Privacy Policy | HarmENT
Last updated: 19 December 2025
1. Introduction
Welcome to HarmENT ("we", "our", "us"). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website harment.co.uk and use our services.
HarmENT is the data controller responsible for your personal data. We are registered in England and Wales and comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Information We Collect
We may collect and process the following categories of personal data:
Personal Information
- Identity Data: Name, username, title, date of birth
- Contact Data: Email address, telephone number, postal address
- Technical Data: IP address, browser type, device information, operating system
- Usage Data: Information about how you use our website and services
- Marketing Data: Your preferences for receiving marketing communications
- Transaction Data: Details of products and services purchased from us
3. How We Collect Your Data
We collect personal data through:
- Direct interactions: When you contact us, subscribe to our newsletter, purchase services, or create an account
- Automated technologies: Cookies and similar tracking technologies when you browse our website
- Third parties: Analytics providers, advertising networks, and social media platforms
4. How We Use Your Data
We use your personal data for the following purposes:
| Purpose | Legal Basis |
|---|---|
| To provide our services and fulfil contracts | Performance of contract |
| To manage your account and relationship with us | Performance of contract / Legitimate interests |
| To send marketing communications (with consent) | Consent |
| To improve our website and services | Legitimate interests |
| To comply with legal obligations | Legal obligation |
| To protect against fraud and security threats | Legitimate interests |
5. Data Sharing and Disclosure
We may share your personal data with:
- Service providers: Who assist us in operating our business (e.g., hosting, payment processing, analytics)
- Professional advisors: Including lawyers, accountants, and insurers
- Regulatory bodies: When required by law or to protect our legal rights
- Business transfers: In connection with any merger, acquisition, or sale of assets
We do not sell your personal data to third parties.
6. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which we collected it, including satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the purposes for processing, and applicable legal requirements.
7. Your Rights
Under UK GDPR, you have the following rights:
- Right of access: Request a copy of your personal data
- Right to rectification: Request correction of inaccurate data
- Right to erasure: Request deletion of your data ("right to be forgotten")
- Right to restrict processing: Request limitation of processing
- Right to data portability: Request transfer of your data
- Right to object: Object to processing based on legitimate interests
- Right to withdraw consent: Withdraw consent at any time
To exercise any of these rights, please contact us using the details below. We will respond within one month of receiving your request.
8. International Transfers
We may transfer your personal data outside the UK or European Economic Area (EEA). When we do, we ensure appropriate safeguards are in place, including:
- Transferring to countries with adequate data protection laws
- Using standard contractual clauses approved by the UK government
- Implementing binding corporate rules where applicable
9. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, and regular security assessments.
11. Children's Privacy
Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.
13. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe your data protection rights have been violated.