Phogrynkroz

Privacy Policy

This document explains how Phogrynkroz processes personal data when you visit phogrynkroz.world, contact us, or interact with our lifestyle education and planning resources. We are committed to transparency, lawful processing, and practical safeguards aligned with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Last updated: 7 April 2026 · Applies to phogrynkroz.world

Summary. We collect only what we need to run the site, respond to you, and improve our services. This business provides general lifestyle information in the United Kingdom—not medical care or emergency services. You can exercise rights such as access, correction, and erasure where applicable, and you may complain to the ICO if you are unhappy with how we handle your data.

Scope and updates

This Privacy Policy applies to personal data processed through our website, email, telephone, and any related intake or planning materials we provide in connection with Phogrynkroz. It does not cover third-party websites that we link to; those services have their own policies.

We review this policy when our processing activities, tools, or legal requirements change. When we publish a material update, we adjust the “Last updated” date above. Where we are required to notify you directly, we will do so using the contact details you have provided.

Data controller

The data controller responsible for the processing described in this policy is:

Trading name Phogrynkroz
Address Cavendish St, Cartmel, Grange-over-Sands LA11 6QA, United Kingdom
Contact Phone +44 1539 536362
Email callback@phogrynkroz.world

If you have questions about how we use your personal data, or if you wish to exercise your rights, please contact us using the details above. To protect your information, we may ask you to confirm specific facts so we can verify your identity before we disclose or change records.

Categories of personal data we process

Depending on how you interact with us, we may process the following categories of data. Not every category will apply to every visitor.

Identity and contact details

Examples include your name, email address, telephone number, and postal address if you choose to provide them through forms, email signatures, or during a call.

Communication content

We process the content of messages you send, including questions, preferences, and attachments you include. We may also keep internal notes that summarise agreed next steps where that helps us serve you consistently.

Technical and usage data

When you browse our site, our servers and security tools may process IP addresses, device identifiers, browser type and version, operating system, referring URLs, date and time stamps, and pages viewed. Where analytics or marketing cookies are used, additional pseudonymous identifiers may be processed in line with your cookie choices.

Preference and consent records

We store records of cookie preferences, marketing opt-ins or opt-outs, and similar choices so we can demonstrate what you agreed to and when.

Aggregated or statistical data

We may derive aggregated insights from personal data so we can understand trends. Where aggregation means individuals can no longer be identified, the resulting information may cease to be personal data under applicable law.

Sources of personal data

We obtain personal data directly from you when you complete forms, send email, call us, or otherwise volunteer information. We also generate technical data automatically when you use the site. In limited circumstances, someone else may provide your contact details on your behalf (for example, a colleague forwarding an introduction). If we did not collect data directly from you, we will tell you the source when we are required to do so.

Purposes of processing and legal bases

We process personal data only where we have a lawful basis under UK GDPR. The table below summarises common purposes and the bases we rely on. Specific contexts may involve more than one basis.

  • Responding to enquiries. We use contact details and message content to reply to you. This may be necessary to take steps at your request before entering an agreement, or to perform a contract, and may also rely on legitimate interests in managing our communications fairly.
  • Operating and securing the website. We process technical data to deliver pages, prevent abuse, monitor performance, and investigate incidents. This is often necessary for our legitimate interests in security and reliability, and sometimes to comply with legal obligations.
  • Analytics and product improvement. Where you consent to analytics cookies, we may process usage data to understand how visitors navigate the site and to prioritise improvements.
  • Marketing communications. Where we send promotional messages, we will rely on consent or another lawful basis as appropriate, and you may opt out in line with the instructions we provide.
  • Legal compliance and defence. We may process data to comply with applicable law, respond to lawful requests from public authorities, or establish, exercise, or defend legal claims.

Retention periods

We keep personal data only for as long as necessary for the purposes described in this policy, unless a longer period is required by law or justified by legitimate interests that are not overridden by your rights.

Contact and email threads Typically up to twenty-four months after the last substantive message, unless a longer period is needed to resolve a dispute, defend a claim, or meet regulatory requirements.
Server and security logs Typically up to ninety days, unless extended retention is required for investigation of incidents or by law enforcement request.
Cookie consent records Stored to demonstrate compliance, commonly for multiple years depending on regulatory expectations and the need to resolve queries about historic consent.
Analytics data Where used, retention depends on tool configuration and may range from a few months to twenty-six months for certain advertising-related identifiers, subject to your choices and provider settings.

When retention periods end, we delete or anonymise personal data where feasible. Backup systems may retain copies for a short additional period before automatic overwrite cycles complete.

Sharing personal data and processors

We do not sell your personal data. We may share information with service providers who assist us with hosting, email delivery, customer relationship tools, analytics, or security monitoring. These providers act on our instructions and are subject to contractual clauses requiring confidentiality and appropriate security measures.

We may also disclose personal data if we believe disclosure is necessary to protect the rights, property, or safety of our visitors, our team, or others, or when required by law, court order, or regulatory request.

International transfers

Some of our service providers may process data in countries outside the United Kingdom. Where we transfer personal data internationally, we implement safeguards recognised under UK law, such as the UK International Data Transfer Agreement, standard contractual clauses approved for use in the UK, or adequacy regulations issued by the Secretary of State. We assess whether supplementary measures are needed depending on the destination and risk profile.

Security measures

We implement administrative, technical, and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction. Examples include HTTPS encryption for data in transit, access controls for systems that store messages, secure hosting environments, malware scanning where appropriate, and staff awareness of confidentiality obligations.

No online service can guarantee absolute security. If we become aware of an incident that poses a high risk to your rights, we will assess whether we are required to notify you and/or a supervisory authority under applicable law.

Your rights

Under UK GDPR, you may have the following rights in relation to your personal data, subject to conditions and exemptions:

  • Right of access: request a copy of the personal data we hold about you.
  • Right to rectification: ask us to correct inaccurate data or complete incomplete data.
  • Right to erasure: ask us to delete data in certain circumstances.
  • Right to restriction: ask us to limit processing in specific situations.
  • Right to object: object to processing based on legitimate interests or to direct marketing.
  • Right to data portability: receive certain data in a structured, commonly used, machine-readable format where processing is automated and based on consent or contract.
  • Rights related to automated decision-making: see the section on automated decisions below.
  • Right to withdraw consent: where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

To exercise your rights, contact us using the email or postal address listed above. We may need to verify your identity before fulfilling certain requests. We will respond within one month in many cases, though we may extend that period for complex requests as permitted by law.

Complaints

If you are concerned about how we handle personal data, please contact us first so we can try to resolve the issue. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection. Further information is available at ico.org.uk.

Children

Our website and services are not directed at children under sixteen, and we do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will take steps to delete it promptly where appropriate.

Automated decision-making and profiling

We do not use solely automated decision-making, including profiling, that produces legal or similarly significant effects concerning you in connection with this website. If that changes in the future, we will provide meaningful information about the logic involved and your rights.

Contact

For any questions about this Privacy Policy or our processing activities, write to Phogrynkroz at Cavendish St, Cartmel, Grange-over-Sands LA11 6QA, United Kingdom, or email callback@phogrynkroz.world. Please include enough detail for us to understand your request and respond efficiently.

For more information about cookies and similar technologies, please also read our Cookie Policy.