Skip to main content

Privacy Policy

Last updated: April 2026

1. Introduction

Inverlock (“we”, “our”, or “us”) is committed to protecting the privacy of individuals who visit our website at inverlockadvisory.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller

The data controller responsible for your personal data is Inverlock. If you have any questions about this Privacy Policy or our data practices, please contact us at jhenry@inverlockadvisory.com.

3. Information We Collect

We may collect the following categories of personal data when you interact with our website:

  • Contact information: name and email address when you contact us via email.
  • Technical data: IP address, browser type and version, device information, and pages visited, collected automatically through server logs.
  • Usage data: information about how you use our website, including your disclaimer acceptance preference stored locally on your device.

4. How We Use Your Information

We use your personal data for the following purposes:

  • To respond to your enquiries and provide our advisory services.
  • To operate and maintain our website.
  • To comply with legal and regulatory obligations.
  • To protect our legitimate business interests, including fraud prevention and security.

5. Legal Basis for Processing

We process your personal data on the following legal bases under UK GDPR:

  • Legitimate interests: operating our website and responding to enquiries.
  • Consent: where you have provided explicit consent for specific processing activities.
  • Legal obligation: where processing is necessary to comply with applicable laws and regulations.

6. Data Sharing and Transfers

We do not sell your personal data. We may share your data with trusted service providers who assist in operating our website and conducting our business, subject to appropriate data processing agreements. Any international transfers of data will be subject to appropriate safeguards as required by UK GDPR.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable laws and regulations. Contact enquiry data is retained for a maximum of two years unless a longer retention period is required by law.

8. Your Rights

Under UK GDPR, you have the right to access, rectify, erase, or restrict the processing of your personal data, as well as the right to data portability and the right to object to processing. To exercise any of these rights, please contact us at jhenry@inverlockadvisory.com.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data has been processed unlawfully.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this page periodically.