Privacy Policy

Aldovi ("we", "us", "our") operates the website at aldovi.info (the "Site"). This Privacy Policy explains how we collect, use, store, and protect personal information when you use the Site, and sets out your rights as a data subject under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We are committed to handling personal data with transparency and in accordance with applicable data protection law. This policy is written in plain language and structured to make your rights and our responsibilities clear.

If you have any questions about this policy or wish to exercise any of the rights described below, you may contact us at: [email protected] or in writing to: 48 Ledbury Road, W11 2AJ London, United Kingdom.

The data controller responsible for personal information collected through this Site is:

We collect the following categories of personal data:

3.1 Contact form submissions. When you submit the contact form on this Site, we collect your name, email address, and the content of your message. If you optionally provide a phone number or select a subject category, that information is also collected.

3.2 Technical and usage data. When you visit the Site, our web server automatically records standard technical data including your IP address, browser type and version, operating system, referring URL, pages visited, and time of visit. This data is collected via server logs and, where consent has been given, via analytics cookies.

3.3 Cookie data. Cookies and similar tracking technologies may collect data about your browsing behaviour on the Site. Full details are set out in our Cookie Policy at cookie-policy.php.

3.4 Correspondence. If you contact us by email, telephone, or post, we retain a record of that correspondence.

We do not collect sensitive personal data (as defined in Article 9 UK GDPR) through this Site.

We process personal data on the following legal bases under UK GDPR Article 6:

• Consent (Article 6(1)(a)). We process analytics and non-essential cookie data where you have provided consent via the cookie banner. You may withdraw consent at any time using the Cookie Settings link in the footer.
• Contractual necessity (Article 6(1)(b)). Where you request a consultation or other service, we process your contact details to fulfil that engagement.
• Legitimate interests (Article 6(1)(f)). We process technical server log data to maintain the security and performance of the Site. Our legitimate interests in doing so do not override your fundamental rights and freedoms.
• Legal obligation (Article 6(1)(c)). We may process and retain certain data to comply with applicable UK legal and regulatory obligations.

We use personal data for the following purposes only:

• — To respond to enquiries submitted via the contact form or by email.
• — To schedule and conduct consultation sessions where requested.
• — To maintain and improve the technical performance and security of the Site.
• — To analyse anonymous aggregated usage data to understand how the Site is used (where consent has been given for analytics cookies).
• — To comply with applicable legal obligations.

We do not use personal data for automated profiling or for any form of automated decision-making that produces legal or similarly significant effects on you.

We do not sell, rent, or otherwise transfer personal data to third parties for their own marketing purposes.

We retain personal data for the following periods:

• — Contact form enquiries: retained for up to 24 months following the last substantive correspondence, then securely deleted.
• — Consultation records: retained for up to 36 months following the conclusion of the consultation engagement.
• — Server log data: retained for up to 12 months for security and performance monitoring purposes.
• — Correspondence records: retained for up to 36 months unless a longer retention period is required by applicable law.

At the end of the applicable retention period, personal data is securely deleted or anonymised.

You have the following rights in respect of your personal data under UK GDPR:

• Right of access. You may request a copy of the personal data we hold about you.
• Right to rectification. You may request that inaccurate or incomplete personal data is corrected.
• Right to erasure. You may request that we delete your personal data, subject to applicable legal and contractual obligations.
• Right to restriction of processing. You may request that we restrict the processing of your personal data in certain circumstances.
• Right to data portability. Where processing is based on consent or contract, you may request that your data be provided in a structured, machine-readable format.
• Right to object. You may object to processing based on legitimate interests at any time.
• Right to withdraw consent. Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at [email protected]. We will respond to verified requests within one calendar month.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data has been handled improperly. Details are available at ico.org.uk.

This Site uses third-party services that may collect or process personal data. These include:

• — Google Fonts and similar CDN services for web font loading. Your IP address may be transmitted to these providers when fonts load.
• — Google Maps (on the Contact page) for location display. Google's own privacy policy governs data collected through the Maps embed.
• — Analytics providers (where consent has been given): anonymous aggregated usage data only.

We do not transfer personal data outside the UK or European Economic Area except where appropriate safeguards are in place as required by UK GDPR Chapter V.

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or destruction. These measures include HTTPS encryption for all data in transit, access controls on systems holding personal data, and regular review of our data handling practices.

No method of electronic transmission or storage is completely secure. In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the ICO in accordance with our obligations under UK GDPR Article 34.

We may update this Privacy Policy periodically to reflect changes in our data handling practices or applicable law. The "Last updated" date at the top of this page indicates when the policy was most recently revised. We encourage you to review this policy regularly.

For questions or concerns, please contact us at [email protected].