1. Who We Are
Tooley Engineering Ltd
Unit 3 Aaron Business Centre
Bittern Way, Boston, Lincolnshire
PE21 7NX, United Kingdom
Email: of****@******************co.uk
Phone: 01205 726 989
We are the data controller for the personal data we collect and process through our digital services.
⸻
2. Scope of This Policy
This Policy applies to:
• Our public website, where users can contact us or learn about our services
• Our client portal, where authorised clients access secure engineering documentation
⸻
3. What Information We Collect
We collect and process the following types of personal data, depending on your interaction with us:
a. From Website Visitors:
• Name and email address (submitted via contact forms)
• IP address and browser/device metadata
• Message content (from enquiry submissions)
• Website usage statistics (via analytics tools)
b. From Portal Users:
• Name and email address (provided to us by your organisation or a designated contact)
• Account login and authentication data
• Access logs and usage data
• Password reset requests (tracked for security purposes)
We do not collect sensitive personal data unless specifically required for a lawful purpose, and only with your knowledge.
⸻
4. How We Use Your Information
We process your personal data for the following purposes:
• To respond to enquiries or support requests
• To create, manage, and maintain user accounts
• To grant secure access to engineering documentation and resources
• To improve the performance and security of our services
• To monitor and prevent unauthorised access or malicious activity
• To comply with legal and regulatory obligations
• To conduct internal audits, troubleshooting, and business operations
⸻
5. Lawful Basis for Processing
We rely on one or more of the following legal grounds:
• Consent: When you submit a contact form or interact with optional services
• Legitimate interests: To provide secure access, maintain service integrity, and improve user experience
• Contractual necessity: When we provide digital access as part of our commercial agreements
• Legal obligation: Where we are required to retain or disclose data to comply with applicable law
⸻
6. How Your Data Is Stored and Protected
We are committed to maintaining high standards of data security. Your personal data is:
• Stored in secure, access-controlled environments
• Encrypted during transmission
• Protected by technical, organisational, and procedural safeguards
• Hosted on dedicated infrastructure, not shared hosting environments
• Subject to strict internal access controls and audit logging
• Shielded from external threats using multiple layers of defence
We regularly review and improve our security controls to meet evolving industry standards. While no system is completely immune to risk, we take every reasonable measure to protect your information.
⸻
7. Analytics and Tracking
We use aggregated website analytics tools to understand how our website is used. These tools collect non-identifiable usage data such as:
• Page views
• Device and browser type
• Referral source
• Time spent on site
This data helps us optimise performance and user experience. You can opt out of analytics cookies via your browser settings or cookie preferences.
⸻
8. Third Parties and Data Sharing
We do not sell or rent your personal data.
We only share data with third-party service providers where necessary for:
• Secure hosting and delivery of our services
• Enquiry handling and communication tools
• Anti-spam and abuse prevention
• Website performance and analytics
• Legal compliance and dispute resolution
All third-party providers are required to handle your data securely and in accordance with UK data protection law. We ensure contracts are in place with all processors.
⸻
9. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, including:
• Enquiry records: up to 12 months
• Portal user data: while your account is active, or as required by contractual or legal obligations
• Backup and audit logs: retained securely for system integrity and compliance
You may request deletion of your data at any time, subject to any legal retention requirements.
⸻
10. Your Rights
Under UK GDPR, you have the right to:
• Access the personal data we hold about you
• Correct inaccuracies in your personal data
• Request deletion of your personal data
• Restrict or object to our processing
• Request portability of your data to another provider
• Withdraw consent at any time (where applicable)
• Lodge a complaint with the Information Commissioner’s Office (ICO)
To exercise any of these rights, please email: of****@******************co.uk
⸻
11. Children’s Data
Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children.
⸻
12. Cookies and Similar Technologies
We use cookies and similar technologies for:
• Website functionality
• Security and spam prevention
• Performance monitoring and analytics
For details on how we use cookies and how you can manage them, please refer to our separate Cookie Policy.
⸻
13. Changes to This Policy
We may update this Privacy Policy from time to time. The “Last Updated” date at the top will always reflect the current version. We encourage you to review this Policy periodically to stay informed.
⸻
14. Contact Us
If you have any questions, concerns, or complaints regarding how we handle your data, please contact:
Data Protection Officer
Tooley Engineering Ltd
Unit 3 Aaron Business Centre, Bittern Way
Boston, Lincolnshire, PE21 7NX
Email: of****@******************co.uk
Phone: 01205 726 989
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at https://ico.org.uk
