Privacy Policy


We at Cullinan Construction Consultants (we, us, our) are committed to always protecting your privacy and the security of your personal information to the best of our ability.

You can learn essential information from our privacy statement. It describes:

  • how long we keep your data;
  • how to get in touch with us or the appropriate supervisory authorities should you have a complaint;
  • personal information security techniques;
  • how, when, and why we gather, store, use, and share your data;
  • what personally identifiable information we gather about you;
  • who we are; and
  • Your data relations rights

We must gather, utilise, handle, and deal with certain personal data about you to offer our products and services to you. We are held accountable as what is referred to as a “controller” of personal information for the General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 when we do so.

In other words, we are the “legal or natural person, agency, public authority, or any other entity which, alone or jointly with others, determines the goals and means of the personal data processing and are responsible primarily for such information.

Please email if you have any inquiries about how we use your data. We are available at You can also write to us at St James House, Hollinswood Rd, Telford TF2 9TW (Telford Office) or PA104, Technology Center, Wolverhampton WV10 9RU (Midlands Office). We are also a ring away at 0333 7722799.

This policy applies in all situations when we operate in the capacity of a data controller concerning the personal data of our visitors, associates, clients of our website, and users of our services. In other words, it applies when we have a supervising responsibility for collecting, storing, using, and sharing personal data.

We are dedicated to protecting the confidentiality of your information so that we can: provide customers with high-quality goods and services; always abide by the law and the various regulations to which we are subject; meet the needs of customers, employees, and other parties; and safeguard our reputation.

Please take note of the usage of the following terms in this policy:

  • According to the UK GDPR, “personal data” refers to any information about an identified or identifiable individual (also known as a “data subject”)
  • Cullinan Construction Consultants and its directors are referred to as we, us, and ours
  • Processing refers to any operation or activity done on personal data, such as gathering, recording, organising, structuring, storing, amending, deleting, or using personal data in any other way.
  • The individual whose data is processed is referred to as you, and your

Personal Information:

By providing our goods and services, we may gather, store, utilise, and distribute your personal information. For us to be able to offer you our products and services, we may need to obtain the following information from you:

  • Details needed by us to conduct a credit or financial check
  • Details on the subject matter for which we are providing our services and our products
  • Details that we need to validate and confirm your identification
  • Financial information about you, such as your bank account information (if money is being given to you or is anticipated to do so), billing information, and credit card information.
  • from third parties with whom you have a relationship, such as trade unions, banks, building societies, financial institutions, other counsellors and professionals, employers, professional organisations, and medical practitioners;
  • from third-party services, including screening suppliers, credit reference agencies, and due diligence suppliers; m. from publicly accessible sources like Land Registry, membership records, professional records, Companies House, and more;
  • Further processing for archival needs.
  • In most circumstances, we will obtain information about you directly from you via letter, email, secure website portal, phone, or in-person encounter. But we might also need to find out more about you.
  • Information about your gender, if you choose to disclose it and is pertinent.
  • Information about your profession or line of work, if it is pertinent and you wish to offer information about your profession or line of work.
  • Please note that failing to provide the necessary personal data may cause a delay in the delivery of our products and the rendering of services.
  • The source of any money you contribute to any transaction, including a buy.
  • Using techniques related to information technology, such as cookies on websites, CCTV, messaging systems, access control systems, email, and instant messaging services.
  • You decide to provide this information and state where you are situated if it is pertinent. If it is relevant, provide information about your online persona (for instance, LinkedIn, Twitter), including whether you have linked to our website, Facebook page, or LinkedIn page.
  • ‍Your name and contact information include your home and mobile phone numbers, email address, and address.

Please be aware that the personal information we have about you must be accurate and up to date. If there is any alteration in your data during the term of our partnership, let us know as soon as possible.

Purpose of the personal data:

Data protection law mandates that we only use your personal information where it is appropriate and only for the purposes it was obtained. These are only a few potential causes: if you have authorised using your personal information for a single or more defined purpose.

  • In situations where the user is required to carry out a contract to which you are a party or to act at your request before entering a contract.
  • When the usage is required to carry out a task in the public interest or to exercise the official authority entrusted to us
  • When the usage is required to comply with a mandate to which we are subject.
  • When the user is required to forward our or a third party’s legitimate interests, unless your interests or fundamental rights and freedoms, which call for the protection of personal data, take precedence, especially in cases where a child is involved
  • When the user is required to safeguard essential interests or the interests of another person

‍The arguments sum up the widespread viewpoint regarding the potential uses of data. The exact stance, however, is that we may use your personal data for the following uses:

  • For statistical analysis to help us manage our firm more effectively, for instance, our financial performance, clientele, and product line.
  • For the administration and evaluation of the employees, to ensure safe working practices.
  • Regarding external quality assessments and audits in connection to the standards, we have adopted (for example, ISO standards, professional standards etc.).
  • To adhere to legal and regulatory requirements to submit information returns to authorities and bodies that were duly established.
  • Conduct identification checks, information collecting, and audits as needed to meet any legal and/or regulatory requirements you or we may be obligated to follow.
  • To maintain and update records to guarantee processing accuracy.
  • To promote our services and those of other parties to current and past clients and third parties if you consent.
  • To provide you with our goods and services so that we can fulfil our obligations under our contract with you or to take any actions required by law before we can enter into a contract with you.
  • To regulate credit and run credit checks in connection with our services.
  • To stop or catch fraud, whether committed by you or another party involved in a case in which you are concerned. This will aid in avoiding any harm to you, a third party, or us.

