Privacy Policy
Introduction
Effective date: April 2026
Last updated: April 2026
Ensign Yachting (“we”, “us”, or “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data when you visit our website at ensignyachting.com or interact with our services, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Please read this policy carefully to understand our practices regarding your personal data and how we will treat it.
Data Controller
The data controller responsible for your personal data is:
Ensign Yachting
Email: info@ensignyachting.com
If you have any questions about this Privacy Policy or our data practices, please contact us at the email address above.
Personal Data We Collect
We may collect and process the following personal data:
Information you provide directly
- Contact form submissions: your name, email address, telephone number, and the content of your message.
- Email correspondence: any personal data included in emails you send to us.
Information collected automatically
- Website analytics data: IP address (anonymised where possible), browser type, operating system, referring URLs, pages visited, time spent on pages, and other standard web log information.
- Cookies and similar technologies: information collected through cookies as described in our Cookie Policy.
Legal Basis for Processing
We process your personal data on the following lawful bases under the UK GDPR:
- Consent (Article 6(1)(a)): Where you have given clear consent for us to process your personal data for a specific purpose, such as subscribing to communications or accepting non-essential cookies.
- Contract performance (Article 6(1)(b)): Where processing is necessary for the performance of a contract with you, or to take steps at your request prior to entering into a contract, such as responding to enquiries about our yacht management services.
- Legitimate interests (Article 6(1)(f)): Where processing is necessary for our legitimate interests or the legitimate interests of a third party, provided your rights do not override those interests. This includes improving our website, analysing usage patterns, and ensuring the security of our services.
How We Use Your Data
We use your personal data for the following purposes:
- To respond to your enquiries and provide information about our services.
- To fulfil contractual obligations and manage our relationship with you.
- To operate, maintain, and improve our website and services.
- To analyse website usage and trends in order to enhance user experience.
- To ensure the security and integrity of our website.
- To comply with legal obligations and enforce our terms of service.
Data Sharing
We do not sell, rent, or trade your personal data to third parties. We may share your data only in the following limited circumstances:
- Service providers: Trusted third-party providers who assist us in operating our website and delivering our services (for example, website hosting, analytics, and email delivery). These providers process data only on our instructions and are subject to appropriate data protection obligations.
- Legal requirements: Where we are required to disclose your data by law, regulation, legal process, or enforceable governmental request.
- Business transfers: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction, subject to the same privacy protections.
Data Retention
We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.
- Contact form enquiries: Retained for up to 24 months from the date of your last interaction with us, unless a longer retention period is required for contractual or legal purposes.
- Website analytics data: Retained for up to 26 months in anonymised or aggregated form.
- Contractual records: Retained for up to 7 years after the end of the contractual relationship, in accordance with applicable legal and regulatory requirements.
When personal data is no longer required, it will be securely deleted or anonymised.
Your Rights
Under the UK GDPR, you have the following rights in relation to your personal data:
- Right of access: You have the right to request a copy of the personal data we hold about you.
- Right to rectification: You have the right to request correction of any inaccurate or incomplete personal data.
- Right to erasure: You have the right to request deletion of your personal data where there is no compelling reason for its continued processing.
- Right to restriction of processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
- Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
- Right to object: You have the right to object to the processing of your personal data where we are relying on legitimate interests as the legal basis.
- Right to withdraw consent: Where processing is based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal.
To exercise any of these rights, please contact us atinfo@ensignyachting.com. We will respond to your request within one month, as required by the UK GDPR.
Complaints
If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection:
Information Commissioner's Office
Website:ico.org.uk
Telephone: 0303 123 1113
We would appreciate the opportunity to address your concerns before you approach the ICO, so please contact us in the first instance.
International Transfers
Some of our third-party service providers may be based outside the United Kingdom. Where your personal data is transferred outside the UK, we ensure that appropriate safeguards are in place in accordance with the UK GDPR, such as:
- Transfers to countries that have been deemed to provide an adequate level of data protection by the UK Secretary of State.
- Use of International Data Transfer Agreements (IDTAs) or the UK Addendum to the EU Standard Contractual Clauses.
For further details about the safeguards we use, please contact us atinfo@ensignyachting.com.
Cookies
Our website uses cookies and similar technologies to enhance your browsing experience. For detailed information about the cookies we use and how to manage them, please refer to ourCookie Policy.
Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Any changes will be posted on this page with an updated “Last updated” date. We encourage you to review this policy periodically to stay informed about how we are protecting your data.
Where changes are significant, we will make reasonable efforts to notify you, for example by placing a prominent notice on our website.