GDPR & Data Protection Policy

Apollo Central LTD

Apollo Central LTD is committed to protecting the privacy and personal data of our users, customers, partners, and employees. We handle personal data responsibly, transparently, and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy explains how we collect, use, store, and protect personal data when you use our website, software products, and services.

1. Data Controller

Apollo Central LTD acts as the Data Controller for personal data processed in connection with our website, software products, and services.

If you have questions about this policy or how your data is handled, you can contact us via our standard support or contact channels.

2. What Personal Data We Collect

Depending on how you interact with us, we may collect and process the following types of personal data:

  • Contact information (such as name, email address, or company name)
  • Account or support-related information
  • Technical data (such as IP address, browser type, operating system, and device information)
  • Usage data relating to how our website or software is accessed and used
  • Communications sent to us via email, forms, or support channels

We do not intentionally collect special category data unless it is strictly necessary and lawful to do so.

3. How We Use Personal Data

We process personal data only where there is a lawful basis to do so. Personal data may be used for the following purposes:

  • Providing, operating, and maintaining our software and services
  • Responding to enquiries, support requests, or feedback
  • Improving the performance, usability, and accessibility of our products
  • Managing customer and business relationships
  • Complying with legal and regulatory obligations
  • Protecting our systems against fraud, misuse, or security threats

4. Lawful Bases for Processing

Under UK GDPR, we rely on one or more of the following lawful bases:

  • Consent – where you have given clear consent
  • Contract – where processing is necessary to perform a contract
  • Legal obligation – where required by law
  • Legitimate interests – where processing is necessary for our legitimate business interests and does not override your rights

5. Data Sharing and Third Parties

We do not sell personal data.

We may share personal data with trusted third parties only where necessary, such as:

  • Hosting, infrastructure, or cloud service providers
  • Analytics or monitoring services
  • Professional advisers or regulatory bodies where legally required

All third parties are required to process data securely and in accordance with applicable data protection laws.

6. International Data Transfers

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms recognised under UK GDPR.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements.

When personal data is no longer required, it is securely deleted or anonymised.

8. Data Security

Apollo Central LTD takes appropriate technical and organisational measures to protect personal data, including:

  • Access controls and authentication measures
  • Secure storage and transmission of data
  • Regular system monitoring and updates
  • Internal policies governing data handling and access

While no system can be guaranteed to be completely secure, we take reasonable steps to protect personal data from unauthorised access, loss, or misuse.

9. Your Data Protection Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate or incomplete data
  • Request erasure of your data (“right to be forgotten”)
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent where processing is based on consent

Requests can be made via our standard contact channels. We may need to verify your identity before responding.

10. Cookies and Tracking Technologies

Our website may use cookies or similar technologies to improve functionality, performance, and user experience.

Where required, consent will be obtained, and you can manage your cookie preferences through your browser or any cookie management tools provided on our site.

11. Complaints

If you are concerned about how we handle your personal data, we encourage you to contact us first so we can address the issue.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection authority.

12. Changes to This Policy

We may update this GDPR & Data Protection Policy from time to time to reflect changes in our practices, services, or legal requirements.

Any significant changes will be published on our website.

13. Policy Review

  • Policy created: 26 December 2025
  • Last reviewed: 26 December 2025
  • Next scheduled review: 26 December 2026