.svg){kind=logo}
# Data Processing Statement
Last Updated: 21.05.2025
Who are we?
EnsoFlow are a UK based consultancy who’s registered office is: The Kiln, 2 Copenhagen Street, Worcester, WR1 2HB. We are registered with the Information Commissioner's Office and our registration number is: ZB890973.
What data do we collect?
In order for EnsoFlow to provide you with the services we offer or the updates and information we provide, we need to collect some data from you in order that we can deliver these to you in a timely and appropriate manner. The data collect depends on how you interact with us.
Accessing our website:
Lawful Basis: Legitimate Interests
We collect only anonymised data, that means we can’t identify you from your interactions on our website. We only collect statistics about the use of the website, the pages accessed and read. We use a company called Simple Analytics to provide us with this information. Below is a list of the data that is NOT collected and a list of that which is:
What we DON'T Collect:
• We do NOT set any cookies (or use similar technologies)
• We do NOT collect or store IP addresses
• By default we do NOT collect or store any data if a visitor has Do Not Track enabled
What we do Collect:
• We do collect and store whether visits are unique
• We do collect and store timestamps
• We do collect and store user agents anonymized
• We collect and store country of visitor - We use Visitor's time-zone as opposed to IP Address (which we don't collect)
• We collect and store the language of the visitor
• We partially collect and partially store URLs
• We do collect and partially store referrers
• We do collect and store UTM-codes
• We do collect and store device dimensions
• We do collect and store how long a page is being viewed
• We do collect and store how far a visitor scrolls on the page
Signing up to our newsletter:
Lawful Basis: Consent
When you sign-up to our newsletter we do collect some information from you. We collect:
• First Name
• Last Name
• Email address
• Job Title (Optional)
• Industry / Sector(Optional)
We collect this data to be able to send you the newsletter and to personalise the information. We only use the data collected via this interaction for the newsletter process
Completing the contact us form on our website:
Lawful Basis: Legitimate Interests
We ask for the following data so we can provide you with an appropriate response to the message you send us through the contact form.
• First Name
• Last Name
• Email address
• Job Title (Optional)
• Industry / Sector(Optional)
• Message
We only use the data collected via this interaction to respond to your query.
Booking a 30 minute introduction call:
Lawful Basis: Legitimate Interests
In order for us to understand how we can make best use of the call, we will collect the following data:
• First Name
• Last Name
• Email address
• Job Title (Optional)
• Industry / Sector(Optional)
• Message
• Date and time of call
Booking onto one of our webinars / events:
Lawful Basis: Legitimate Interests
Our events and webinars have a limited number of places and as such we need to understand who is participating and to be able to confirm your spot on the webinar / event. To do that we collect the following data:
• First Name
• Last Name
• Email address
• Job Title (Optional)
• Industry / Sector(Optional)
• Event you’ve booked
Do we collect data from third party sources?
We operate in the B2B space and as such, we utilise applications that specifically collate publicly available data to enrich our understanding of what’s important to you and to be able to engage in much deeper and pertinent discussions with you or, if you’ve consented to our marketing, provide you information on additional services or partners that can assist in the delivery of solutions that work for you.
A list of our Third party data providers can be made available on request by sending us an email, the address of which is found in the ‘Contact Us’ section below.
Do you share my data with anyone else?
We want to give you the best service we can which means we need to rely on other businesses to provide technology and services to do so. We also have legal obligations to share your data with certain organisations. Here’s the list of the types of organisations and the possible reasons:
Service providers and Partners:
We may share your personal information with our service providers and business partners that perform marketing services and other business operations for us. For example, we may partner with other companies to process secure payments, provide streaming services for our webinars, verify personal ID, fulfil orders, optimize our services, send newsletters and marketing emails, support email and messaging services and analyse information
Law enforcement agencies, regulators, government authorities or other legal representatives:
We may share your personal information with these parties where we believe this is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party.
Asset purchasers and joint venture partners:
We may share your personal information with any third party that purchases EnsoFlow or the companies with which we may enter into a joint venture to expand our services to you.
A list of our Service Providers can be made available on request by sending us an email to the address detailed in the ‘Contact Us’ section below.
Protecting your Data:
We are required to ensure that any data we collect and use in the provision of our services is protected with the appropriate level of information security and other technical measures, alongside a defined set of processes and procedures that tell all those working at EnsoFlow (and our Service providers) how to treat and use the data.
We review and assess all service providers and ensure their level of protection meets the standards required to protect your data as thoroughly as possible.
Retaining your data.
We collect your data with defined purposes and those purposes determine how long we should be keeping hold of your data and processing it.
As a general rule, we will retain your data for as long as we have a relationship with you. Beyond our relationship, we may need to continue to hold and process certain pieces of your personal data for:
• Audit and risk management
• Defend or bring any existing or potential legal claims
• Deal with any complaints you may have made
• Legal obligation for the retention of information, such as payments made to EnsoFlow.
Once our obligations to hold that data have expired, we will delete the data.
Transferring data overseas
Where possible, EnsoFlow are committed to processing your data within the UK, EEA or other country that is deemed to have equivalent data protections for your data.
Where this isn’t possible, for example where we utilise a platform, communication solution or other technology service, we ensure that the correct and adequate legal transfer mechanism is in place before we start to use that service and it process the data on our behalf.
This mechanism will be either:
UK International Data Transfer Agreement (IDTA)
Or
EU Standard Contractual Clauses (SCCs) with the UK Addendum.
We work hard to find the right service partners that protect your data should the processing need to take place outside the UK/EEA.
Your Rights:
You have a number of rights over the data we process and can exercise these at any time. These are:
Information about what we’re doing with your data (Right to Information): We need to be transparent with you about the data we’re processing and you can make a request for us to explain that to you, if you don’ think this Data Processing Statement provides you enough detail
Access to the data we’re processing about you (Right to Access): If you’d like to see the data we’re processing about you, then you can ask us to provide that data to you for review.
To ask us to stop processing your data temporarily (Right to Object): Where you think the data we’re using about you is inaccurate, you can ask us to temporarily stop processing that data until it’s rectified. There are other circumstances which apply to this right, but we’ll explain those to you if you submit this request.
Correct and update your data (Right to Rectification): If you think the data we hold and use about you is not accurate, you can ask us to update it by submitting this request.
To delete your data (Right to be forgotten):
We can delete your data under certain circumstances, for example, where we’re processing your data under consent. It doesn’t apply to all data we process, but we’ll explain that when you make the request.
Move your data somewhere else (Right to Data Portability): Under certain circumstances, such as when we are processing your data with your consent, you can ask us to collate that data and provide it to you to take elsewhere.
Contacting Us
We hope you never need to contact us about how we process your data or exercise your rights because we strive to be doing the right thing.
We know that sometimes you may need to get in touch to exercise one of your rights, tell us if we’re doing something you’re not happy with or to get more information on how we protect and use your data to deliver services to you. For those times you do, please reach out to us at: dpo@ensoflow.global
If you’re exercising one of the rights listed above, please let us know in the email which right it is and any details you can add to help us act upon it as quickly and efficiently as we can.
If you still feel you need to talk to someone other than us about your data, then you have the right to discuss it with the Information Commissioner's Office (ICO). The easiest way is to follow their guidance here: ICO Contact Details
Versioning:
