Last updated 02.06.2025
This privacy notice applies to users of Everon UK Ltd.’s websites (“Data Subject”). This notice explains how we process your personal data when you visit our websites and when we use cookies and other analytics technologies.
We take seriously our obligation to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, as well as other applicable legislation governing the processing of personal data. We also ensure that processing is carried out securely and that our data protection practices enable the full exercise of data subjects’ rights.
Everon UK Ltd
20 Hollingworth Court, Turkey Mill Business Estate, Ashford Road, Maidstone ME14 5PP
+44 (0)1 233 557 000
gdpr@everon.net
(hereinafter “we”)
If you wish to exercise your rights as described in this notice, or if you have questions about the processing of your personal data, you can contact us by email at gdpr@everon.net.
Please note that our website may contain links to third-party websites, for example in connection with events we announce. We are not responsible for the privacy practices of those sites and recommend that you review the privacy notice of each third-party website you visit.
We process personal data of our website users. The table below sets out the personal data we process, the purposes of processing, and the legal basis for each.
| Personal Data | Purpose of Processing | Legal Basis |
|---|---|---|
| Basic data such as name, email address, phone number Company and contact person data such as company registration number and contact persons’ names, titles and contact details | Enabling contact via website forms Delivery of subscribed newsletters | Legitimate interest to maintain and develop our business and offer our products and services |
| Communication and device data such as IP address, device ID or other device-specific identifier (device model, unique device and/or cookie identifier) and cookie data, data derived from analytics on service usage (such as interests, referring page, data collection channel, browser version, session identifier, session time and duration, screen resolution and operating system), user chat interactions (see also section 7 “Cookies and Other Analytics Technologies” below) | Administration of our websites and ensuring their operation; improving user experience Behavioural analysis and profiling | Legitimate interest to maintain and develop our service Consent (for profiling) |
Personal data is obtained by observing the use of our websites using cookies and other analytics technologies, or directly from the data subject when they fill in forms on our website or subscribe to our newsletter.
We use subcontractors acting on our behalf in the processing of personal data on our websites, to whom we transfer personal data only to the extent necessary for them to perform processing on our behalf. Leadoo Oy acts as our subcontractor when we use Leadoo’s user tracking to monitor how users navigate our website and combine this data with user information collected through, for example, chat interactions. Personal data may also be disclosed in accordance with requests made by a competent authority and on a legally required basis. If we sell, purchase, merge or otherwise reorganise our business, user personal data may be disclosed to purchasers and their advisors.
We transfer personal data outside the UK/EEA to the following countries: United States. When personal data is processed outside the UK/EEA, we ensure that the subcontractor has committed to the UK International Data Transfer Agreement (IDTA) or EU Standard Contractual Clauses with a UK addendum. We do not generally transfer personal data outside the UK/EEA unless required by the data subject.
For further information about the safeguards applicable to transfers, please contact us by email at gdpr@everon.net.
Only those employees who have the right to process personal data in the course of their work are authorised to access systems containing personal data. Each user has their own username and password for the system. Access to data requires appropriate access rights and multi-factor authentication. Users are bound by a duty of confidentiality. Unauthorised access to data is also prevented by firewalls and technical protection measures.
We have entered into data processing agreements with system suppliers and other partners processing personal data, in which our partners have committed to complying with the data protection and security requirements set out in the UK GDPR.
Databases containing personal data are protected by passwords and access control levels. Data is stored in an environment protected by appropriate security software and technical arrangements. Physical access to data is prevented by access control and other security measures. Documents containing manually processed customer personal data are stored in locked storage facilities.
| Data Category | Retention Period |
|---|---|
| Newsletter data | 2 years |
| Contact via website forms | 12 months from contact |
| Chat records | 12 months from chat session |
| Cookies used on the website | See individual cookie validity periods in section 7 below |
We regularly assess the necessity of retaining data in accordance with applicable legislation. We take reasonable measures to ensure that personal data that is incompatible with the purposes of processing, outdated or inaccurate is not retained. We rectify or destroy such data without delay.
Personal data may be retained beyond the above retention periods if necessary for a specific reason, such as a suspected criminal offence and related regulatory investigation.
Cookies and other analytics technologies are used to monitor the use of our websites. A cookie is a small data storage programme installed by a web browser on the user’s hard drive. Each time the user’s browser requests a page from our server, a message is sent back to the user’s computer. The message speeds up the site, simplifies login, stores user data and customises the site for the user.
Some cookies on our website are strictly necessary for the website to function – these essential cookies enable the core functionality of the site. You cannot refuse these cookies other than by changing your browser settings – after doing so, the site and all its services may no longer function normally.
We use third-party cookies that help us analyse your use of the site, save your settings and offer you relevant content. Cookies are stored in your browser only with your prior consent. You can accept these cookies or decline them via the cookie banner that appears when you first visit the site.
| Purpose | Description |
|---|---|
| Strictly necessary cookies | These cookies are essential for our website to function properly and to ensure it is protected against unusual activity. They are generally set only in response to your actions and requests, such as when you use the chat function. |
| Analytics cookies | These cookies are used to improve the performance of our website by allowing us to analyse user interaction with the site, visitor flows and numbers of users. They help us understand which pages you find most interesting and to develop our website. See further information about Google Analytics cookies on the Google Privacy & Terms website. |
We may occasionally make changes to this cookie information. The most up-to-date cookie information is always available on our website.
List of cookies used on the website:
| Name | Provider | Purpose | Category | Expires |
|---|---|---|---|---|
| cookieyes-consent | CookieYes | Stores cookie consent information | Strictly necessary | 1 year |
| __cf_bm | CookieYes | Cloudflare sets this cookie to support Cloudflare Bot Management | Strictly necessary | 1 hour |
| _ga_* | Google Analytics | Google Analytics sets this cookie to store and count page views | Analytics | 1 year 1 month 4 days |
| _ga | Google Analytics | Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage. The cookie stores information anonymously and assigns a randomly generated number to identify unique visitors. | Analytics | 1 year 1 month 4 days |
| country | CookieYes | Stores the user’s country location | Uncategorised | Session |
In addition, we use Leadoo’s user tracking to monitor how users navigate our website and combine this data with user information collected through, for example, chat interactions. Leadoo uses etag tracking, which differs from cookie-based tracking, combining data from multiple user sessions. Please review Leadoo Marketing Technologies Oy’s privacy policy (https://leadoo.com/privacy-policy/) to learn more about what is tracked. We act as the controller of the collected data and Leadoo as the data processor. If you do not want to be tracked, you can clear your browser’s cache. More information about how Leadoo works: https://leadoo.com/privacy-policy-processor/.
| Right | When Applicable |
|---|---|
| To access your personal data | Always |
| To require correction of inaccurate or outdated data | Always |
| To require erasure of data | When the data subject has withdrawn consent or another condition under Article 17 UK GDPR is met |
| To withdraw consent | When processing is based on consent, e.g. in the case of cookies |
| To object to processing | When processing is based on legitimate interest and there is a specific personal situation, or if data is processed for direct marketing purposes |
| To request restriction of processing | If the accuracy of the data is contested or another condition under Article 18 UK GDPR is met |
| To data portability | If processing is based on consent or contract, processing is carried out automatically and the transfer is technically feasible, and the data relates to information provided by the data subject themselves |
| To lodge a complaint with the Information Commissioner’s Office (ICO) | Always |
The above requests, objections and withdrawals may be submitted in writing to gdpr@everon.net. The request must include the data subject’s name and contact details. To ensure data protection, we may ask the data subject to verify their identity or provide additional information.
We will respond to requests and enquiries concerning the exercise of data subjects’ rights within one month.