What is referred to as “special category personal information” will not be used for the objectives. This includes processing genetic and biometric data that can identify you and information about your health, sexual orientation, and data indicating your ethnic or racial origin, political opinions, religious beliefs, or membership in a labour union. Such information will never be processed without your express consent.

Contact process:

Together with the basic issues covered in previous sections, we might also need to send you updates regarding our products and services and information about significant developments about you, our products and services, or other connection issues that could interest or worry you.

Information about our products and services and changes to those products and services may be provided via mail, phone, email, or text message. We believe that processing your data for these reasons is necessary for us to further our legitimate business interests, and we do not need your permission to do so.

We occasionally conduct what are known as “legitimate interest assessments” to weigh your privacy rights against our interest in reaching out to you. When we think your consent is necessary, we will let you know and ask you directly for it.

If you have permitted us to do so, we may also send you information about goods and services from third parties if you have shown an interest in them or if they are related to goods and services we have provided.

Rest assured that we will never disclose your personal information to other parties for marketing or promotional reasons and will treat it with the utmost care. You always have the option to ask us not to contact you for any reason other than to deliver our goods and render our services.

However, occasionally, we could ask you to confirm your marketing preferences so that we can be certain they stay the same, particularly when it comes to matters like legal and regulatory revisions.

Data sharing with other parties:

Although we will not use your personal information for marketing, it might be necessary for us to share it with others to provide you with our products and services, fulfil our contractual obligations to you, meet legal or regulatory requirements, or fulfil any other contractual, legal, or regulatory obligations to which we are subject.

These professionals could be solicitors, printers, medical professionals, manufacturers, installers, experts, designers, delivery businesses, barristers, advisors, and accountants, among others, who are used in connection with the goods and services for which we are commissioned.

Third parties with whom we are interacting in this subject, such as financial service providers, banks, building societies, and registrars; government agencies and organisations of a similar nature, such as Land Registry, membership records, professional records, Companies House, customs, and revenue, and more;

Other parties involved in our business, including:

  • Credit reference agencies about our contract with you;
  • External auditors about the audits and external quality reviews;
  • Our bank, insurers, and insurance brokers;
  • Suppliers of services necessary for our products and services;
  • Your/our regulators

We will always ensure that everyone with whom your personal information is shared processes it properly and takes all required precautions to protect it. Only when we are confident in their security procedures will we permit someone else to handle your personal information.

Please be aware that occasionally, to uphold our own legal and regulatory requirements, and we may be obliged to divulge your personal information to and trade information about government, law enforcement, and regulatory entities and agencies.

We may need to disclose your personal information with other third parties, such as those participating in a pertinent or related transaction, during and occasionally after our provision of products and services to you. Only information that is pertinent and important to communicate will be disclosed by us.

Also, we might have to disclose some personal data to third parties, like prospective buyers of all or a portion of our company or parties involved in a reorganisation. Information will typically be anonymised; however, this may be impossible sometimes. Confidentiality obligations will apply to the information’s recipient.

‍We may occasionally need to share data with other parties for statistical uses. When sharing information, we will make every effort to guarantee anonymity. Still, when this is impossible, we demand that the receiver always maintain the information’s confidentiality.

Data Relations Rights:

You have several rights about your personal information that we hold and process under the terms of data protection legislation as the data subject. These rights are free to exercise, and we must react to you within a certain amount of time after receiving your request. These rights are outlined in UK GDPR Articles 12-23. These are what they are:

Right of accessibility: You can ask us to confirm whether we are processing any personal information about you. If so, you have the right to access that information and a variety of other details, such as the reason we are processing it, who else has access to it, how long we plan to keep it, and whether or not you have any other rights.

Right to correction: The right to have erroneous personal information about you corrected without excessive delay.

Right to erasure: also known as the “right to be forgotten,” this is the ability you have to ask us to delete information about you in certain situations.

Right to request a restriction on processing: the ability to ask that, in some situations, we stop using your data for specified purposes.

Right to data portability: The option, under some conditions, to get the personal information you have given us in a structured, widely-used, and machine-readable format and to have that information forwarded to another controller.

Right to object The ability to object, under certain conditions, to how we process your data when it relates to direct marketing or where a legitimate interest justifies processing.

Right to be free from automated decision-making: a right to be free from decisions primarily based on automated processing, including profiling, that have legal repercussions for you or otherwise have a major impact on you.

The UK GDPR, which refers to information generated by the Information Commissioner’s Office, contains comprehensive information about these rights.

Data Security:

We follow solid security measures that are meant to stop your data from being mistakenly lost, used, or accessed unlawfully to ensure that it is kept secure and to prevent any breach of confidentially. Your data is only accessible to those who need it, and processing such data will consider the need for secrecy.

We rigorously test our systems and adhere to the best practices for information security. You will be informed if there is a possible data security breach. We shall also alert the appropriate authority of a potential data security breach whenever required by law.

Complaint Policy:

Please contact us if you have any questions about how we collect, utilise, keep, or discard your personal information. We can be reached through the information listed above or through this website.

Despite all of our efforts, things do occasionally go wrong. You have the right to file a complaint with the Information Commissioner’s Office if you are dissatisfied with any aspect of your personal data’s use and/or protection.