top of page
CGATE-logo
Get a Quote

Privacy Policy

CGATE GROUP – Privacy Policy

 

1. Introduction

CGATE Group ("CGATE", "we", "us", or "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information when you visit our website, contact us, or use our services.

This Policy is compliant with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the UK GDPR, and all applicable data protection legislation. It applies to all individuals whose personal data we process, including customers, prospective customers, website visitors, business contacts, and distributors.

 

2. Who We Are — Data Controller

CGATE Group acts as the data controller for personal data collected through this website and in the course of our business activities. If you have any questions about this Privacy Policy or wish to exercise your rights, please contact our Data Protection point of contact at:

CGATE Group

Email: info@cgategroup.com

Website: www.cgategroup.com

 

3. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Data You Provide Directly

  • Name, job title, and company name

  • Email address, phone number, and postal address

  • Enquiry details, messages, or project specifications submitted via our contact form or email

3.2 Data Collected Automatically

  • IP address and browser type

  • Pages visited, time spent on site, and referral source

  • Cookie data and device identifiers (see our Cookie Policy)

3.3 Data Received from Third Parties

  • Business contact details from trade directories, exhibitions, or referral partners

  • Information from distributors or resellers regarding end-customer requirements

 

4. How We Use Your Personal Data

We process your personal data only where we have a valid legal basis to do so. The purposes for which we use your data, and the corresponding lawful bases, are as follows:

4.1 To Provide and Manage Our Services (Contractual Necessity — Art. 6(1)(b) GDPR)

  • Processing enquiries, quotes, and orders

  • Managing shipments, delivery logistics, and supply chain coordination

  • Communicating with you about your account or orders

4.2 To Comply with Legal Obligations (Legal Obligation — Art. 6(1)(c) GDPR)

  • Maintaining financial and transactional records

  • Complying with export control, customs, and trade regulations

  • Responding to lawful requests from regulatory or governmental authorities

4.3 For Our Legitimate Business Interests (Legitimate Interests — Art. 6(1)(f) GDPR)

  • Sending relevant product updates, industry news, or promotional materials to existing business contacts

  • Improving our website and service quality through analytics

  • Fraud prevention, network security, and IT systems management

  • Business development, market research, and CRM management

4.4 With Your Consent (Consent — Art. 6(1)(a) GDPR)

  • Sending marketing communications to new contacts who have opted in

  • Placing non-essential cookies on your device (see our Cookie Policy)

You may withdraw your consent at any time by contacting us or using the unsubscribe link in any marketing email.

 

5. How We Share Your Personal Data

We do not sell your personal data. We may share your data with trusted third parties only where necessary and on a strictly controlled basis:

  • Logistics and freight partners — to manage shipping and delivery of orders

  • Manufacturers and production partners — where required to fulfil your specifications

  • IT and software service providers — hosting, CRM, email, and analytics platforms

  • Professional advisors — legal, financial, and compliance consultants

  • Regulatory and governmental bodies — where required by law

All third-party processors are bound by data processing agreements and are required to handle your data in accordance with GDPR.

 

6. International Data Transfers

As a global business, CGATE Group may transfer your personal data to countries outside the European Economic Area (EEA), including to our manufacturing and logistics partners worldwide.

Where such transfers occur, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission

  • Transfers to countries recognised by the European Commission as providing an adequate level of data protection

  • Binding Corporate Rules or other approved transfer mechanisms, as applicable

You may request further information about the safeguards we use for international transfers by contacting us at privacy@cgategroup.com.

 

7. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. Our standard retention periods are:

  • Customer and transactional records: 7 years (for legal and tax compliance purposes)

  • Marketing contact data: Until consent is withdrawn or an opt-out is received

  • Website analytics data: Up to 26 months

  • Enquiry and correspondence records: 3 years from last contact

When data is no longer required, it is securely deleted or anonymised in accordance with our data retention procedures.

 

8. Your Rights Under the GDPR

Under the GDPR and applicable data protection law, you have the following rights in relation to your personal data:

  • Right of Access — to obtain a copy of the personal data we hold about you (Subject Access Request)

  • Right to Rectification — to request correction of inaccurate or incomplete data

  • Right to Erasure — to request deletion of your data in certain circumstances ('right to be forgotten')

  • Right to Restrict Processing — to request we limit how we use your data

  • Right to Data Portability — to receive your data in a structured, machine-readable format

  • Right to Object — to object to processing based on legitimate interests or for direct marketing

  • Right to Withdraw Consent — where processing is based on your consent, to withdraw it at any time

  • Rights related to Automated Decision-Making — not to be subject to solely automated decisions that significantly affect you

To exercise any of these rights, please contact us at info@cgategroup.com. We will respond within one calendar month of receiving your request. There is no charge for making a request.

If you are not satisfied with how we handle your request or manage your data, you have the right to lodge a complaint with your national data protection supervisory authority. In the EU, this is your local Data Protection Authority (DPA). In the UK, this is the Information Commissioner's Office (ICO): www.ico.org.uk.

 

9. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyse site traffic, and support our marketing activities. We operate a consent-based cookie model in line with the ePrivacy Directive and GDPR.

Essential cookies are placed automatically as they are strictly necessary for the website to function. All other cookies (analytics, preferences, marketing) are placed only with your prior consent, which you may provide or withdraw via our cookie consent banner.

For full details of the cookies we use, please refer to our Cookie Policy, available on our website.

 

10. Data Security

CGATE Group takes the security of your personal data seriously. We implement appropriate technical and organisational measures to protect your data against unauthorised access, accidental loss, alteration, or disclosure. These measures include:

  • Encrypted transmission of data (TLS/SSL) across our website and communications

  • Access controls and role-based permissions for internal systems

  • Regular security assessments and staff training on data protection

  • Secure data storage with restricted physical and digital access

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required, inform affected individuals without undue delay.

 

11. Children's Privacy

Our website and services are directed at business professionals and are not intended for use by individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, please contact us immediately at info@cgategroup.com, and we will take prompt steps to delete it.

 

12. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. The date at the top of this page indicates when the Policy was last revised. We encourage you to review this Policy periodically. Where changes are material, we will take reasonable steps to notify you.

 

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please contact us:

CGATE Group — Data Protection Enquiries

Email: info@cgategroup.com

Website: www.cgategroup.com

We are committed to working with you to resolve any concerns about your privacy in a fair and transparent manner.

 

© 2026 CGATE Group. All rights reserved.

Your Data Is Important to Us!

bottom of page