Privacy Policy

1. Who We Are

Apex Fraction-AI ("we", "us", "our") is a fractional IT consultancy registered in England and Wales. We operate this website at www.fraction-al.com and provide fractional IT leadership and digital transformation services to businesses in the UK and internationally.

For the purposes of UK GDPR, Apex Fraction-Al is the data controller responsible for your personal data. Our registered address is: 13 Snackgate Lane, Heighington, Newton Aycliffe, Co. Durham, DL5 6RG.

If you have any questions about this policy or how we handle your data, please contact us at: contact@apexfractionai.co.uk

2. Data We Collect

We collect personal data in the following circumstances:

• Enquiry forms: When you submit an enquiry via our contact form, we collect your name, email address, organisation name, and the content of your message.
• Email correspondence: When you email us directly, we collect the information contained in your messages.
• Cookies and analytics: We may collect anonymised data about how visitors use our website via analytics tools (see Section 8).
• Client engagements: During the course of a professional engagement, we may collect additional information necessary to fulfil our services, including contact details and business information.

We do not collect special category data (such as health information or financial data) through this website.

3. How We Use Your Data

We use the personal data we collect for the following purposes:

• To respond to your enquiry and communicate with you about our services
• To manage and deliver client engagements where you have contracted our services
• To comply with our legal and contractual obligations
• To improve our website and services using anonymised analytics data
• To send you service-related communications where you are an existing client

We will not use your data for unsolicited marketing purposes without your explicit consent.

4. Legal Basis for Processing

Under UK GDPR, we process your personal data on the following legal bases:

• Legitimate interests — responding to enquiries you have initiated and managing our business relationships
• Contract performance — processing necessary to deliver services you have contracted with us
• Legal obligation — where we are required to process data to comply with applicable law
• Consent — where we explicitly ask for and you provide your consent, for example for optional communications

5. Sharing Your Data

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

We may share your data with:

• Service providers: Trusted third-party providers who assist us in operating our website and business (such as hosting providers, email platforms, and form processing services). These providers are contractually bound to process data only on our instructions and in accordance with applicable data protection law.
• Professional advisors: Lawyers, accountants, and other advisors where necessary and subject to confidentiality obligations.
• Legal authorities: Where required by law, court order, or regulatory authority.

Any third-party providers we use are required to maintain adequate data protection standards consistent with UK GDPR.

6. Data Retention

We retain your personal data only for as long as necessary for the purposes for which it was collected, or as required by applicable law.

• Enquiry data where no engagement follows: up to 12 months
• Client engagement data: up to 7 years following the end of engagement, in line with standard business record-keeping obligations
• Analytics data: retained in anonymised form in accordance with the relevant platform's terms

After these periods, data is securely deleted or anonymised.

7. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

• Right of access — to request a copy of the personal data we hold about you
• Right to rectification — to request correction of inaccurate or incomplete data
• Right to erasure — to request deletion of your data in certain circumstances
• Right to restrict processing — to request that we limit how we use your data
• Right to data portability — to receive your data in a structured, commonly used format
• Right to object — to object to processing based on legitimate interests
• Right to withdraw consent — where processing is based on consent, to withdraw it at any time

To exercise any of these rights, please contact us at contact@apexfractionai.co.uk. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

8. Cookies

Our website may use cookies — small text files placed on your device — to support website functionality and analytics. We use only:

• Strictly necessary cookies — required for the website to function correctly. These cannot be disabled.
• Analytics cookies — anonymised data to understand how visitors use our site, helping us improve content and user experience. These are only placed with your consent.

You can control and delete cookies through your browser settings. Disabling certain cookies may affect the functionality of the site. For more information about cookies, visit allaboutcookies.org.

9. Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction.

These measures include secure hosting environments, access controls, and regular review of our data handling practices. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and affected individuals without undue delay, in accordance with our legal obligations.

10. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the "Last updated" date at the top of this page.

We encourage you to review this policy periodically. Your continued use of our website following any changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions, concerns, or requests relating to this privacy policy or the way we handle your personal data, please contact us:

• Email: contact@apexfractional.co.uk
• Postal address: 13 Snackgate Lane, Heighingotn, Newton Aycliffe, Co. Durham, DL5 6RG

If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO): ico.org.uk/make-a-complaint