This Privacy Policy explains how Mohr & Coleman (“Mohr & Coleman”, “we”, “us”, “our”), a trading name of Ricochet Group Ltd (Company No. 07576556), registered in England and Wales at 107 Fore Street, Hertford, SG14 1AS, collects, uses, and protects personal data. We primarily handle business-related data; however, this may include personal data.

We may collect the following types of personal data: names; email addresses; telephone numbers; and business or physical addresses.

We do not intentionally collect sensitive personal data unless it is provided to us directly and is necessary for the provision of our Services.

We collect personal data through: contact forms on our website; enquiry or quotation forms; direct communication via email or telephone; and ongoing client relationships.

We process personal data on the following bases: consent, where you have provided it for specific purposes; legitimate interests, where processing is necessary for the operation and delivery of our Services; and contractual necessity, where processing is required to enter into or perform a contract.

Where consent is relied upon, it may be withdrawn at any time.

We use personal data for the following purposes: to respond to enquiries and communicate with you; to discuss, deliver, and support projects; to maintain accurate and up-to-date records; and to provide relevant information about our Services where appropriate.

We do not carry out automated decision-making or profiling, and we do not maintain mass marketing lists.

We retain personal data only for as long as necessary. For enquiries, data may be retained for up to thirty (30) days unless further engagement is established or consent is provided; and for clients, data may be retained for the duration of the relationship and for a reasonable period thereafter where required for support, legal, or operational purposes.

You may request deletion of your data at any time, subject to legal or contractual obligations.

We may share personal data where necessary with: hosting providers, domain providers, or infrastructure services; professional advisers or service providers; and other third parties where required to deliver our Services.

We only share personal data where necessary and appropriate, and we do not sell personal data.

We take appropriate technical and organisational measures to protect personal data, including: secure systems and password-protected access; encryption of data in transit where appropriate; and restricted access to authorised individuals.

Personal data may be processed by Third-Party Services located outside the United Kingdom. Where this occurs, appropriate safeguards are applied where required by law.

Under applicable data protection law, you have the right to: be informed about how your data is used; access the personal data we hold about you; request correction of inaccurate data; request deletion of your data; restrict or object to processing; request transfer of your data; and lodge a complaint with the Information Commissioner's Office.

If you have any questions about this policy or your personal data, you may contact us using the details provided on our website.

We may update this Privacy Policy from time to time. Updated versions will be published on our website.