Privacy Policy

1. Introduction

Cambridge Fluid Systems Ltd is a company incorporated in England and Wales, company registration number 02129153. Our registered office is 12 Trafalgar Way, Bar Hill, Cambridge, CB23 8SQ

2. This Policy

This Policy is issued by Cambridge Fluid Systems Ltd and is addressed to individuals outside our organisation with whom we interact, including visitors to our website and other users of our services. Defined terms used in this Policy are explained in Section (13) below.

For the purposes of this Policy, Cambridge Fluid Systems Ltd is the “Controller”. Contact details are provided in Section (12) below.

This Policy may be amended or updated from time to time to reflect changes in our practices with respect to the Processing of Personal Data, or changes in applicable law. We encourage you to read this Policy carefully, and to regularly check this page to review any changes we might make in accordance with the terms of this Policy.

 3. Processing your Personal Data

Collection of Personal Data: we may collect Personal Data about you, such as your name, address and contact details. Examples of sources from which we may collect Personal Data include the following:

  • We may obtain your Personal Data when you provide it to us (e.g., where you contact us via email or telephone, or by any other means).
  • We may collect your Personal Data in the ordinary course of our relationship with you
  • We may collect Personal Data that you manifestly choose to make public, including via our Site.
  • We may receive your Personal Data from third parties who provide it to us (e.g., social media platforms via plugins).
  • We may collect or obtain Personal Data when you visit our Site. When you visit our Site, your device and browser will automatically disclose certain information, some of which may constitute Personal Data (see below).

4.Categories of Personal Data:

The categories of Personal Data about you that we may Process include:

  • Personal details: given name(s); preferred name
  • Contact details: telephone number; email address;
  • Device details: device type, operating system, browser type, browser settings, IP address, language settings, dates and times of connecting to our Site and other technical communications information.


We do not process any special categories of personal data, meaning personal data revealing:

  • Racial or ethnic origin
  • Political opinions, religious or philosophical beliefs
  • Trade union membership
  • Genetic or biometric data that uniquely identifies individuals; or
  • Data concerning an individual’s health, sex life or sexual orientation

We do not process data relating criminal convictions unless legally obliged to do so.

5.Lawful basis for Processing Personal Data:

 In processing your Personal Data in connection with the purposes set out in this Policy, we may rely on one or more of the following legal bases, depending on the circumstances:

•we have obtained your prior express consent to the Processing (this legal basis is only used in relation to Processing that is entirely voluntary – it is not used for Processing that is necessary or obligatory in any way);

•the Processing is necessary in connection with any contract that you may enter into with us;

•the Processing is required by applicable law;

•the Processing is necessary to protect the vital interests of any individual; or

•we have a legitimate interest in carrying out the Processing for the purpose of managing, operating or promoting our business, and that legitimate interest is not overridden by your interests, fundamental rights, or freedoms.

6.Purposes for which we may Process your Personal Data:


  • We may send you direct marketing in relation to our own products and services by phone, email and post, as long as this is in line with any marketing preferences that you have provided to us.
  • We will only send you direct marketing in relation to our own products and services by email, phone and post:
  • where you have consented to this; or
  • where you have not objected to this, and we are marketing similar products and services to those which were the subject of a previous sale or negotiations of a sale to you.


7. How long we keep your personal information

We retain your personal information for no longer than is necessary for the purposes for which the personal information is collected. When determining the relevant retention periods, we will take into account factors including:

  • legal obligation(s) under applicable law to retain data for a certain period of time;


  • statute of limitations under applicable law(s);


  • (potential) disputes, and;


  • guidelines issued by relevant data protection authorities.


  • Otherwise, we securely erase your information once this is no longer needed.


8. Cookies

Where you use our Website, we will process your personal information collected by using cookies in accordance with our Cookie Policy.

For more information on the use of cookies on our Websites please go to our Terms of Use policy.

9. Security

We use reasonable security methods to protect the personal information that we process, including Internet standard encryption technology (“SSL“ or “Secure Socket Layer“ technology) to encode personal information that you send to us through our Website. SSL works by using a private key to encrypt data that‘s transferred over the SSL connection. To check that you are in a secure area of the Website before sending personal information to us, please look at the bottom right of your website browser and check that it displays an image of a closed padlock or an unbroken key.

