SOENECS

Privacy Notice

This Privacy Notice applies to all the services delivered by SOcial, ENvironmental & EConomic Solutions (SOENECS) Ltd

Version 1
Last Updated: 1 January 2026

This Privacy Notice applies to all the services delivered by SOENECS Ltd, Company Registration No: 09036188, Registered Office Address: 30 Church Road, Burgess Hill, West Sussex, RH15 9AE.  This policy represents our serious commitment to the security and protection of your data and compliance with Data Protection legislation including the UK General Data Protection Regulations (GDPR) and Uk Data Protection Act 2018.  By sharing personal information with us you are agreeing to be bound by this Notice.  In provision of its services, SOENECS may act as Data Controller and/or Processor.

How we collect information

Personal data is information that can be used to identify you directly or indirectly by use of an identifier such as name, identification number, location data, online identifier etc.  Personal data includes automated or manual records.  You give us personal information voluntarily when you communicate with us regarding our services, for example, when you send us e-mails, phone us, use our contact form on the website, register with us for an event, use social media, text, via post.  When you contact us, the information you provide to us may include your name, e-mail address, postal address, telephone number, social media contact details. 

Our website does not use cookies to collect any personally identifiable information and does not pass data to advertising networks.  For further information, please read the Cookies Policy on the “More” page, “Cookies Policy” on our website.  Statistical information gathered is aggregated and anonymous and therefore it is not possible to identify an individual. 

We have no responsibility for the content or handling of information or privacy policies on any linked websites. 

How we use your information

We only use your personal information to provide the services you have requested from us including to:

  • carry out a contract and/or deliver our services (eg undertake an assessment audit, complete research and report-writing, deliver presentations, facilitate workshops, chair conferences);
  • note your intention to attend one of our events and to liaise with you about it;
  • respond to your enquiry or request for assistance and to provide advice;
  • see if you are interested in participating in contracted research projects for example surveys, focus groups, structured interviews (your consent will always be obtained in advance);
  • complete necessary administrative or accounting functions associated with the services provided to you;
  • manage our relationship with you, monitor our services to you and keep you informed;
  • provide you with any information we are required to comply with regulatory or legal obligations.

 

We do not collect any sensitive data (known as special category data).  Depending on the above circumstances, processing of your information is likely to be on the basis of your consent, contract or legitimate interest.  The section on “Your Rights” below details how you can withdraw you consent.

Storage and security of your information

Your information will only be retained on our systems for as long as required for legitimate business purposes to enable us to provide the service requested or to meet any statutory obligations, following which time the information will be securely destroyed.  We take appropriate technical and organisational measures commensurate to risk to ensure the confidentiality, integrity and availability of our systems, services and any personal data processed within them.  The objective is to ensure your personal information is relevant and accurate and to keep it secure with the objective of preventing accidental loss, unauthorised or unlawful processing, destruction or damage.  We cannot guarantee the security of information transmitted via the internet or other similar connections.

Transfers outside of the UK/EU

Where necessary to deliver our services (for example, where cloud hosting, e-mail services, payment processors, event platforms or contracted associates operate servers or offices outside the UK or European Economic Area (EEA)), personal data may be transferred to, stored in, and processed in countries outside the UK/EEA. We only permit such transfers where appropriate safeguards are in place to ensure an adequate level of protection for your personal data.

We use one or more of the following safeguards, as appropriate to the circumstances of the transfer:

  • transfers to countries covered by an adequacy decision (where the UK Government or the European Commission has determined that the recipient country ensures an adequate level of protection);
  • contractual safeguards such as the International Data Transfer Agreement (IDTA), the UK Addendum or other recognised standard contractual clauses where required under the UK GDPR or EU GDPR;
  • Binding Corporate Rules for transfers within multinational groups where these are used;
  • technical and organisational measures such as encryption, strict access controls, data minimisation and retention limits to reduce privacy risk; and
  • contractual or policy requirements on any third parties or subprocessors to apply equivalent protections and not to onward-transfer data without our authorisation.

We will carry out any transfer impact assessments required by applicable data-protection law and will not permit transfers to third parties outside the UK/EU unless we are satisfied that adequate protections are in place. Where transfers rely on contractual safeguards, a copy of the relevant contractual safeguards (for example the IDTA or standard contractual clauses) can be provided on request.

Sharing your information

To deliver our services, we may on occasion share information with our contracted associates who will only use it to provide the requested service and who are required to comply with this Privacy Policy and the requirements of Data Protection legislation including the General Data Protection Regulations (GDPR).  To facilitate a payment transaction your information may be shared with a relevant third party (e.g. a financial institution).  You may decide to share your information with third parties to whom you have given consent to share information with us (e.g. third party application providers or social media sites).

Marketing

If you have consented to provide us with your personal information for contact purposes, we may contact you regarding any of our services or events that may be of interest to you, however, it is your right at any time to decide to withdraw your consent and prevent us from contacting you for marketing purposes.  You can do this by sending an e-mail to: info@soenecs.co.uk  

Your rights

The GDPR provides the following rights for individuals:

  • The right to be informed – you have the right to be informed about the collection and use of your personal data (transparency requirement).
  • The right of access – this right enables you to be aware of and verify the lawfulness of the processing.
  • The right to rectification – you can make a request for rectification verbally or in writing to have inaccurate personal data rectified or completed if it is incomplete.
  • The right to erasure – under certain circumstances you have the right to have personal data erased by making a request for erasure verbally or in writing.
  • The right to restrict processing – under certain circumstances you have the right to request verbally or in writing the restriction or suppression of your personal data.  This means we are permitted to store the personal data but not to use it.
  • The right to data portability – this applies to data processed by a data controller by automated means, in which case you have the right to obtain and reuse your personal data for your own purposes across different services enabling you to move, copy or transfer data easily, safely and securely from one IT environment to another (this enables you to take advantage of applications and services that can use this data to find you a better deal or help you understand your spending habits).
  • The right to object – you have the right to object to (1) processing based on legitimate interests or the performance of a task in the public interest or exercise of official authority (including profiling); (2) direct marketing (including profiling); and (3) processing for purposes of scientific, historical research and statistics.
  • Rights in relation to automated decision making and profiling – you have rights under Article 22 of the GDPR relating to automated individual decision-making (making a decision solely by automated means without any human involvement) and profiling (automated processing of personal data to evaluate certain things about an individual).  We do not undertake any automated individual decision-making and profiling.

To exercise your rights or if you have a complaint regarding the handling of your personal data, please send an e-mail to: info@soenecs.co.uk