Crystal Clara*

Privacy Policy

At Crystal Clara*, we are committed to protecting your privacy and safeguarding the personal information you share with us. This Privacy Policy explains how we collect, use, store, and protect your personal data. We also outline your rights and how to contact us with any concerns.

Crystal Clara* is part of the OutSec Group, registered in England and Wales under company number 13750093. Our registered office is located at 111 St George’s Square, London, SW1V 3QP. The OutSec Group is registered with the Information Commissioner’s Office (ICO) as a data controller under registration number ZA298519.

If you have any questions about this policy or your personal data, please email our Data Protection Officer at: dpo@outsec.co.uk

1. What Personal Data We Collect

We may collect personal information when you:

  • Use our website or complete our contact form,
  • communicate with us via phone, email, or other channels,
  • register for or subscribe to our services,
  • respond to surveys or take part in promotions,
  • purchase services or engage us in a working relationship,
  • interact with us on social media,
  • use our services as a client or supplier.

This information may include your name, job title, business name, email address, phone number, postal address, payment details, and any correspondence.

We may also collect technical data such as your IP address, browser type, device, operating system, and pages visited, through the use of cookies and analytics tools.

2. How We Use Your Information

We use your personal data to:

  • Provide and manage our remote PA and administrative services,
  • fulfil our contractual and legal obligations,
  • respond to enquiries and manage communications,
  • improve and develop our services and website,
  • send relevant information about service updates or changes,
  • manage billing, payments, and financial records,
  • carry out internal record-keeping and compliance checks.

We do not sell, rent, or trade your personal data to any third party. Your data will only be shared with third parties where it is necessary for our services, required by law, or with your explicit consent.

3. Marketing and Communications

We may contact you with updates or marketing information if you have provided consent or if you are an existing client. You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us directly.

4. Social Media Use

Any interaction with Crystal Clara* via social media platforms is subject to the terms and privacy policies of those platforms. We advise using discretion when engaging with us publicly and recommend using email or phone for confidential matters.

Our website may contain social sharing buttons. Use of these is at your discretion, and please note that social media platforms may track this activity.

5. Use of Cookies

Our website uses cookies to enhance user experience and collect anonymised usage data. Cookies are small text files stored on your device. They help us understand how visitors use our site and allow us to improve functionality.

You can control or disable cookies through your browser settings, though this may impact your experience on our website.

What our cookies do not collect:
We do not store any personally identifiable information such as names, contact details, or payment information in cookies.

For more information about our cookie usage, or to raise any concerns, please contact dpo@outsec.co.uk

6. Google Analytics

We use Google Analytics to help us understand how visitors use our website. This involves collecting anonymised information such as page views, time spent on pages, and how users found us.

Google’s privacy policy can be found at:
https://policies.google.com/privacy
Terms of use:
https://marketingplatform.google.com/about/analytics/terms/us

7. Data Storage and Security

Crystal Clara* stores data securely on cloud services provided by Amazon Web Services (AWS), which complies with internationally recognised security standards, including:

  • ISO 27001
  • SOC 1 & 2
  • PCI DSS (Payment Card Industry Data Security Standard)

We implement technical and organisational security measures such as encryption and access controls to protect your data. Only authorised personnel are permitted to access your data, and all are trained in data protection.

8. External Links

Our website may contain links to external websites. While we aim to link only to reputable sources, we cannot control the privacy practices of third-party sites. Clicking external links is at your own risk, and we recommend reviewing the privacy policies of any third-party sites you visit.

9. Your Rights

Under UK data protection laws, you have the following rights:

  • Access – request a copy of the personal data we hold about you.
  • Rectification – request corrections to any inaccurate or incomplete data.
  • Erasure – ask us to delete your data in certain circumstances.
  • Restriction – request that we limit how we use your data.
  • Portability – request to receive your data in a usable electronic format.
  • Objection – object to processing based on legitimate interests or direct marketing.

To exercise your rights, please contact us at dpo@outsec.co.uk

10. Updates to This Policy

We may update this policy occasionally to reflect changes in regulations, services, or internal procedures. The latest version will always be available on our website. We encourage you to review it regularly.

Crystal Clara*
A service by the OutSec Group
Registered in England & Wales | Company No. 09071874
VAT No. 787 5316 85
Registered Office: 30 Market Place, Swaffham, PE37 7QH