Northern BioStrategies Ltd ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal data when you interact with our website, submit enquiries, or apply to work with us. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
The data controller is: Northern BioStrategies Ltd, International House, 22-28 Wood Street, Doncaster, DN1 3LW, United Kingdom. Email: contact@northernbiostrategies.com
We may collect and process the following categories of personal data: (a) Information you provide directly: name, email address, contact details, information submitted via consultant application forms and client enquiry forms. (b) Client and consultancy-related data: in the course of providing consultancy services, we may receive or process confidential business information, commercially sensitive data, and personal data relating to client staff or representatives (e.g. names, work emails). Such data is processed strictly for professional and contractual purposes.
We use personal data for the following purposes: responding to enquiries and applications, assessing consultant applications, communicating with prospective and existing clients, delivering consultancy services, maintaining business records, ensuring website security and performance, and meeting legal, regulatory, and compliance obligations. We do not use personal data for automated decision-making or profiling.
We process personal data under one or more of the following legal bases: legitimate interests to operate and grow our consultancy, contractual necessity where processing is required to provide services, consent where explicitly provided, and legal obligation where required by law.
We may share personal data where necessary with internal consultants and contractors, professional service providers (e.g. IT, cloud services), and third-party tools used to operate the business. All third parties are required to handle data securely and in line with UK GDPR. We do not sell personal data.
If personal data is transferred outside the UK, we ensure appropriate safeguards are in place, such as contractual protections, to maintain data security and compliance.
We use Google Search Console and Google Publisher Center. These tools provide aggregated, non-identifying insights into website performance. We do not use tracking cookies for targeted advertising.
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or disclosure. Access to data is restricted to those who need it for legitimate business purposes.
We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy and to meet legal, regulatory, or contractual requirements. When no longer required, data is securely deleted or anonymised.
Under UK GDPR, you have the right to access your personal data, request correction of inaccurate data, request erasure of your data, object to or restrict processing, request data portability, and withdraw consent where applicable. To exercise your rights, contact: contact@northernbiostrategies.com
Our website and services are open to all ages. We do not knowingly collect personal data from children without appropriate justification. If you believe a child's data has been provided to us inappropriately, please contact us.
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.
For privacy-related questions or concerns, please contact: contact@northernbiostrategies.com