Privacy Policy

Summary

We only collect personal data that we need to respond to your enquiry, provide quotes, carry out work, and meet our legal obligations. We do not sell your data. We keep your information secure and only share it where necessary to deliver services (for example, with professional advisers or trusted suppliers) or where the law requires it.

You have rights under UK data protection laws, including the right to access your data, correct it, request deletion in certain circumstances, or object to some uses. You can contact us at any time using the details below.

1. Who We Are (Data Controller)

For the purpose of UK data protection law, the “data controller” is the organisation responsible for your personal data. The controller for this website and our services is:

KOG Building Projects Limited

• Trading name: KOG Building Projects Ltd
• Company Registration Number: 16208850
• Business Address: 45 St Martins Way, Ancaster, NG32 3RA
• Registered Office Address: Unit 82a James Carter Road, Mildenhall, Bury St. Edmunds, England, IP28 7DE
• Email: kogbpl@outlook.com
• Telephone: 01400 679128
• Mobile: +44 7551 639522
• Business Hours: Monday to Friday, 07:30 – 17:00
• VAT Number: To be confirmed

2. Personal Data We Collect

The personal data we collect depends on how you interact with us. We aim to keep data collection to what is relevant and necessary.

2.1 Data you provide to us

When you contact us via our website, phone, email or in person, you may provide:

• Name
• Telephone number and/or email address
• Address or site location (where relevant to the quote or work)
• Details about your project (scope, timelines, budget range, drawings or photos you choose to share)
• Any other information you include in your message

2.2 Data we collect automatically (website usage)

Our website may collect limited technical data to help it function properly and remain secure, such as:

• IP address (often truncated or stored in logs for security and troubleshooting)
• Browser type and device information
• Pages visited and the date/time of access
• Referring website addresses (where available)

This data is generally collected through server logs and essential website functions. If we use analytics or marketing cookies, those will only be used with appropriate consent and will be described in our Cookie Policy.

2.3 Special category data

We do not normally need to collect special category data (such as health information, religious beliefs, or biometric data). Please do not share special category data with us unless it is strictly necessary, and you are comfortable doing so.

3. How We Use Your Personal Data

We use personal data to respond to enquiries, provide quotes, deliver services, manage projects, and meet legal requirements. We will not use your personal data in ways that are incompatible with these purposes.

3.1 Lawful bases for processing (UK GDPR)

UK GDPR requires us to have a lawful basis for processing your personal data. Depending on the situation, we may rely on one or more of the following:

• Contract: where processing is necessary to provide a quote, enter into a contract, or deliver agreed works.
• Legitimate interests: where we have a genuine business reason to use your data (for example, managing enquiries, improving our services, preventing fraud, or maintaining security), and your rights do not override those interests.
• Legal obligation: where we must process data to comply with the law (for example, tax or accounting requirements).
• Consent: where you have given permission (for example, non-essential cookies or marketing messages, if used).

3.2 Typical uses

• Responding to enquiries and arranging site visits
• Preparing and sending quotes, estimates, and proposals
• Carrying out building works, brickwork, and project management services
• Communicating about schedules, variations, materials, and progress updates
• Keeping internal records of work undertaken, invoices, and warranties (where applicable)
• Maintaining website security and performance

4. Who We Share Your Data With

We may share your personal data with trusted third parties where it is necessary for delivering services or for legal reasons. We do not sell your personal data.

4.1 Service providers and suppliers

Depending on your project, we may share relevant information with:

• Subcontractors and trades (only the information required to carry out their part of the work)
• Suppliers (for ordering materials and delivery coordination)
• Professional advisers (accountants, insurers, or legal advisers) where needed
• IT and website support providers (for hosting, security, backups, and email services)

4.2 Legal and regulatory

We may disclose personal data if required to do so by law, regulation, court order, or where necessary to protect rights, property, safety, or to prevent fraud.

5. International Transfers

Some of our service providers (such as website hosting, email, or analytics platforms) may process data outside the UK. Where this happens, we take steps to ensure appropriate safeguards are in place, such as relying on UK adequacy regulations, approved contractual protections, or equivalent measures that protect your rights.

If you would like more information about any international transfers relevant to your data, please contact us using the details on this page.

6. How Long We Keep Your Data

We keep personal data only for as long as necessary for the purposes described in this policy, including legal, accounting, or reporting requirements.

6.1 Typical retention periods

• Enquiry records: kept for a reasonable period to manage communications and follow-up, then deleted or anonymised where appropriate.
• Customer/project records: retained for the duration of the project and for a period afterwards to manage aftercare, warranties, or queries.
• Financial records: retained as required by UK tax/accounting laws.

Exact retention periods can vary depending on the nature of the work and our obligations. If you would like details about how long we keep specific records, please contact us.

7. How We Keep Your Data Secure

We take reasonable technical and organisational measures to protect personal data from unauthorised access, loss, misuse, or alteration. These measures may include access controls, secure passwords, limited access to information on a need-to-know basis, secure hosting, and routine updates to website software.

While no system is completely secure, we work to reduce risk and respond appropriately if a security incident occurs.

8. Your Rights Under UK GDPR

You have rights in relation to your personal data. These rights are not absolute and may apply differently depending on the circumstances, but they typically include:

• Right of access – request a copy of the personal data we hold about you.
• Right to rectification – ask us to correct inaccurate or incomplete data.
• Right to erasure – ask us to delete your data in certain situations.
• Right to restrict processing – ask us to limit how we use your data in certain situations.
• Right to data portability – receive your data in a structured, commonly used format (where applicable).
• Right to object – object to processing based on legitimate interests, or object to direct marketing.
• Rights relating to automated decision-making – we do not typically use automated decision-making for customer enquiries.

To exercise your rights, please contact us using the details in section 1. We may need to verify your identity before responding. We aim to respond within the timescales required by law.

8.1 Complaints

If you are unhappy with how we handle your data, please contact us first so we can try to resolve the issue. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).

ICO website: Information Commissioner's Office (ICO)

9. Cookies, Analytics and Marketing

Cookies are small text files placed on your device when you browse a website. Some cookies are essential for the site to function; others help measure performance or support marketing.

We provide cookie information and preferences in our Cookie Policy. Where non-essential cookies are used (such as analytics), we will request your consent where required by UK law.

9.1 Email and direct marketing

We do not send marketing emails unless you have requested information or consented to receive updates. If we do send marketing communications in the future, you will be able to opt out at any time using the unsubscribe option or by contacting us.

10. Third-Party Links

Our website may include links to third-party websites (for example, social media platforms). We are not responsible for the privacy practices of those third parties. We recommend reading their privacy policies before providing any personal data.

11. Children’s Data

Our services and website are not directed at children, and we do not knowingly collect personal data from children. If you believe a child has provided personal information to us, please contact us so we can take appropriate steps.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our services, website, or legal obligations. The “Last updated” date at the top of this page will be amended accordingly. We encourage you to review this policy periodically.