Privacy policy

Want to talk to us about privacy and your data?

That’s great, it’s what we do.

iCompli Limited (“we”, “us”, “our”) is the Data Controller for this website and we are notified with the UK Information Commissioner (Z2436147). If you would like to write, or email us regarding your personal data, our contact details are on the company/contact page of this web site or below.

What personal data do we process and why?


Our ‘contact us’ page allows you to provide basis contact information and the nature of your request. We will use the personal data provided to contact you about your enquiry.

Our mailing list, twitter feed (@icompli) and LinkedIn pages help us to share important information with you. If you choose to subscribe to our mailing lists, we will ask for your name and email address so that we can send you information relevant to compliance, your role, and our consultancy and training services.

If you engage with us as a client, we will process your business contact information for the purpose of fulfilling our contractual obligations under any client contract and meeting our legal obligations as a UK established business.

What lawful bases for processing do you use?

Our Contact Form provides a way for you to engage with iCompli on a professional basis. We will use our legitimate interests of business development to process the personal data you provide. We will only use this data to respond to your solicited requests.

Our mailing list invites you to click on the ‘subscribe’ button, indicating your consent for us to use your email address for the purpose described above. If you do not open, or engage with our content, your consent will expire after two years, and we will remove your contact details from our direct marketing database.

Personal data processed for client engagements will be necessary for the fulfilment of contracts, meeting our legal obligations e.g., finance and accounting, and our legitimate interests e.g., delivering service excellence and promoting our business.

Data retention.

Client contact information e.g., name, email address, job title, will be retained for the duration of any client engagement and for a further six (6) years following cessation of engagement.

Contact information that does not lead to a client engagement will be retained for three (3) years.

Mailing list personal data will be retained for as long as there is a ‘positive engagement’ e.g., email open, click-through action, and then a further two (2) years.

Your data rights.

Given the limited nature of the personal data we process, the most important data rights are likely to be ... ;

The right to withdraw consent,

The right to object, and

The right of access.

Consent. You have the right to withdraw your consent at any time. Please use the contact information below to request your withdrawal.

In addition to your right to withdraw consent, we will always ensure our email direct marketing has a simple means to unsubscribe, as required by the Privacy and Electronic Communications (EC Directive) Regulations 2003 (“PEC Regs”).

Objection. You have the right to ask us to cease processing personal data for the purpose of direct marketing. If you wish to exercise this right, please use the contact details below.

Access. You have a qualified right of access to data which we hold about you. Upon making a written request iCompli will:

  • Seek to positively identify you using the minimum personal data necessary
  • tell you whether any personal data is being processed by us;
  • provide a description of the personal data, the reasons it is being processed, and whether it will be given to any other organisations or people;
  • provide a copy of the information comprising the data; and given details of the source of the data (where this is available).

An email sent to is an acceptable form of written notification.

Sharing your data.

We DO share your data with our data processors to fulfil the purposes detailed above. All our processors will be contracted to provide services in accordance with UK GDPR, including providing sufficient guarantees regarding the safety of any personal data we share with them or onwards to their sub-processors.

We WILL share your data if requested by law enforcement agencies, the Government and/or legal counsel. We will however always take note of any duty of confidence we owe to you as part of our decision on whether to disclose or not.

We MAY share your data if a merger or acquisition or other change in organisational structure means that we must transfer data to a different or additional controller. We will ensure that the data are NOT used for purposes other than those for which the data was originally obtained. Our lawful basis for such data sharing will be our legitimate interests in maximising the value of any corporate sale proceeds.

We will NOT share your data with other controllers for the purpose of their direct marketing.

Overseas data transfer.

We do NOT routinely transfer any personal data to organisations outside of the UK or EEA.

Personal data transferred to EEA countries will be done so based on UK adequacy regulations.

Should we require to transfer your data outside of the UK and EEA, we will ensure appropriate safeguards are in place e.g., EU standard contractual clauses with UK Addendum and/or the UK International Data Transfer Agreement.


To comply with the UK PEC Regs, we must ensure that when visiting our site(s) you are made aware of our use of cookies, the consequences of this, and that you made a positive action to show us that you wanted to accept any non-essential cookies.

We want our websites and social media platforms to work hard for us, and that means understanding how well visitors can navigate our sites and find the information and guidance they are searching for. To do this we third-party providers of analytics services e.g., Google and GA4, to help us identify how people found our website, what pages they visited and what actions they took on certain pages.

If, after having consented to non-essential cookies, you would like to remove or block these, you can delete these cookies from your browser and change your permissions using our 'cookie consent tool’ accessible from all webpages.

For full details of the cookies we MAY deploy, please see our dynamic cookie listing on the iCompli website.


We trust that we will be able to resolve any data issues you may have.

If you would like to make a complaint to the UK regulator, their contact details can be found on their website at

Contact Us.

Our mailing address is.

iCompli Ltd.

Data Protection Officer

124 City Road




The data protection officer (senior responsible individual) is Duncan Smith


Our email address is