However, please note that whilst we take appropriate technical and organisational measures to safeguard the personal information that you provide to us, no transmission over the Internet can be guaranteed to be secure. Consequently, please note that we cannot guarantee the security of any personal information that you transfer to us over the Internet.

We have implemented appropriate technical and organizational security measures designed to protect your Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, and other unlawful or unauthorised forms of Processing, in accordance with applicable law.

You are responsible for the ensuring that any Personal Data that you send to us are sent securely.

10. Accuracy of personal Data

We take every reasonable step to ensure that:

•your Personal Data that we Process are accurate and, where necessary, kept up to date; and

•any of your Personal Data that we Process that are inaccurate (having regard to the purposes for which they are Processed) are erased or rectified without delay.

From time to time we may ask you to confirm the accuracy of your Personal Data.


11.Rights Under Data Protection Laws

 Right to object

  • Individuals have the right to object to us processing their personal data where we are processing personal data:
  • based on our legitimate interests. If individuals ask us to stop processing their personal data on this basis, we will stop processing their personal data unless we can demonstrate compelling grounds as to why the processing should continue in accordance with data protection laws; and
  •  for direct marking purposes. If individuals ask us to stop processing their personal data on this basis, we will stop.

 Right of access

  •  Individuals have the right to receive confirmation as to whether their personal data is being processed by us, as well as various other information relating to our use of their personal data. Individuals also have the right to access their personal data which we are processing.

Right to rectification

  • Individuals have the right to require us to rectify any inaccurate personal data we hold about them. Individuals also have the right to have incomplete personal data we hold about them completed, by providing a supplementary statement to us.

Right to restriction

Individuals have the right to restrict our processing of their personal data where:

  •  the accuracy of the personal data is being contested by them;
  • the processing by us of their personal data is unlawful, but the individual does not want the relevant personal data erased;
  • we no longer need to process their personal data for the agreed purposes, but the individual wants to preserve their personal data for the establishment, exercise or defence of legal claims; or
  •  we are processing their data on the basis of our legitimate interest and the individual:

- objects to our processing on the basis of our legitimate interest under section above; and

- wants processing of the relevant personal data to be restricted until it can be determined whether our legitimate interest overrides their legitimate interest.

Where any exercise by an individual of their right to restriction determines that our processing of particular personal data are to be restricted, we will then only process the relevant personal data in accordance with their consent and, in addition, for storage purposes and for the purpose of legal claims.

Right to data portability

  • Individuals have the right to receive their personal data in structured, standard machine readable format and the right to transmit such personal data to another controller.

Right to erasure

  • Individuals have the right to require we erase their personal data which we are processing where one of the following grounds applies:

-             the processing is no longer necessary in relation to the purposes for which their personal data was collected or otherwise processed;

-              our processing of their personal data is based on their consent, the individual has subsequently withdrawn their consent and there is no other legal ground we can use to process their personal data;

-             individuals object to the processing as set out in section of this policy and we have no overriding legitimate interest for our processing;

                -              the personal data have been unlawfully processed; and

                -              the erasure is required for compliance with a law to which we are subject. Individuals have the right to lodge a complaint with the Information Commissioner’s Office, the supervisory authority for data protection issues in England and Wales.

This does not affect your statutory rights.

Exercising rights

To exercise one or more of these rights, or to ask a question about these rights or any other provision of this Policy, or about our Processing of your Personal Data, please use the contact details provided in Section (12) below.


12. Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to or by post : 12 Trafalgar way, Bar Hill, Cambridge, CB23 8SQ

13. Definitions

‘Controller’ means the entity that decides how and why Personal Data is Processed. In many jurisdictions, the Controller has primary responsibility for complying with applicable data protection laws.

•‘Data Protection Authority’ means an independent public authority that is legally tasked with overseeing compliance with applicable data protection laws.

•‘Personal Data’ means information that is about any individual, or from which any individual is identifiable. Examples of Personal Data that we may Process are provided in Section (3)

•‘Process’, ‘Processing’ or ‘Processed’ means anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

•‘Sensitive Personal Data’ means Personal Data about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, national identification number, or any other information that may be deemed to be sensitive under applicable law.