, and help us improve usability, content, and layout.
• Functionality cookies – used to remember certain user preferences, such as previous form inputs or choices, to provide a smoother browsing experience.

4.2 Managing your cookie preferences

Where required by law, we will present you with a cookie consent banner when you first visit our website, allowing you to accept or reject non-essential cookies. You can change your preferences at any time via your browser settings or applicable cookie controls.

Most web browsers allow you to:

• View which cookies are stored on your device and delete them.
• Block third-party cookies or all cookies from specific websites.
• Set the browser to block all cookies or to delete cookies when you close it.

Please note that disabling certain cookies may affect the functionality or performance of the website. For more detail about our use of cookies, please see our dedicated Cookie Policy.

5. Data Sharing and Third Parties

We do not sell your personal data. We only share personal data with third parties where it is necessary, proportionate, and lawful to do so. The categories of recipients we may share your personal data with include:

• Service delivery partners – trusted consultants or specialist partners involved in the delivery of environmental or land-use projects, where sharing is required to provide the services you request and subject to appropriate confidentiality safeguards.
• IT, hosting, and analytics providers – third-party providers who support our website hosting, data storage, customer relationship management tools, email services, and analytics. These providers are engaged under contracts that require them to protect your personal data and process it only on our instructions.
• Professional advisers – including legal, financial, or risk management advisers, where necessary in connection with our business operations or in the context of legal claims.
• Regulators and public authorities – where we are legally required to share personal data or where disclosure is necessary to protect our rights, your rights, or the rights of others.

Whenever we share personal data with third parties, we only provide the information that is necessary for the relevant purpose, and we ensure that appropriate contractual and organisational safeguards are in place to maintain confidentiality and data protection.

6. Data Storage and Security

We take the security of your personal data seriously and have implemented a combination of physical, technical, and organisational measures to protect it from accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

Our safeguards may include:

• Secure hosting environments and reputable cloud service providers.
• Access controls and authentication measures that limit personal data access to authorised personnel only, based on business need.
• Encryption in transit for data exchanged via our website and email, where appropriate.
• Routine back-up and recovery procedures to maintain service continuity and data integrity.
• Internal policies and training to raise awareness of data protection responsibilities among staff and contractors.

While we strive to use commercially acceptable means to protect your personal data, no system of transmission or storage is completely secure. We regularly review and refine our measures to align with industry best practice and legal requirements.

7. International Data Transfers

Our core operations are based in the United Kingdom. However, some of our trusted service providers or systems may be located outside the UK or the European Economic Area (EEA), or may store data in multiple jurisdictions.

Where personal data is transferred outside the UK or EEA, we ensure that appropriate safeguards are in place to protect it in accordance with applicable data protection law. These safeguards may include:

• Using service providers based in countries that have been recognised as providing an adequate level of data protection.
• Putting in place standard contractual clauses or other approved data transfer mechanisms with recipients, together with additional security measures where appropriate.
• Conducting due diligence on the data protection and security practices of relevant third parties.

If you would like further information about the safeguards we use for international data transfers, please contact us using the details provided in the "Contact Details" section below.

8. Your Data Rights

Under UK data protection law, including UK GDPR, you have a number of rights in relation to the personal data we hold about you. These rights may be subject to certain conditions and exemptions. They include the right to:

• Access – request confirmation of whether we process your personal data and obtain a copy of that data, together with certain additional information.
• Rectification – ask us to correct inaccurate or incomplete personal data we hold about you.
• Erasure – in certain circumstances, request that we delete your personal data, for example where it is no longer needed for the purposes for which it was collected.
• Restriction – request that we restrict the processing of your personal data in certain situations, such as while we are assessing a request for rectification.
• Data portability – request that we provide your personal data in a structured, commonly used, and machine-readable format, and transfer it to another controller where technically feasible.
• Object – object to certain types of processing based on our legitimate interests, including profiling, and object at any time to processing for direct marketing purposes.
• Withdraw consent – where we rely on your consent, withdraw that consent at any time, without affecting the lawfulness of processing carried out before consent was withdrawn.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you are concerned about how we handle your personal data. However, we encourage you to contact us first so we can try to resolve your concerns directly.

To exercise any of your rights, or to ask questions about how we handle your personal data, please contact us using the details in the "Contact Details" section below. We may need to verify your identity before responding to certain requests.

9. Retaining Your Information

We retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, including to meet legal, accounting, or reporting requirements. The specific retention period may depend on factors such as:

• The nature of the data and the context in which it was collected.
• Our contractual obligations and relationship with you.
• Any statutory or regulatory retention requirements that apply to our work in environmental consulting, land-use advisory, and compliance.
• The need to preserve records for audits, dispute resolution, or the establishment, exercise, or defence of legal claims.

When personal data is no longer required for these purposes, we will either securely delete it, anonymise it so that it can no longer be associated with you, or archive it securely with restricted access where continued storage is necessary for a limited time.

10. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or how we process personal data. Any updates will be posted on this page with a revised "Last updated" date.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Where appropriate, we may also notify you of significant changes by email or through a prominent notice on our website.

11. Contact Details

If you have any questions about this Privacy Policy, our data protection practices, or if you wish to exercise your data protection rights, please contact us using the details below:

RURAL ASSET CONSULTING
Website: https://ruralasset.site/
Email: [email protected]
(Please specify that your enquiry relates to "Privacy" or "Data Protection" in the subject line.)

If you are not satisfied with our response or believe that we are not handling your personal data in accordance with the law, you can lodge a complaint with the UK Information Commissioner's Office (ICO) via their website at https://www.ico.org.uk/.

For general enquiries or to learn more about our services, you can also reach us via the form on our Contact Us page.