Ironshare is the data controller responsible for the personal data described in this privacy notice.
Ironshare Ltd
Registered Address: 22 The Tything, Worcester, WR1 1HD
Email: privacyinfo@ironshare.co.uk
Where we refer to “Ironshare”, “we”, “us” or “our”, we are referring to Ironshare Ltd.
This privacy notice explains how Ironshare collects, uses, stores, and protects personal information. It applies to information we collect about:
Under the UK General Data Protection Regulation (UK GDPR), we must have a lawful basis for processing personal data. Ironshare processes personal data under one or more of the following lawful bases:
When someone visits www.ironshare.co.uk we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns.
We do this to understand how visitors use our website and to improve its performance and content. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
The lawful basis for this processing is our legitimate interests in monitoring and improving our website.
If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Customer Relationship Management (CRM) Ironshare uses ConnectWise, a third-party Customer Relationship Management (CRM) platform, to manage customer and prospect relationships, service delivery, and business operations.
Through ConnectWise, we may process the following categories of personal data:
This information is processed for the purposes of:
The lawful basis for this processing is contractual necessity, legal obligation, and legitimate interests, depending on the nature of the relationship and data involved.
ConnectWise acts as a data processor on behalf of Ironshare. We have appropriate contractual arrangements in place to ensure that personal data is processed securely and in accordance with UK GDPR requirements.
Personal data stored within our CRM is retained only for as long as necessary to fulfil the purposes for which it was collected, including legal, contractual, and regulatory obligations.
For more information about how ConnectWise processes personal data, please refer to the ConnectWise privacy notice.
We use a third-party provider, Mailchimp, to deliver our monthly e-newsletters. We collect your name and email address when you subscribe.
We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter.
The lawful basis for this processing is your consent. You can withdraw your consent at any time by using the unsubscribe link included in every email or by contacting us directly.
For more information, please see Mailchimp’s privacy notice.
We use Webflow to host our website and blog. Webflow collects anonymous information about users’ activity on the site, such as the number of users viewing pages, to help us monitor and improve the effectiveness of the site.
Where visitors are required to submit a name and email address (for example, to submit forms or comments), this information is only used for the stated purpose and is not shared beyond what is necessary to provide the service.
The lawful basis for this processing is consent or legitimate interests, depending on the interaction.
For more information about how Webflow processes data, please see their privacy notice.
Our website search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either Ironshare or any third party.
While no online service is 100% secure, we take appropriate technical and organisational measures to protect personal information.
We use third-party services to help maintain the security and performance of the Ironshare website. To deliver this service, these providers may process visitors’ IP addresses for security monitoring, fraud prevention, and performance optimisation.
The lawful basis for this processing is our legitimate interests in protecting our website and systems.
We use Transport Layer Security (TLS) to encrypt and protect email traffic where supported. If your email service does not support TLS, emails sent or received may not be protected in transit.
We monitor incoming emails, including attachments, for viruses and malicious software. Please ensure that any email you send is lawful and does not contain malicious content.
The lawful basis for processing email correspondence is legitimate interests and, where applicable, contractual necessity.
We retain personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, or reporting requirements.
Examples include:
Under UK GDPR, you have the right to:
To exercise any of these rights, please contact us using the details below.
If you have concerns about how we handle your personal data, we encourage you to contact us in the first instance.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection matters.
This privacy policy does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
We keep this privacy notice under regular review and may update it from time to time. Any material changes will be published on our website.
This privacy notice was last updated on 15 December 2025.
If you want to request information about our privacy policy or exercise your data protection rights, you can email us at:
