PRIVACY POLICY

Incinco Ltd  ·  incinco.com

Last updated: May 2026

1. Introduction

1.1 Who we are

Welcome to Incinco Ltd’s Privacy and Data Protection Policy (“Privacy Policy”). Incinco Ltd is a company registered in England and Wales with registered number 03567726 (“we”, “us”, or “our”). We design and manufacture industrial incineration systems for medical, general, agricultural, mining, and containerised waste applications, supplying customers worldwide.

We are committed to protecting and respecting your privacy and personal data in compliance with the United Kingdom General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018, and all other applicable laws and regulations of the United Kingdom.

We are your Data Controller and are responsible for your personal data. This Privacy Policy explains how we collect, process, and keep your data safe, your privacy rights, and how the law protects you.

1.2 How your personal data is collected

We only collect and process data about you where we have a lawful reason for doing so. We may collect data from the following sources:

  • Direct interactions. You may give us your personal data by corresponding with us by post, phone, email, or our website. This includes data you provide when you submit an enquiry or contact form, request a quotation, agree to receive marketing, interact with us on social media, or give us feedback.
  • Automated technologies. As you interact with our website, we automatically collect technical data about your device, browsing actions, and patterns using cookies, server logs, and similar technologies. Please see our Cookie Policy for further details.
  • Third parties. We may receive technical data from analytics providers and search information providers, and contact data from publicly available business sources.

1.3 Monitoring of communications

Subject to applicable laws, we may monitor and record your communications with us, such as calls and emails, for the purposes of quality control, staff training, and regulatory compliance.

1.4 Types of data we collect about you

“Personal Data” means any information about an individual from which that person can be identified. It does not include anonymous data. As a business-to-business operation we collect only limited personal data. The full scope of data we may collect is:

  • Identity Data: your first name, last name, and job title.
  • Contact Data: your company name, email address, telephone number, and country or region.
  • Enquiry Data: the content of any message, enquiry, or quotation request you submit.
  • Technical Data: IP address, browser type and version, time zone setting and location, operating system and platform, and other technology on the devices you use to access our website.
  • Usage Data: information about how you use our website, including pages visited, time on page, and referral source.
  • Marketing and Communications Data: your preferences in receiving marketing from us.

We do not collect special category data such as your race or ethnicity, religious or philosophical beliefs, health, sex life, sexual orientation, political opinions, or trade union membership. We do not require or collect financial or payment card data through our website.

If you provide personal data on behalf of another named individual (for example, a colleague), you must have their authority to do so and have shared this Privacy Policy with them beforehand.

1.5 The legal basis for collecting your data

Under UK GDPR there are several lawful bases that allow the collection and processing of personal data. The bases we rely on are:

  • Consent: where you have actively agreed, for example by ticking a box to receive our communications. You may withdraw consent at any time.
  • Performance of contract: where we need information to fulfil our contractual obligations and provide you with a product or service.
  • Legal obligation: where we are required by law to collect or process certain data.
  • Legitimate interest: where we have a legitimate business reason to process data that does not materially impact your rights — for example, responding to a sales enquiry or improving our website.

2. How we use your personal data

2.1 Our uses

We will only use your personal data when the law allows us to. The table below sets out the purposes for which we use your data and the lawful bases we rely on. The examples are indicative; we will never process your data without a lawful basis.

2.2 Marketing communications

We will only send you marketing communications where you have consented to receive them, or where we have a legitimate interest to do so and you have not opted out. You can change your marketing preferences at any time — see section 3.4 below.

2.3 Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for a compatible reason. If we need to use your data for an unrelated purpose, we will notify you and explain the lawful basis that allows us to do so. We may process your data without your knowledge or consent where this is required or permitted by law.

3. How your data is protected and your rights

3.1 How we protect your personal data

Keeping your data secure is important to us. Once we receive your data we apply security measures in line with good practice and UK GDPR, including:

  • Storing your data on secure servers, or those of our trusted third-party providers.
  • Defining the permitted purposes for which data may be used.
  • Limiting access only to those employees or third parties who need it.
  • Applying physical and technical security measures to prevent unauthorised access.
  • Securely disposing of data when it is no longer needed.

Data transmitted over the internet can never be guaranteed to be 100% secure. While we do our best to protect your information, we cannot guarantee the security of data you transmit to us, and any transmission is at your own risk.

3.2 Your rights

Under UK GDPR you have the following rights:

  • Access — request a copy of the data we hold about you and how it is processed.
  • Rectify — request that any inaccurate data be corrected.
  • Erasure — request that we erase your data, subject to any legal obligation to retain it.
  • Restrict — request that we stop processing your data.
  • Object — object to certain ways we process your data.
  • Transfer — request that your data be shared with a third party in a portable format.
  • Withdraw consent — where we rely on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us using the details in section 7. We will respond to all legitimate requests within one month. Occasionally it may take longer if your request is complex, in which case we will keep you updated.

3.3 Requesting your data

You will not have to pay a fee to access your personal data or exercise any of your rights. We may need to request specific information from you to confirm your identity before disclosing data — this is a security measure to ensure data is not disclosed to anyone who has no right to receive it.

3.4 Opting out of marketing

You can ask us to stop sending you marketing messages at any time by using the “unsubscribe” link in any marketing email, or by contacting us. If you opt out of marketing, we will still retain other personal data provided through your dealings with us.

4. Your data and third parties

4.1 Will we share your data with third parties?

We do not sell or rent your data. We will not share your data with third parties for their own marketing purposes. We may share your personal data with the following parties for the purposes set out in section 2, under agreements that require them to keep your data secure and use it only as instructed:

  • Approved regional distributors — where your enquiry or location indicates a local distributor is best placed to assist you. We will always inform you and obtain your consent before doing so.
  • Suppliers and subcontractors — for the purposes of manufacturing, delivering, installing, and maintaining products.
  • IT and service providers — including hosting, email, CRM, and analytics providers who support our operations.
  • Professional advisors — including accountants and lawyers, for auditing, compliance, and corporate governance.
  • Regulators and enforcement bodies — where we have a legal duty to disclose your data.
  • Prospective purchasers — if our business or part of it is sold or reorganised, we may transfer your data to the buyer, who must use it in accordance with this policy.

4.2 Third-party links

Our website may include links to third-party websites, plug-ins, and applications. Clicking those links may allow third parties to collect or share data about you. We do not control these websites and are not responsible for their privacy statements. We encourage you to read the privacy policy of every website you visit.

5. How long we retain your data

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including satisfying any legal, regulatory, tax, accounting, or reporting requirements. By law we keep basic information about our customers (including contact, identity, and transaction data) for six years after they cease being customers, for tax and regulatory purposes. We will retain enquiry and contact records for up to 15 Years after last contact unless you ask us to remove them sooner. We may retain data for longer in the event of a complaint or potential litigation. In some circumstances we will anonymise your data for research or statistical purposes, in which case we may use it indefinitely.

6. International transfer of data

As a global exporter based in the UK, we work with distributors and third-party providers located elsewhere. Processing your data may involve transferring it outside the UK and the European Economic Area (EEA). Whenever we do this, we ensure appropriate safeguards are in place so that your data receives a similar degree of protection as it would in the UK — for example, through contractual standards that our partners must follow. If you would like more information about these safeguards, please contact us.

7. Contact details and complaints

We are not obliged under UK GDPR to appoint a data protection officer and have not done so. Any enquiries about your data should be sent to us by email at info@incinco.com, or in writing to Incinco Ltd, C/O Keelings, Broad House, The Broadway, Old Hatfield, Hertfordshire, AL9 5BG.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection. You can visit their website at www.ico.org.uk or call them on 0303 123 1113. We would, however, appreciate the chance to address your concerns before you approach the ICO.

8. Changes to this policy

We keep this Privacy Policy under regular review and will place any updates on this webpage. The date at the top of this page reflects the most recent version. Continued use of our website following any update constitutes acceptance of the revised policy.

9. Interpretation

All uses of the word “including” mean “including but not limited to”, and the enumerated examples are not intended to limit the term they illustrate.

Incinco Ltd  ·  incinco.com  ·  enquiries@incinco.com  ·  Hertfordshire, United Kingdom