This Privacy Policy explains how AEP Standards Ltd (“AEP Standards”, “we”, “us”, or “our”) collects, uses, and protects personal information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws.

By using our website at www.aepstandards.com

1. Information We Collect

We may collect and process the following categories of personal data:

a) Information You Provide Directly

  • Name, job title, company name

  • Email address, phone number, and postal address

  • Account credentials and profile information (if applicable)

  • Content you upload or submit through our online forms

  • Any correspondence with us, including enquiries or support requests

b) Information Collected Automatically

When you visit our Website, we may automatically collect:

  • IP address and browser type

  • Device information and operating system

  • Usage data, including pages visited, time on site, and referral sources

  • Cookie and analytics data (see Section 6)

c) Information from Third Parties

We may receive information about you from:

  • Event organisers or partners who use our audit or reporting services

  • Publicly available sources such as LinkedIn or company websites

  • Marketing and analytics providers

2. How We Use Your Information

We use personal data for the following purposes:

  • To provide and manage our auditing, reporting, and verification services

  • To communicate with clients, exhibitors, organisers, and partners

  • To improve the accuracy, credibility, and performance of our services

  • To send administrative information and updates

  • To process payments and manage business accounts (if applicable)

  • To comply with legal or regulatory obligations

  • For marketing and promotional communications (where permitted by law)

3. Legal Basis for Processing

We process personal data under one or more of the following legal bases:

  • Performance of a contract – to provide services you have requested.

  • Legitimate interests – for improving our services, maintaining business relationships, and communicating relevant updates.

  • Legal obligations – where processing is required by law.

  • Consent – where you have provided consent for specific uses, such as marketing communications.

You may withdraw consent at any time by contacting us (see Section 10).

4. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, or as required by applicable laws and regulations.
When data is no longer needed, it will be securely deleted or anonymised.

5. Data Security

We take appropriate technical and organisational measures to protect your information against unauthorised access, alteration, disclosure, or destruction.
This includes the use of secure servers, encryption, and restricted access controls.

6. Cookies and Analytics

Our Website uses cookies and similar technologies to enhance user experience, analyse traffic, and improve performance.

You can manage or disable cookies through your browser settings. For more detailed information, please refer to our Cookie Policy.

We may also use analytics tools such as Google Analytics to collect aggregated usage data. This information does not identify individuals directly.

7. Sharing Your Information

We may share your personal data with:

  • Service providers and business partners who support our operations (e.g. IT hosting, analytics, marketing).

  • Event organisers, auditors, or clients where data sharing is necessary to deliver contracted services.

  • Regulatory authorities, government bodies, or law enforcement when required by law.

We do not sell or rent your personal information to third parties.

8. International Transfers

Where data is transferred outside the UK or European Economic Area (EEA), we ensure that adequate safeguards are in place, such as standard contractual clauses or adequacy decisions, in compliance with applicable data protection laws.

9. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Access – request a copy of the personal data we hold about you.

  • Rectification – request correction of inaccurate or incomplete data.

  • Erasure – request deletion of your data, where applicable.

  • Restriction – request limitation of data processing.

  • Portability – request a copy of your data in a portable format.

  • Objection – object to processing based on legitimate interests or direct marketing.

To exercise any of these rights, please contact us using the details below.

10. Contact Us

For any questions or requests regarding this Privacy Policy or your personal data, please contact:

AEP Standards Ltd
Email: standardsboard@aepstandards.com