COMPANY DOCUMENTS

PRIVACY & COOKIES POLICY

Who We Are

Esh Group (Esh Holdings Ltd) (“we”, “our”, “us”)
is the Data Controller for personal data processed via this website.

Registered Address:
Esh House,
Bowburn North Industrial Estate,
Bowburn,
Co Durham,
DH6 5PF

ICO Registration Number: ZA514143
Data Protection Officer (DPO): Group Head of IT

Email: DataProtection@esh.uk.com
Telephone: 0191 377 4570

1. What Information We Collect

We collect:

  • Personal details (e.g., name, email address, phone number) when you complete forms or contact us.
  • Technical data (e.g., IP address, browser type) for site functionality and analytics.
  • Cookie data (see Section 7).

2. Why We Use Your Data & Lawful Bases

We process your data for:

  • Responding to enquiries – Lawful basis: Legitimate interests (to respond to your request).
  • Website functionality – Lawful basis: Legitimate interests.
  • Analytics (Google Analytics) – Lawful basis: Consent (via cookie banner).

If we rely on legitimate interests, we have conducted an assessment to ensure your rights are protected.

3. How Long We Keep Your Data

We retain:

  • Enquiry data: 6 months after the last contact.
  • Cookies data: As per cookie type (see Section 7)
  • Analytics data: Up to 2 months.

4. Who We Share Your Data With

We may share data with:

  • Service providers (e.g., hosting, IT support) under UK GDPR-compliant contracts.
  • Legal authorities if required by law.

We do not sell your data.

5. International Transfers

We do not routinely transfer data outside the UK.
If transfers occur, we use:

  • UK adequacy regulations, or
  • International Data Transfer Agreement (IDTA) or Addendum.

6. Cookies & Similar Technologies

We use:

•  Essential Cookies

These are strictly necessary for the website to function properly.

They enable core features like security, authentication, and remembering your session.

Without them, the site may not work as intended.

•  Analytics Cookies

These track user behaviour to help improve site performance and user experience.

They collect data like page visits, time spent, and navigation patterns.

7. Your Choices:

  • You can accept or reject non-essential cookies via our cookie banner.
  • You can withdraw consent at any time using your cookie settings in your browser.

You can find out more about cookies by visiting this site: aboutcookies.org

8. Retention Periods

Retention Periods

  • Essential Cookies
    • Usually short-lived, often session-based (deleted when you close the browser).
    • Some may last a few days or weeks if they store preferences or login tokens.
    • Common range: session to 1 year (depending on functionality).
  • Analytics Cookies
    • Tend to have longer retention because they track trends over time.
    • Common range: 90 days to 2 years (Google Analytics defaults to 2 years for some cookies).
    • Can often be customized by the site owner.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access your data (free of charge).
  • Rectification.
  • Erasure.
  • Restriction.
  • Data portability.
  • Object to processing.
  • Withdraw consent.
  • Complain to the Information Commissioner’s Office (ICO): https://ico.org.uk.

In the first instance, contact us to exercise your rights contact DataProtection@esh.uk.com.

10. Automated Decision-Making

We do not use automated decision-making or profiling.

11. How We Protect Your Data

We apply appropriate technical and organisational measures to keep your data secure.

 

12. Updates

We may update this policy. The latest version will always be available on our website.