Privacy Policy

    How we collect, use, and protect your information

    Last updated: August 2025

    1. Who We Are

    This Privacy Policy explains how Cardiff Chamber Business Directory ("we", "us", or "our") collects, uses, and protects your personal information when you use our website and services. We act as the data controller in respect of the personal data you provide to us.

    2. Information We Collect

    We may collect and process the following types of information:

    Business information – name, address, contact details, and details of your services (where you choose to make these public in your listing).

    Account information – your email address, password, and related login details.

    Usage information – technical data such as IP address, browser type, and how you interact with our platform.

    Communications – any information you provide when you contact us for support or enquiries.

    3. How We Use Your Information

    We use your personal information to:

    • Provide and operate our business directory and related services.
    • Manage business registrations, listings, and user accounts.
    • Communicate with you about your account, updates, or important changes to our services.
    • Improve, maintain, and secure our platform.
    • Comply with our legal and regulatory obligations.

    Our lawful bases for processing your data are contract (to provide our services), legitimate interests (improving and operating our platform), and legal obligation (where required).

    4. Information Sharing

    We do not sell or rent your personal information.

    Business information you choose to make public will be visible to users of our directory.

    We may share personal data with trusted third-party service providers (e.g. hosting providers, payment processors, email platforms) who process data on our behalf, under strict contractual safeguards.

    We may also disclose information if required to do so by law, regulation, or legal proceedings.

    5. Data Retention

    We keep your personal information for as long as necessary to provide our services and meet our legal obligations. If you close your account, we will delete or anonymise your personal data unless retention is required by law.

    6. Data Security

    We use appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. However, no internet-based service can be guaranteed as 100% secure.

    7. International Data Transfers

    If we transfer your data outside the UK, we will ensure adequate protection measures are in place, such as standard contractual clauses or equivalent safeguards.

    8. Your Rights

    Under UK data protection law, you have the right to:

    • Access the personal data we hold about you.
    • Request correction of inaccurate data.
    • Request deletion of your data (subject to legal limits).
    • Restrict or object to processing of your data.
    • Request transfer of your data to another service provider.
    • Withdraw consent where processing is based on consent.

    To exercise these rights, please contact us using the details below.

    9. Complaints

    If you have concerns about how we use your personal data, please contact us first. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at www.ico.org.uk

    10. Contact Us

    If you have any questions about this Privacy Policy or your personal data, you can contact us at:

    Email: hello@cardiffchamber.co.uk