Privacy Policy

Last updated: 12 July 2025
Introduction

At Inbervel Ltd we are committed to protecting personal data and to fair and transparent processing. Please read this privacy statement: it will help you to understand how we collect and use personal data from individuals, our clients, suppliers or others during the course of our business. We will only use personal data for the purposes described in this privacy statement or as stated at the point of collection.

We regularly review this privacy statement and may make changes at any time without giving notice.

Who we are

Inbervel Ltd (registration number 15907992) is a company which provides professional services, registered in England and Wales. Our registered address is:

Inbervel Ltd
Third Floor Connexions
159 Princes Street
Ipswich, Suffolk, England, IP1 1QJ

A full list of our members/owners is available from the registered office or on the Companies House website. Inbervel Ltd is registered as a data controller with the Information Commissioner’s Office (ICO) under registration number 15907992.

Our lawful basis for processing

We rely on several lawful bases when we collect and use personal data to operate our business and provide products and services to our clients. These include:

  • Public interests – where processing is necessary to provide certain services (e.g. statutory audit) or meet requirements we are subject to.
  • Legal obligations – to comply with legal and regulatory obligations as a provider of regulated services and as a commercial business.
  • Contract – to perform contractual obligations with you or to take steps to enter into a contract.
  • Consent – where an individual has freely given consent at the time their personal data was provided.
  • Legitimate interests – our interests, or those of our clients or third parties (e.g. to provide services, develop or protect our business, or keep people informed), balanced against individual rights.

Client Service Activities

We only ask our clients to share personal data when necessary to provide our services or for other agreed purposes, and rely on them to inform individuals whose data is shared how it will be used.

In providing professional services, we may process personal data about:

  • Employees, directors, senior management, trustees, members and their beneficiaries
  • Professional advisors, suppliers
  • Any other individuals associated with our clients

Categories of data may include:

  • Identification and contact details
  • Employment-related information
  • Financial data

We generally do not expect our corporate clients to share “special categories” of personal data (race, political opinions, health, etc.) or criminal records. If such data is provided, we rely on your explicit consent, a legal obligation, or another lawful basis.

We typically collect personal data:

  • Directly from our clients
  • From third parties acting on their instructions (e.g. suppliers, advisors)

Purposes of processing:

  1. Providing professional services. To give advice and deliver reports.
  2. Managing our business. For client relationships, business development, events, and administration of our IT systems and website.
  3. Quality, risk & security management. To detect, investigate and resolve security threats, monitor service quality, and carry out client take-on procedures (including screening publicly available sources).
  4. Providing information about our services. Using business contact details to inform you about our services and events.
  5. Legal, regulatory & professional compliance. To meet our obligations as a regulated business.

How we keep data secure

Security is of the utmost importance. While no network transmission is 100% secure, we take all reasonable steps and maintain appropriate technical and organisational measures, including:

How to make a complaint or contact us

  • Detailed policies and procedures
  • Regular training on data protection, confidentiality and information security
  • Periodic reviews to ensure effectiveness

Who we share data with

We only share personal data when necessary and under appropriate contractual and security arrangements. We may share data with:

  • Partners associated with Inbervel Ltd to provide services and for administrative purposes
  • Suppliers (cloud software, IT, security, archiving/destruction, recruitment, marketing, payments)
  • Professional advisors, auditors or insurers when required by law or for business management
  • Law enforcement, government or regulatory bodies when legally required

Where your information is processed

All of your information is processed in the UK and European Economic Area (EEA).

Cookies

A separate notice regarding our use of cookies on our website and other digital platforms is available through our website; Cookies Notice

How long do we keep personal data?

We retain personal data only as long as necessary, taking into account:

  • The activity or service for which it is processed
  • Any legal, regulatory or contractual requirements
  • Potential litigation or investigations

Individuals’ rights

You have the following rights regarding your personal data:

  1. Right to be informed – Clear information on what we hold, why, and who we share it with (via this Privacy Statement).
  2. Right of access – Request a copy of the personal data we hold (Data Subject Access Request).
  3. Right to rectification – Request correction of inaccurate or incomplete data.
  4. Right to erasure – Request deletion if there is no compelling reason for us to retain it.
  5. Right to restrict processing – Ask us to block or suppress processing for certain reasons.
  6. Right to data portability – Receive your data in a usable format or transfer it to another controller.
  7. Right to object – Object to processing based on legitimate interests, direct marketing, or automated decision-making/profiling.
  8. Rights related to automated decision-making/profiling
    • Be informed about automated processing
    • Request human intervention or challenge automated decisions
    • Ensure our automated processes are functioning correctly

To exercise any right, please contact us (see below).

If you have any questions about this privacy statement, wish to complain about our use of personal data or exercise one of your rights, please send your correspondence to our Data Protection Officer:

Data Protection Officer

Inbervel Ltd
Foulden Hall, Foulden
Thetford, Norfolk, IP26 5AG

Email: DataProtectionOfficer@Inbervel.co.uk

You also have the right to report concerns or make complaints to the Information Commissioner's Office (ICO). For more information on your rights and how to contact the ICO, please refer to their website.

Read us in socials:

Social iconSocial iconSocial iconSocial icon