Arkwright

Privacy

Privacy Policy

Clear, practical information on how we handle personal data across enquiries, resources, and service delivery.

Last updated 13 February 2026UK GDPR alignedPECR awareNo ad-tech profiling

Who we are

Arkwright Solutions ("Arkwright", "we", "us") provides AI advisory and engineering services to UK businesses.

For data protection purposes, we act as the data controller for personal data collected through this website.

You can contact us at hello@arkwright.solutions or via our contact page.

What we collect

We collect only the data we need to run this site and respond to enquiries.

  • Contact data: name, email, company, role, and message content you submit.
  • Resource/newsletter requests: name and email where relevant.
  • Technical and security data: IP hash, browser metadata, and request timestamps.
  • Essential site data: limited cookies used for secure gated-resource access.

How we use your data and lawful bases

We process personal data under UK GDPR and the Data Protection Act 2018 using appropriate lawful bases.

  • To respond to enquiries and discuss services: legitimate interests, and contract steps before entering an agreement.
  • To deliver requested resources and updates: consent where required, or legitimate interests for relevant business communication.
  • To prevent abuse and protect systems: legitimate interests and legal compliance.
  • To operate records and delivery workflows: legitimate interests.
We do not sell personal data. We do not profile individuals for advertising purposes.

Marketing, cookies, and analytics

We follow PECR rules for electronic marketing. Where consent is required, we ask first. You can opt out at any time.

We use privacy-focused website analytics and operational metrics to improve performance and reliability. We do not use third-party ad trackers.

If we introduce non-essential cookies in future, we will update this policy and request consent where required.

Sharing data and international transfers

We share data with carefully selected processors only where needed to run services (for example, email delivery and data storage providers).

Some providers may process data outside the UK. When this happens, we use appropriate safeguards such as recognised contractual protections.

How long we keep data

We keep data only as long as needed for the purposes above, then delete or anonymise it.

  • Contact and enquiry records: retained for continuity, legal, and audit needs.
  • Security/rate-limit logs: retained for abuse prevention and operational integrity.
  • Marketing subscriptions: retained until you unsubscribe or request deletion.

Your rights

Under UK GDPR, you can ask us to exercise your rights in relation to personal data.

  • Access, rectification, erasure, and restriction.
  • Data portability and objection to processing.
  • Withdrawal of consent where processing relies on consent.
  • Rights related to automated decision-making where applicable.
You can raise concerns with the UK Information Commissioner's Office (ICO) at ico.org.uk/make-a-complaint.

Security

We use proportionate technical and organisational controls, including strict server-side validation, role-based access boundaries, and secure configuration practices.

No system is perfect, but we design for least privilege, auditability, and resilient operations.

Changes to this policy

We may update this policy as our services, legal obligations, or tooling changes. Material changes will be reflected by updating the date on this page.

Privacy Policy | Arkwright Solutions