GDPR & data protection
Last updated: 7 July 2026
This statement sets out how Spireway Global Ltd (trading as Vision360) complies with the UK GDPR, the Data Protection Act 2018 and, where applicable, the EU General Data Protection Regulation (Regulation (EU) 2016/679). It should be read alongside our Privacy policy.
Our core commitments
- We do not sell, rent or trade personal data. Ever. To anyone. Under any commercial arrangement.
- Personal contact details are never publicly visible on this website. Emails, phone numbers and mobile numbers are hidden and blurred on public profile pages and are not exposed in page source, APIs, downloads, or search-engine snippets.
- Public profile pages show only limited business-context information — name, job title, employer, LinkedIn URL and general location — used solely to help people find us via search engines and AI answer engines.
- You are always in control. You can request removal of any page featuring you or your company at any time, for any reason, free of charge.
Lawful bases we rely on
We process personal data under one or more of the following Article 6(1) UK/EU GDPR lawful bases:
- Legitimate interests (Art. 6(1)(f)) — for B2B relationship-building, marketing to businesses, website analytics, and the operation of publicly discoverable business-context profile pages. We have carried out a Legitimate Interests Assessment (LIA) balancing our interests against the rights and freedoms of data subjects and apply strict safeguards (no personal contact detail exposure, easy opt-out, prompt removal on request).
- Contract (Art. 6(1)(b)) — to deliver services you have requested and manage your account.
- Consent (Art. 6(1)(a)) — where required for certain electronic marketing (PECR) and non-essential cookies.
- Legal obligation (Art. 6(1)(c)) — where we must process data to comply with the law.
Your GDPR rights
You have the right to:
- Be informed about how we use your data (this page and the Privacy policy).
- Access a copy of the personal data we hold about you.
- Have inaccurate data rectified.
- Have your data erased ("right to be forgotten"), including removal of any public profile page featuring you.
- Restrict processing.
- Data portability.
- Object to processing based on legitimate interests, including direct marketing.
- Not be subject to solely automated decision-making with legal effect.
- Withdraw consent at any time where processing is based on consent.
Remove me / my company from this website
To request removal of a profile page or any personal data, email privacy@spirewayglobal.com with the URL of the page and a brief confirmation of your identity / authority. We will action valid requests promptly, typically within a few business days and always within the one-month UK GDPR statutory window. There is no fee.
Data retention
We retain personal data only for as long as necessary for the purposes for which it was collected, to comply with legal, accounting or reporting requirements, and to resolve disputes. Records used for outreach are reviewed periodically and removed when no longer relevant.
International transfers
Where data leaves the UK/EEA it is protected by UK/EU adequacy decisions or Standard Contractual Clauses (SCCs) with additional safeguards where required.
Security
We apply appropriate technical and organisational measures under Art. 32 GDPR: TLS in transit, encryption at rest for sensitive fields, least- privilege access controls, hardened authentication, audit logging, and incident-response procedures.
Data breach notification
In the unlikely event of a personal-data breach that is likely to result in a risk to individuals, we will notify the UK ICO within 72 hours of becoming aware, and affected individuals without undue delay, in line with Art. 33 and 34 UK GDPR.
Complaints
You have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk or, if you are in the EU, with your local supervisory authority. We would, however, appreciate the chance to resolve any concerns first — please contact us at privacy@spirewayglobal.com.
Data Protection Officer / contact
Spireway Global Ltd — privacy@spirewayglobal.com.
This statement is provided for general information and is not legal advice.