Privacy policy

Effective Date: April 30, 2025

At Noventra Advisory Ltd., we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website, engage our services, or interact with us through any communication channel.

We handle your data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable UK and international privacy laws.

1. Who We Are
We are a strategic consulting firm providing business, innovation, and digital transformation advisory services. For the purpose of applicable data protection laws, Noventra Advisory Ltd. is the "data controller" of your personal data collected via this website or any interaction with us.

2. What Information We Collect
We collect various types of personal data depending on your interaction with us:

a) Information You Provide Directly
  • Full name, email address, phone number, company name, job title
  • Information shared via contact forms, newsletter sign-up, or event registrations
  • Any communications you send us (emails, feedback, requests)

b) Information We Collect Automatically
  • IP address, browser type, operating system, device information
  • Site navigation data (pages viewed, time spent, referral links)
  • Cookies and tracking technologies (see Section 6)

c) Information from Third Parties
  • Business directories, partners, event organizers, or publicly available sources
  • Social media platforms if you interact with our pages or campaigns

3. How We Use Your Data
We process your personal data for the following legitimate business purposes:
  • To respond to your inquiries and provide requested information or services
  • To manage client onboarding, proposals, and contractual relationships
  • To send relevant communications, including newsletters, insights, and event invitations (only with your consent)
  • To improve our website functionality and user experience
  • To conduct market research and internal analytics
  • To comply with legal or regulatory obligations

We only collect and process personal data when we have a valid legal basis to do so (see Section 4).

4. Legal Bases for Processing
Under UK GDPR, we rely on one or more of the following legal grounds:
  • Consent — where you have given clear permission (e.g., newsletter subscription)
  • Contractual Obligation — when processing is necessary for a service agreement
  • Legitimate Interests — for improving services, marketing (with opt-out), and securing our systems
  • Legal Obligation — to comply with applicable laws or court orders

You can withdraw your consent at any time by contacting us at [email protected].

5. Marketing Communications
We may send you marketing emails about our services, insights, and events — but only if:
  • You have explicitly opted in to receive such messages, or
  • You are an existing client or contact and we have a legitimate interest in doing so

You can opt out at any time by clicking the "unsubscribe" link in our emails or emailing us directly.

We do not sell or rent your data to third parties for marketing purposes.

6. Cookies and Tracking Technologies
Our website uses cookies and similar technologies to enhance your experience, including:
  • Essential Cookies — for core site functionality
  • Analytics Cookies — to understand how visitors use our site (e.g., Google Analytics)
  • Functionality Cookies — to remember your preferences

You can control cookie preferences via your browser settings. For full details, see our Cookie Policy.

7. Data Retention
We retain your personal data only for as long as necessary to:
  • Fulfill the purposes we collected it for
  • Meet legal, regulatory, tax, accounting, or reporting requirements
  • Resolve disputes and enforce our agreements

Once data is no longer required, we securely delete or anonymize it.

8. Data Sharing and Disclosure
We may share your data with trusted third-party service providers who assist us in:
  • Website hosting and analytics
  • Email delivery and CRM systems
  • Legal, accounting, and technical support

These providers are contractually bound to use your data only for the agreed purposes and ensure appropriate safeguards.

We may also disclose your data if required by law, court order, or regulatory authority.

9. International Data Transfers
Some of our partners or service providers may be located outside the UK or European Economic Area (EEA). In such cases, we ensure:
  • Transfers are made to countries with adequate data protection laws, or
  • Appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs)

10. Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
  • SSL encryption of our website and contact forms
  • Secure data storage and access controls
  • Staff training and internal privacy protocols
  • Regular system monitoring and updates

However, no system is entirely immune from breaches. If a data breach occurs, we will notify affected individuals and relevant authorities as required by law.

11. Your Data Protection Rights
You have the following rights under UK GDPR:
  • Right to Access — request a copy of your personal data
  • Right to Rectification — correct inaccurate or incomplete data
  • Right to Erasure — request deletion of your data (with legal limitations)
  • Right to Restrict Processing — limit how your data is used
  • Right to Data Portability — receive your data in a structured format
  • Right to Object — to processing based on legitimate interests

To exercise any of these rights, contact us at [email protected].

12. Children's Privacy
Our services and website are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has submitted personal information to us, please contact us and we will delete it promptly.

13. Third-Party Links
Our website may contain links to external websites not controlled by Noventra Advisory. We are not responsible for their privacy policies or practices. We encourage you to review their terms before providing any personal data.

14. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page, and where appropriate, you will be notified by email or on our website. Your continued use of our services constitutes your agreement to the revised policy.