Privacy Policy

Last updated: June 2026

Who We Are

This Privacy Policy applies to the following companies, collectively referred to as “the Squid Group”, “we”, “us” or “our”:

  • Squid Group Ltd - registered in England and Wales (Company No. 16395592). Registered Office: Linden House, 34 Crowhurst Mead, Godstone, England, RH9 8BF.

  • Squid Capital & Advisory Limited - registered in England and Wales (Company No. 13561307). Registered Office: 15 Rye Hill Road, Harlow, England, CM18 7JE.

  • Squid Services Limited - registered in England and Wales (Company No. 16294013). Registered Office: Linden House, 34 Crowhurst Mead, Godstone, United Kingdom, RH9 8BF.

 All three companies share the website thesquidgroup.co.uk and operate under common ownership. Each company is an independent data controller for the personal data it processes. We are committed to handling your personal data responsibly and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

What Personal Data We Collect

We collect and process only the personal data necessary to conduct our business activities. This may include:

  • Name and job title

  • Business contact details, including email address, telephone number and postal address

  • Communications you send to us, including email correspondence

  • Any other information you voluntarily provide to us in the course of our business relationship

We do not collect or process sensitive personal data (special category data) unless strictly required and with appropriate legal basis.

 

How We Use Your Personal Data

We use personal data only for legitimate business purposes, including:

  • Managing and fulfilling contracts and business engagements

  • Communicating with clients, counterparties and suppliers

  • Complying with legal and regulatory obligations

  • Monitoring email communications for compliance and business protection purposes

 

Our Lawful Basis for Processing

We rely on the following lawful bases under UK GDPR:

  • Contractual necessity - where processing is required to perform a contract with you or take steps prior to entering into one.

  • Legitimate interests - where processing is necessary for our legitimate business interests, such as managing communications, maintaining business records and protecting our operations, provided these are not overridden by your rights.

  • Legal obligation - where processing is required to comply with applicable law.

 

Sharing Your Personal Data

We do not sell your personal data. We may share it with third parties only where necessary, including:

  • Other companies within the Squid Group, where relevant to the services being provided

  • Professional advisers, such as solicitors and accountants, under obligations of confidentiality

  • Regulatory or government authorities where required by law

 

How Long We Retain Your Data

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. In general, business correspondence and contract-related data is retained for six years following the conclusion of a matter, in line with standard limitation periods under English law. Data that is no longer required is securely deleted or destroyed.

International Transfers

We do not routinely transfer personal data outside the United Kingdom. Where any such transfer is necessary, we will ensure that appropriate safeguards are in place in accordance with UK GDPR requirements.

How We Protect Your Data

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration or destruction. These include access controls, secure email practices and regular review of our data handling procedures.

Your Rights

Under UK GDPR you have the following rights in relation to your personal data:

  • The right to access the personal data we hold about you

  • The right to request correction of inaccurate or incomplete data

  • The right to request erasure of your personal data in certain circumstances

  • The right to object to or restrict processing in certain circumstances

  • The right to data portability where processing is based on consent or contract

  • The right to withdraw consent at any time, where processing is based on consent

To exercise any of these rights, please contact us via our website.

Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us via our website.

Complaints

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

 

Information Commissioner’s Office

Website: ico.org.uk

Telephone: 0303 123 1113

Post: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

 

We would, however, appreciate the opportunity to address your concerns before you contact the ICO, so please contact us in the first instance.

 

Changes to This Policy

We may update this Privacy Policy from time to time. We encourage you to review it periodically.