Privacy Policy
Last updated: 6 June 2026
This Privacy Policy explains how Strongvrcleaneu.ddd ("we", "us", "our") collects, uses, stores, and protects your personal data when you visit our website or contact us.
Following the United Kingdom's departure from the European Union, data protection in Britain is governed by the UK General Data Protection Regulation (UK GDPR) — the UK's retained version of EU GDPR — together with the Data Protection Act 2018. These laws apply to all organisations processing personal data of individuals in the UK.
1. Data Controller
The data controller responsible for your personal data is:
- Business name: Strongvrcleaneu.ddd
- Address: 9 Castle Way, Southampton SO14 2BX, United Kingdom
- Email: callback@strongvrcleaneu.world
- Phone: +44 23 8268 1321
1.1 ICO Registration
Organisations that process personal data in the UK are required to pay a data protection fee to the Information Commissioner's Office (ICO) unless exempt. Because we collect and process personal data through our contact form, server logs, and optional analytics cookies, we are registered with the ICO as a data controller.
- ICO registration reference: ZB847291
- Register entry: Data controller — Strongvrcleaneu.ddd
- Public register: You can verify our registration on the ICO public register by searching our business name or registration reference.
- Annual fee: Paid in accordance with the Data Protection (Charges and Information) Regulations 2018.
If you have questions about our ICO registration or data processing activities, contact us using the details above.
2. Scope of This Policy
This policy applies to all visitors and users of our website based in the United Kingdom and elsewhere. It covers personal data processed when you browse our pages, submit our contact form, manage cookie preferences, or communicate with us by email or telephone. It does not apply to third-party websites linked from our pages.
We do not intentionally collect special category data as defined in Article 9 UK GDPR (such as health data, racial or ethnic origin, political opinions, or religious beliefs). Please do not include sensitive personal information in contact form messages unless strictly necessary.
3. Personal Data We Collect
3.1 Data You Provide Directly
When you use our contact form, we collect only the information you choose to submit:
- Your name
- Your email address
- The content of your message
- Your explicit consent to data processing (GDPR checkbox)
Providing this data is voluntary. If you do not submit the contact form, we will not collect the above information from you directly.
3.2 Data Collected Automatically
When you browse our website, we may automatically collect technical data including:
- IP address (truncated or anonymised where technically feasible)
- Browser type, version, and language settings
- Device type, operating system, and screen resolution
- Pages visited, time spent, and navigation paths
- Referring website address and search terms used to find our site
- Cookie and local storage preferences (including consent choices and timestamps)
- Date and time of access
3.3 Data We Do Not Collect
We do not collect payment card details, national insurance numbers, passport details, or government-issued identification through this website. We do not purchase personal data from data brokers.
4. Purposes and Legal Bases for Processing
Under UK GDPR Article 6 and the Data Protection Act 2018, we process personal data only where a lawful basis applies:
| Processing Activity | Purpose | Legal Basis |
|---|---|---|
| Contact form enquiries | Respond to your questions and feedback | Consent (Art. 6(1)(a)) and legitimate interests (Art. 6(1)(f)) |
| Cookie preferences | Record and honour your cookie choices | Consent (Art. 6(1)(a)) / legal obligation under PECR |
| Analytics cookies | Understand website usage and improve content | Consent (Art. 6(1)(a)) — only if you opt in |
| Marketing cookies | Measure campaign effectiveness | Consent (Art. 6(1)(a)) — only if you opt in |
| Server logs | Security monitoring and fraud prevention | Legitimate interests (Art. 6(1)(f)) |
| Legal compliance | Respond to lawful requests from authorities | Legal obligation (Art. 6(1)(c)) |
Where we rely on legitimate interests, we have balanced our interests against your rights and freedoms. You may object to processing based on legitimate interests at any time (see Section 11). We do not use automated decision-making or profiling that produces legal or similarly significant effects.
5. How We Use Your Data
We use personal data strictly for the following purposes:
- Responding to enquiries submitted through our contact form, email, or telephone
- Operating, maintaining, and securing our website infrastructure
- Honouring your cookie and marketing preferences under PECR
- Analysing aggregated website usage to improve content (analytics cookies only with consent)
- Detecting and preventing unauthorised access, spam, or abuse of our services
- Complying with legal obligations and responding to regulatory enquiries
- Establishing, exercising, or defending legal claims where necessary
We will not use your personal data for purposes incompatible with those described above without notifying you and, where required, obtaining fresh consent.
6. Marketing Communications
We do not send unsolicited marketing emails. If you contact us and we respond, that communication relates solely to your enquiry. Should we ever introduce a newsletter or promotional emails, we will only send them where permitted under Regulation 22 of PECR — typically with your explicit consent or, where applicable, under the soft opt-in rule for existing customers who have not opted out. Every marketing email will include a clear unsubscribe mechanism.
7. Data Retention
We retain personal data only for as long as necessary for the purposes set out in this policy, in line with UK GDPR storage limitation principles:
- Contact form data: Up to 24 months from your last communication, then securely deleted or anonymised unless a longer period is required for legal claims or regulatory obligations.
- Analytics data: Up to 26 months from collection, subject to your cookie consent. Deleted sooner if you withdraw consent.
