Legal

Privacy Charter

Last updated: January 2026 · CrestLink Engineering Ltd

1. Who We Are

CrestLink Engineering Ltd is a UK-registered B2B industrial supply company (Company Registration No. 15055095, VAT No. 458 0607 83), headquartered at Westminster Business Centre, Printing House Lane, Hayes, UB3 1AP, United Kingdom. We supply certified industrial equipment and components to procurement professionals across the United Kingdom, Oman, Saudi Arabia, the UAE, and the wider GCC region.

This Privacy Charter explains how we collect, use, store, and protect your personal and business data when you use our website at www.crestlinkuk.com or contact us for quotations and procurement services.

2. Our Commitment to Privacy

Privacy is more than a regulatory obligation - it is a design choice and a strategic commitment. We are committed to protecting your privacy through responsible data practices, engineering excellence, and transparency.

We believe you should have control over your personal information. Our guiding principle is to collect only the personal data that is strictly required and we never sell it. We apply data minimisation and anonymisation by design across all of our services and operations.

Privacy is systematically embedded into every phase of our operations, from data acquisition and processing to service delivery. Our systems include safeguards that automatically detect and prevent the use of personal or sensitive data where it does not belong.

3. Data We Collect

We may collect and process the following categories of information:

Full name, job title, and company name
Business email address and telephone number
Delivery address and country of operation
Product enquiry details, part numbers, and quantities
Purchase order references and project information
Account login credentials (encrypted and hashed)
IP address, browser type, and usage data via cookies

4. How We Use Your Data

Your data is used strictly for the following purposes:

Processing and responding to quote requests and RFQs
Managing orders, dispatch, and logistics coordination
Creating and maintaining your procurement account
Sending order confirmations and transactional emails
Providing technical and after-sales support
Complying with UK legal and regulatory obligations
Improving our website and services

We do not sell, rent, or trade your personal data to any third party for marketing purposes.

5. Legal Basis for Processing

We process your data under the following lawful bases as defined by UK GDPR:

Contract performance: to process quotations, orders, and deliver services you have requested

Legitimate interests: to improve our platform and communicate relevant procurement updates

Legal obligation: to comply with UK tax, accounting, and export control regulations

Consent: where you have explicitly opted in to receive communications from us

6. Data Retention

We retain your personal and business data only for as long as necessary to fulfil the purposes outlined in this charter, or as required by UK law. Typically:

Data Type	Retention Period
Quotation and order records	7 years (UK accounting requirement)
Account data	Retained while your account is active
Contact enquiries	2 years from last interaction
Cookie and analytics data	Up to 12 months

7. International Data Transfers

As a supplier serving Oman, Saudi Arabia, UAE, and other GCC countries, some of your data may be processed or stored outside the UK. Where this occurs, we ensure appropriate safeguards are in place in accordance with UK GDPR Chapter V, including Standard Contractual Clauses where required.

8. Your Rights

Under UK GDPR, you have the right to:

Access the personal data we hold about you
Request correction of inaccurate data
Request deletion of your data (right to be forgotten)
Object to or restrict how we process your data
Request a portable copy of your data
Withdraw consent at any time where consent is the basis for processing

To exercise any of these rights, contact us at info@crestlinkuk.com. We will respond within 30 days.

9. Cookies

Our website uses essential cookies to maintain your session and authentication state. We do not use third-party advertising or tracking cookies. You can control cookie behaviour through your browser settings, though disabling essential cookies may affect platform functionality.

10. Security

We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. All data is transmitted over encrypted HTTPS connections. Account passwords are hashed and never stored in plain text. We regularly review our security practices and update them in line with industry standards.

11. Contact & Complaints

If you have any questions about this Privacy Charter or wish to raise a concern, contact us at:

CrestLink Engineering Ltd

Westminster Business Centre, Printing House Lane, Hayes, UB3 1AP, UK

Email: info@crestlinkuk.com

Phone: 02045773645

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

Related Legal Pages

Terms of Commercial SaleOur full commercial terms, delivery conditions, payment terms, and returns policy.Contact UsReach our team directly for data requests, procurement enquiries, or support.