Privacy Policy

NOXX & CO PRIVACY POLICY

Last Updated: 29 May 2025

1. Introduction

NOXX & CO (“we”, “our”, “us”) respects your privacy and is committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy explains how we collect, use, and safeguard your information when you:

Use our services
Visit our website (www.noxxandco.com)
Interact with us professionally or as a client

2. Data We Collect

Personal Identification Data
We may collect your full name, contact details including your email address, phone number and business address, and professional credentials such as qualifications and job titles.
Financial & Legal Data
This includes your tax identification numbers, company incorporation details, and contractual documents related to service provision.
Technical Data
We may collect your IP address, cookie identifiers (see Section 7), and details about your browser and device used

3. Lawful Basis for Processing

We process personal data under the following legal grounds:

Contractual Necessity: When processing is necessary to fulfil our obligations under a service agreement with you.
Legal Obligation: When required to comply with statutory or regulatory obligations, such as anti-money laundering checks.
Legitimate Interest: When processing supports our business development efforts with existing or prospective clients, without overriding your rights.
Consent: For any marketing communications you choose to opt in to receive.

LEGAL & COMPLIANCE

Terms & Conditions

Cookie Policy

Client Care Charter

Anti-Money Laundering Policy

Modern Slavery Statement

Quick Contact

4. How We Use Your Data

We use your information in the following ways:

To deliver our services to you using your identification and financial information, based on a contractual obligation.
To prevent fraud or comply with legal requirements using technical and legal data, based on a legal obligation.
To communicate with you regarding ongoing matters using your contact and professional details, based on our legitimate interests.
To analyse website usage and improve performance using technical data, where your consent has been provided.

5. Data Sharing & Transfers

We may share your information with the following third parties:

HM Revenue & Customs and other regulatory bodies where required by law.
Legal authorities if compelled by a valid legal request or court order.
Cloud service providers, all of which host data on servers based within the European Union. Where data is transferred outside the United Kingdom, we ensure that appropriate safeguards are in place, including the use of Standard Contractual Clauses or reliance on UK adequacy decisions.

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected.

Client records are retained for seven years following the conclusion of an engagement, in compliance with legal requirements.
Marketing data is kept for up to three years from your last contact with us.
Job application data is stored for up to twelve months, with your consent.

When your data is no longer required, we ensure its secure disposal using industry-approved methods.

7. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance user experience and website functionality. Essential Cookies are necessary for:

Managing user sessions
Enabling basic site security

Analytical Cookies are used for:

Gathering anonymised data through Google Analytics to improve website performance You can manage your cookie preferences at any time using our Cookie Settings dashboard available on our website.

8. Your Legal Rights

Under data protection laws, you have several rights regarding your personal data:

You have the right to request access to your personal data (commonly known as a Subject Access Request).
You may request that we correct any inaccuracies in your personal information.
You may object to our processing of your data where we rely on legitimate interests.
You may request that your data be erased, subject to applicable legal grounds.
You have the right to withdraw consent at any time in relation to marketing communications.

We will respond to any such request within 30 calendar days of receipt.

9. Security Measures

We take data security seriously and employ the following safeguards:

Encryption using AES-256 for sensitive data
Multi-factor authentication for internal systems
Annual staff training on data protection and security
Independent penetration testing of our digital infrastructure

These measures are in place to protect your data from unauthorised access, alteration, disclosure, or destruction. We will respond to any such request within 30 calendar days of receipt.

10. Contact & Complaints

If you have any questions or concerns regarding this privacy policy or how your data is handled, please contact our Data Protection Officer:
Data Protection Officer
Email: info@noxxandco.com ( Ask for dpo)
Telephone: 020 7164 6399
If you are dissatisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) via their website: https://ico.org.uk