- Cookie consent records: Up to 12 months, after which we will request your preferences again.
- Server and security logs: Up to 90 days, unless required for an active security investigation.
- Legal and accounting records: Up to 6 years where required by UK tax or company law.
When retention periods expire, data is securely deleted or irreversibly anonymised.
8. Data Processors and Third-Party Sharing
We do not sell, rent, or trade your personal data. We may share data with the following categories of recipients who act as data processors on our behalf:
- Website hosting providers — storing website files and processing server requests (UK or EEA preferred)
- Email service providers — delivering responses to contact form submissions
- Analytics providers — Google Analytics or equivalent, only if you consent to analytics cookies
- Embedded service providers — Google Maps on our contact page (subject to Google's own privacy terms)
- Professional advisers — lawyers or accountants, only when necessary and under confidentiality obligations
- Law enforcement and regulators — when required by court order, statute, or legitimate regulatory request
All processors are bound by written contracts (Article 28 UK GDPR data processing agreements) requiring them to process data only on our instructions, implement appropriate security measures, and assist with data subject rights requests.
9. International Data Transfers
We aim to keep personal data within the United Kingdom and European Economic Area. Where data is transferred outside the UK — for example, to analytics or cloud providers in the United States — we ensure appropriate safeguards are in place as required by UK GDPR Chapter V and the Data Protection Act 2018, including:
- Transfers to countries covered by UK adequacy regulations (e.g. EEA countries, and the United States under the UK Extension to the EU-US Data Privacy Framework where applicable)
- UK International Data Transfer Agreements (IDTA) approved by the ICO
- UK Addendum to the EU Standard Contractual Clauses, where relevant
- Binding corporate rules or other mechanisms approved by the ICO
You may request further information about transfer safeguards by contacting us.
10. Data Security
We implement appropriate technical and organisational measures under Article 32 UK GDPR to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:
- HTTPS/TLS encryption for all data transmitted between your browser and our servers
- Access controls limiting staff access to personal data on a need-to-know basis
- Secure hosting environments with firewall protection and regular patching
- Regular review of security practices and processor compliance
- Procedures for detecting, reporting, and investigating personal data breaches
In the event of a personal data breach likely to affect your rights, we will notify the ICO within 72 hours where required and inform affected individuals without undue delay where there is a high risk to their rights and freedoms.
No method of transmission over the internet is completely secure. While we take reasonable steps to protect your data, we cannot guarantee absolute security.
11. Your Rights Under UK GDPR
Under the UK GDPR and Data Protection Act 2018, you have the following rights in relation to your personal data:
- Right of access (Art. 15): Request confirmation of whether we process your data and receive a copy.
- Right to rectification (Art. 16): Request correction of inaccurate or incomplete data.
- Right to erasure (Art. 17): Request deletion where data is no longer necessary, consent is withdrawn, or processing is unlawful.
- Right to restrict processing (Art. 18): Request that we limit how we use your data in certain circumstances.
- Right to data portability (Art. 20): Receive data you provided in a structured, commonly used, machine-readable format where processing is based on consent or contract and carried out by automated means.
- Right to object (Art. 21): Object to processing based on legitimate interests or for direct marketing purposes.
- Rights related to automated decision-making (Art. 22): Not be subject to decisions based solely on automated processing with legal or significant effects — we do not carry out such processing.
- Right to withdraw consent: Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any right, email callback@strongvrcleaneu.world or write to our postal address above. We will respond within one calendar month of receiving a valid request. This may be extended by a further two months for complex requests, in which case we will inform you within the first month.
We will not charge a fee for most requests. We may charge a reasonable fee or refuse a request if it is manifestly unfounded, excessive, or repetitive, as permitted under the Data Protection Act 2018. We may request proof of identity before processing requests to protect your data from unauthorised disclosure.
For cookie-related rights, you may also use the Manage Cookies link in our website footer or see our Cookie Policy.
12. Children's Privacy
Our website is intended for a general audience and is not directed at children. Under the Data Protection Act 2018, only children aged 13 or over may provide their own consent to information society services. We do not knowingly collect personal data from anyone under 13 without verifiable parental consent. If you are a parent or guardian and believe your child has submitted personal data to us, please contact us and we will delete it promptly.
13. Complaints to the Supervisory Authority
You have the right to lodge a complaint with the UK's independent supervisory authority if you believe our processing of your personal data breaches UK data protection law. We encourage you to contact us first so we can try to resolve your concern.
- Organisation: Information Commissioner's Office (ICO)
- Website: ico.org.uk
- Helpline: 0303 123 1113
- Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, United Kingdom
- Complaints: ico.org.uk/make-a-complaint
14. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. Material changes will be posted on this page with an updated revision date. Where changes significantly affect your rights, we will take additional steps to inform you, such as a notice on our homepage. We encourage you to review this policy periodically.
15. Contact Us About Data Protection
For any questions about this Privacy Policy or our data protection practices, contact our data controller:
- Email: callback@strongvrcleaneu.world
- Post: Data Protection Enquiries, Strongvrcleaneu.ddd, 9 Castle Way, Southampton SO14 2BX, United Kingdom
- Phone: +44 23 8268 1321 (Monday–Friday, 9:00–17:00 GMT)