Privacy Policy

1. Introduction

Capability Systems Ltd ("we", "us", "our") is committed to protecting and respecting your privacy. This policy explains how we collect, use, and safeguard your personal data when you visit our website or engage with our services, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Capability Systems Ltd is registered in England (Company number 03060219). Registered office: 128 City Road, London, England, EC1V 2NX.

2. Data Controller

Capability Systems Ltd is the data controller responsible for your personal data. If you have any questions about this privacy policy or our data practices, please contact us at:

• Email: jason.brown@capability-systems.com
• Phone: 07789 872249
• Address: 128 City Road, London, England, EC1V 2NX

3. Information We Collect

We may collect and process the following personal data:

Information you provide directly:

• Name, email address, and phone number when you contact us
• Information provided through our chatbot (Isabella) when available
• Any other information you choose to share in correspondence

Information collected automatically:

• Technical data such as IP address, browser type, operating system, and device information
• Usage data including pages visited, time spent on pages, and navigation paths
• Cookie data (see our Cookie Policy for details)

4. How We Use Your Information

We use your personal data for the following purposes and legal bases:

• To respond to your enquiries (legal basis: legitimate interest / contractual necessity)
• To provide our services (legal basis: performance of a contract)
• To improve our website (legal basis: legitimate interest)
• To comply with legal obligations (legal basis: legal obligation)

5. Data Sharing

We do not sell your personal data. We may share your data with:

• Service providers who assist with our website hosting and IT infrastructure
• Professional advisers such as lawyers and accountants as necessary
• Law enforcement or regulatory bodies if required by law

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Contact enquiries are typically retained for 24 months unless an ongoing business relationship exists.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission over the internet is completely secure.

8. Your Rights

Under UK GDPR, you have the following rights:

• Right of access — request a copy of the personal data we hold about you
• Right to rectification — request correction of inaccurate data
• Right to erasure — request deletion of your data in certain circumstances
• Right to restrict processing — request that we limit how we use your data
• Right to data portability — receive your data in a structured, commonly used format
• Right to object — object to processing based on legitimate interests

To exercise any of these rights, please contact us at jason.brown@capability-systems.com. We will respond to your request within one month.

9. International Transfers

We primarily store and process data within the United Kingdom. Where data is transferred outside the UK, we ensure appropriate safeguards are in place in compliance with UK GDPR.

10. Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

• Website: ico.org.uk
• Phone: 0303 123 1113

11. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.