Privacy Policy for CHG Group

Last Updated: June 19, 2025

CHG Group (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable UK data protection laws. This policy applies to all personal data collected through our website, services, and any related platforms operated by CHG Group.

1. Who We Are

CHG Group is a [insert brief description of company, e.g., “UK-based company providing consulting services”]. Our registered office is at [insert registered office address]. For data protection purposes, we are the data controller responsible for your personal data.

You can contact our Data Protection Officer at:

• Email: [email protected]

• Address: [Insert contact address]

• Phone: [Insert contact number]

2. Personal Data We Collect

We may collect and process the following types of personal data:

a. Information You Provide

• Identity and Contact Data: Name, email address, phone number, postal address, or other details you provide when contacting us, registering for services, or filling out forms.

• Account Data: Username, password, and preferences if you create an account with us.

• Transaction Data: Details about payments, purchases, or services you have requested from us.

• Communication Data: Information from emails, phone calls, or other communications with us.

b. Information Collected Automatically

• Technical Data: IP address, browser type, operating system, and device information collected via cookies or similar technologies when you visit our website.

• Usage Data: Information about how you interact with our website or services, such as pages visited, links clicked, and time spent.

c. Information from Third Parties

We may receive personal data from third parties, such as analytics providers, business partners, or publicly available sources, where permitted by law.

3. How We Use Your Personal Data

We process your personal data for the following purposes, based on the lawful bases under the UK GDPR:

Purpose	Lawful Basis
To provide and manage our services	Performance of a contract or legitimate interests
To process payments and prevent fraud	Performance of a contract or legal obligation
To respond to inquiries or provide customer support	Legitimate interests or consent
To improve our website and services	Legitimate interests
To send marketing communications (e.g., newsletters)	Consent or legitimate interests (where permitted)
To comply with legal obligations	Legal obligation
To protect our rights, safety, or property	Legitimate interests

We will only process your data for the purposes for which it was collected or for compatible purposes, unless we obtain your consent or have another lawful basis.

4. Sharing Your Personal Data

We may share your personal data with:

• Service Providers: Third parties who provide services such as website hosting, payment processing, or analytics, who act as data processors on our behalf.

• Business Partners: With your consent, we may share data with partners for joint services or promotions.

• Legal Authorities: When required by law or to protect our rights, safety, or property.

• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to a third party, subject to appropriate safeguards.

We ensure that any third party we share data with complies with UK data protection laws and has appropriate safeguards in place.

5. International Data Transfers

If we transfer your personal data outside the UK, we will ensure it is protected by:

• Transferring to countries deemed to have adequate data protection laws by the UK government.

• Using Standard Contractual Clauses (SCCs) or other approved mechanisms to safeguard your data.

6. Data Security

We implement appropriate technical and organisational measures to protect your personal data from unauthorised access, loss, or disclosure. These include encryption, access controls, and secure servers. However, no system is completely secure, and we cannot guarantee absolute security.

7. Your Data Protection Rights

Under the UK GDPR, you have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.

• Rectification: Request correction of inaccurate or incomplete data.

• Erasure: Request deletion of your data in certain circumstances.

• Restriction: Request that we limit the processing of your data.

• Portability: Request a copy of your data in a structured, commonly used, and machine-readable format.

• Objection: Object to processing based on legitimate interests, including for direct marketing.

• Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise these rights, contact us at [email protected]. We will respond within one month, though this may be extended in complex cases. You may also lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk or by calling 0303 123 1113.

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, accounting, or reporting requirements. For example:

• Customer data is retained for [insert period, e.g., 6 years] after the end of our relationship to comply with tax laws.

• Marketing data is retained until you unsubscribe or withdraw consent.

When data is no longer needed, we securely delete or anonymise it.

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience, analyse usage, and deliver personalised content. You can manage your cookie preferences through your browser settings or our cookie consent tool. For more details, see our Cookie Policy.

10. Marketing Communications

If you have consented to receive marketing communications, we may send you updates about our services, events, or promotions. You can opt out at any time by:

• Clicking the “unsubscribe” link in our emails.

• Contacting us at [email protected].

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website or by contacting you directly.

13. Contact Us

If you have questions about this Privacy Policy or how we handle your personal data, please contact:

• Email: [email protected]

• Address: [Insert address]

• Phone: [Insert phone number]

Alternatively, you can contact the ICO if you have concerns about our data practices.

---

This Privacy Policy is designed to comply with UK data protection laws and provide transparency about how CHG Group handles your personal data. Thank you for trusting us with your information.