Privacy Policy

At Enso Advisory Group, we are committed to protecting your privacy and ensuring that your personal information is handled responsibly and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy explains how we collect, use, store, and protect your data when you engage with our services or visit our website.

1. Information We Collect

We may collect and process the following types of personal information:

• Contact details: name, email address, phone number, and business address.

• Business information: details about your organisation, the services you’re interested in, and relevant project notes.

• Service interaction data: emails exchanged, consultations booked, and documents shared.

• Website usage data: IP address, browser type, device information, pages visited, and access times.

• Cookies and tracking: we may use cookies or analytics tools to improve our website experience.

This information may be provided directly by you (e.g., forms, emails, service requests) or collected automatically when you use our website.

2. How We Use Your Information

We use personal data in a lawful, fair, and transparent way to:

• Deliver and manage the services you have requested.

• Communicate with you regarding your project, inquiries, or support needs.

• Tailor and improve our services based on feedback and user interactions.

• Maintain accurate business and financial records.

• Fulfil legal, tax, and regulatory obligations.

• Protect our legal rights and prevent fraud or misuse of services.

We do not use your information for unsolicited marketing or third-party advertising purposes.

3. Data Storage and Security

We take data protection seriously. All personal and project-related data is stored securely using encrypted storage solutions, with access restricted to authorised personnel only.

Security measures include:

• Password-protected systems and multi-factor authentication

• Encrypted communications and file storage

• Regular security reviews and best practice data handling

• Secure cloud platforms compliant with data protection standards

4. Data Retention

We retain your personal data only as long as necessary to fulfil the purposes outlined in this policy or as required by law. Typically:

• Project-related data: retained for the duration of the project plus 7 years for record-keeping.

• Marketing or communications data: retained until you withdraw consent.

5. Sharing Your Information

We do not sell, trade, or rent your personal information to others.

However, we may share your information with:

• Trusted service providers or subcontractors who assist in delivering services (e.g., website hosting, CRM support), strictly under confidentiality agreements and GDPR-compliant terms.

• Regulatory bodies or legal authorities where disclosure is legally required.

We are not responsible for the privacy practices of third-party websites linked from our site.

6. Your Data Rights

Under the UK GDPR, you have the following rights:

• The right to be informed about how your data is used.

• The right to access the personal data we hold about you.

• The right to rectify inaccurate or incomplete data.

• The right to erase your data (“right to be forgotten”).

• The right to restrict or object to certain types of processing.

• The right to data portability.

• The right to withdraw consent at any time (where processing is based on consent).

To exercise any of these rights, contact us at: advice@ensoadvisorygroup.com. We will respond within 10 business days.

7. Cookies and Tracking

We may use cookies and website analytics tools to enhance user experience and understand site usage. You can manage or disable cookies through your browser settings.

8. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or best practices. Any significant updates will be communicated on our website or via email if you are an existing client.