Privacy Policy

Last Updated: 14th January 2026

1. Introduction

Aquila Group ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website aquilagroup.io or engage with our services.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site or use our services.

2. Information We Collect

2.1 Personal Information You Provide

We may collect personal information that you voluntarily provide to us when you:

  • Contact us via email, phone, or contact forms

  • Request information about our services

  • Engage with us for advisory services

  • Subscribe to our newsletter or updates

This information may include:

  • Name and contact details (email address, phone number, postal address)

  • Company name and position

  • Professional background and industry sector

  • Communication preferences

  • Any other information you choose to provide

2.2 Automatically Collected Information

When you visit our website, we may automatically collect certain information about your device, including:

  • IP address

  • Browser type and version

  • Operating system

  • Referring URLs

  • Pages viewed and time spent on pages

  • Date and time of visits

We collect this information using cookies and similar tracking technologies.

3. How We Use Your Information

We use the information we collect to:

  • Respond to your enquiries and provide requested information

  • Deliver our advisory services

  • Communicate with you about our services, including threat landscape updates and industry developments

  • Improve our website and services

  • Comply with legal obligations

  • Protect against fraud, security threats, and abuse

  • Analyse website usage and trends

4. Legal Basis for Processing (UK GDPR)

Under UK GDPR, we process your personal data on the following legal bases:

  • Consent: When you have given clear consent for us to process your personal data for specific purposes

  • Contract: When processing is necessary to fulfil our contractual obligations to you

  • Legitimate Interests: When processing is necessary for our legitimate business interests, such as improving our services, provided this does not override your rights

  • Legal Obligation: When we must process your data to comply with legal requirements

5. Sharing Your Information

We do not sell, trade, or rent your personal information to third parties.

We may share your information in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist us in operating our website and conducting our business (e.g., hosting providers, email services), under strict confidentiality agreements

  • Business Partners: When necessary to deliver our services, with your explicit consent

  • Legal Requirements: When required by law, regulation, legal process, or governmental request

  • Business Transfers: In connection with any merger, sale of company assets, or acquisition

6. Data Security

We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest

  • Secure servers and access controls

  • Regular security assessments

  • Staff training on data protection

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

7. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When determining retention periods, we consider:

  • The nature and sensitivity of the information

  • The purposes for which we process the data

  • Legal and regulatory requirements

  • Our legitimate business interests

8. Your Rights

Under UK GDPR and Data Protection Act 2018, you have the following rights:

  • Right of Access: Request copies of your personal data

  • Right to Rectification: Request correction of inaccurate or incomplete data

  • Right to Erasure: Request deletion of your personal data in certain circumstances

  • Right to Restrict Processing: Request limitation of processing in certain circumstances

  • Right to Data Portability: Request transfer of your data to another organisation

  • Right to Object: Object to processing based on legitimate interests

  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us using the details in Section 12.

9. Cookies

Our website uses cookies to enhance your browsing experience. Cookies are small text files stored on your device that help us:

  • Remember your preferences

  • Understand how you use our website

  • Improve website functionality

You can control cookie settings through your browser. Please note that disabling cookies may affect website functionality.

For detailed information about the cookies we use, please see our Cookie Policy.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. International Data Transfers

Given the nature of our business, your information may be transferred to and processed in countries outside the UK. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the UK authorities

  • Adequacy decisions recognising equivalent data protection standards

  • Other legally approved transfer mechanisms

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Aquila Group
Email: info@aquilagroup.io

3rd Floor, 45 Albemarle Street
London, W1S 4JL

13. Complaints

You have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe we have not handled your personal data appropriately:

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Phone: 0303 123 1113
Website: www.ico.org.uk

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website with a revised "Last Updated" date. We encourage you to review this Privacy Policy periodically.

This Privacy Policy is effective as of 14th January 2026