Keystone Compliance Privacy Policy

This Privacy Policy (together with our terms and conditions and any other documents referred to in it) describes the type of information that we collect from you (“you/your”) through the use of our services (“Services”), or the use of our website (“Website”), how that information may be used or disclosed by us and the safeguards we use to protect it.

Keystone Compliance Ltd takes the privacy of your information very seriously and we have drafted this policy to be as clear and concise as possible. Please read it carefully to understand our policy regarding your information and how we will treat it. By using our services, you agree to the collection, use and disclosure of information in accordance with this privacy policy.

Definitions and interpretation

In this privacy policy, the following definitions are used:

Collectively all information that you submit to Keystone Compliance Ltd, via the website (contact us form), email and financial/transaction data. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws;

Data Protection Laws
Any applicable law relating to the processing of personal Data, including but not limited to the GDPR, and any national implementing and supplementary laws, regulations and secondary legislation;

The UK General Data Protection Regulations;

Keystone Compliance Ltd, we or us
Keystone Compliance Ltd, a company incorporated in England and Wales with registered number 12810975 whose registered office address is at 23-27 Bolton Street, Chorley, Lancashire, PR7 AA;

User or you
Any third party that accesses and completes the “Contact us” form on the website and is not either (i) employed by Keystone Compliance Ltd and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to Keystone Compliance Ltd and accessing the website in connection with the provision of such services; and

The website that you have used or are currently using. and ay sub-domains of this site unless expressly excluded by their own terms and conditions

Scope of this privacy policy

This privacy policy applies only to the actions of Keystone Compliance Ltd and Users with respect to the company website and Company files/records. It does not extend to any websites that can be accessed via the Company website, including but not limited to, any links we may provide to social media websites.

We respect your right to privacy and will only process personal information about you or provided by you in accordance with the Data Protection Legislation which for the purposes of this Privacy Policy shall mean: (i) the retained EU law version of the General Data Protection Regulation ((EU) 2016/679) (UK GDPR), the Data Protection Act 2018 and any other national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the UK GDPR or the Data Protection Act 2018 and other applicable privacy laws.

For purposes of the applicable Data Protection Laws, Keystone Compliance Ltd is the “data controller”. This means that Keystone Compliance Ltd determines the purposes for which, and the manner in which, your data is processed.

What We may collect

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes first name, last name, username or similar identifier. When you email, phone or otherwise, we may collect information such as your first name, last name, email address and phone number.
  • Contact Data includes billing address, invoicing address, email address and telephone numbers.
  • Financial Data includes bank account and payment card details.
  • Transaction Data includes details about payments and other details of our Services you have purchased from us.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Website.
  • Reviews, feedback and survey responses
  • Usage Data includes information about how you use our Website and Services.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. Nor do we collect any information about criminal convictions and offences.

How we collect data

We collect Data in the following ways:

(i) Data that is given to us directly by you; and

(ii) Data that is collected automatically

Data that is given to us directly by you includes:

(i) When you contact us through the website, by telephone, email, post or through any other means

(ii) When you use our services;

In each case, in accordance with this privacy policy.

We may automatically collect some information about your visit to the website. This information helps us to make improvements to our website content and navigation. This information includes:

(i) Your IP address

(ii) The Date, times and frequency with which you access the website; and

(iii) The way you use and interact with its content

How we use data

We may use the information in the following ways:

a) To personalise your website experience and to allow us to deliver the type of content and product offerings in which you are most interested.

b) To administer a contest, promotion, survey or other site feature.

c) If you have consented to receive our e-mail newsletter or updates, we may send you periodic e-mails. If you would no longer like to receive promotional e-mail from us, please refer to the “How can you opt-out, remove or modify information you have provided to us?” section below.

If you have not opted-in to receive e-mail newsletters, bulletins or updates, you will not receive these e-mails. Visitors who register or participate in other site features such as marketing programs and “members-only” content will be given a choice whether they would like to be on our e-mail list and receive e-mail communications from us.

d) Present Website content effectively to you.

e) Provide information, and services that you request, or (with your consent) which we think may interest you.

f) Carry out our contracts with you.

g) Provide the relevant Services to you

h) Tell you our charges.

If you are already our customer, we will only contact you electronically about things similar to what was previously sold to you.

If you are a new customer, you will only be contacted if you agree to it.

We may keep a record of those links which are used the most to enable us to provide the most helpful information but we agree to keep such information confidential and you will not be identified from this information.

In addition, if you don’t want us to use your personal data for any of the other reasons set out in this section, you can let us know at any time by contacting us at and we will delete your data from our systems. However, you acknowledge this will limit our ability to provide the best possible services to you.

In some cases, the collection of personal data may be a statutory or contractual requirement, and we will be limited in the services we can provide you if you don’t provide your personal data in these cases.

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

Where we need to perform the contract we are about to enter into or have entered into with you.

Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

c) Where we need to comply with a legal or regulatory obligation, for example compliance with health and safety or other statutory obligations.

We agree that we will not do anything that we have not agreed to under this Privacy Policy, and we will not send you any unsolicited marketing or spam. We will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the UK GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended.

Who we share data with

We may share your data with the following groups of people for the following reasons:

  • Our employees, associates and/or professional advisors – to obtain advice (including specialist advice) from professionals / specialists which may be involved in the services being provided

In accordance with this privacy policy.

Keeping Data Secure

We will use technical and organisational measures to safeguard your Data, for example:

(i) Access to your records is controlled by username and password

(ii) Data is stored on secure servers/networks which have additional cyber security protection

(iii) Website has SSL Certificate enabling an encrypted connection

Keystone Compliance have additional cyber security insurance cover which will assist in any suspected or realised data breach. If you suspect any misuse or unauthorised access to your Data, please let us know immediately by contacting us at

We will keep personal data for as long as is necessary which is usually the life of our relationship and up to a period of seven years after our relationship has ended. We may however be required to retain personal data for a longer period of time to ensure we comply with our legislative and regulatory requirements. We review our data retention obligations to ensure we are not retaining data for longer than we are legally obliged to.

Your Rights

You have the following rights in relation to your Data:

(a) Right to access – the right to request (i) copies of the information we hold about you at any time, or (ii) that we modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge for this, unless your request is “manifestly unfounded or excessive”. Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.

(b) Right to correct – the right to have your Data rectified if it is inaccurate or incomplete.

(c) Right to erase – the right to request that we delete or remove your Data from our systems.

(d) Right to restrict our use of your Data – the right to “block” us from using your Data or limit the way in which we use it

(e) Right to Data portability – the right to request that we move, copy or transfer your Data

(f) Right to object- the right to object to out use of your Data including where we use it for legitimate interests.

To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your data (where consent is our legal basis for processing your Data), please contact use via email at

If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioners Office (ICO). The ICO contact details can be found on their website at

It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.

Links to other websites

Our website may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of those websites. This privacy policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.


You may not transfer any of your rights under this privacy policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected.

If any court or competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.

Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.

This Agreement will be governed by an interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.

Changes to this Privacy Policy

Keystone Compliance Ltd reserves the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes made will be immediately posted on the website and a new policy emailed to all necessary contacts. You are deemed to have accepted the terms of our privacy policy on your first use of the website following the alterations.