Skip to main content
Uncategorized
Carn Advisory
  • Home
  • About Us
  • Contact
  • Services
  • More
    • Insights
    • Blog

Blog categorized as Uncategorized

Subscribe to RSS Feed

Categories

  • Uncategorized

    (0)

  • Strategy

    (1)

  • Sustainability

    (1)

  • Safer Gambling

    (1)

  • Regulation

    (0)

Tags

  • Consulting
  • Environmental
  • Social
  • Governance
  • eGaming
  • Charities
  • Regulation
Privacy Policy

 

Privacy Policy
Effective Date: 5 March 2025

Policy Management Record

Policy Version

Last Updated

Next Review Date

Changes Incorporated

1.0

5 March 2025

5 March 2026

Initial version

 

 

Contents

1. Introduction. 

2. Data Controller 

3. What Data We Collect 

4. How We Collect Personal Data. 

5. Purpose and Legal Basis for Processing. 

6. Data Sharing and Third Parties. 

7. International Data Transfers. 

8. Data Retention. 

9. Data Subject Rights. 

10. Data Security. 

11. Updates to This Policy. 

 

 1. Introduction

Carn Advisory ("Carn," "we," "us," or "our") is committed to protecting the privacy and security of personal data. This Privacy Policy explains how we collect, use, store, and protect personal data in compliance with the Data Protection Act 2018, the Applied GDPR (Data Protection (Application of the GDPR) Order 2018), and the GDPR and LED Implementing Regulations 2018

2. Data Controller

Carn Advisory is the data controller for the personal data we process. For any questions about this policy or how we handle your data, please contact us at DPO@carnadvisory.com.

  • Established: Isle of Man
  • Sector: Consultancy & Advisory Services

3. What Data We Collect

We may collect and process the following categories of personal data:

  • Business Contact Information (name, job title, company, email address, phone number, business address)
  • Client & Service Data (correspondence, service requests, engagement records)
  • Financial data (billing information, payment details)
  • Marketing & Communication Data (preferences, responses, and interactions with our marketing materials)
  • Website & Technical Data (IP addresses, cookies, analytics data)

4. How We Collect Personal Data

We collect personal data in the following ways:

  • Directly from individuals (via our website, email, phone, or in-person consultations)
  • Through contractual agreements with clients and service providers
  • Via automated technologies such as cookies when using our website
  • From third-party sources (e.g., business directories, publicly available information)

 

5. Purpose and Legal Basis for Processing

Each processing activity is conducted based on a lawful basis, as set out below:

  • Legitimate Interests – For business communications, networking, and marketing (subject to opt-out rights).
  • Contractual Necessity – Where processing is required to fulfil a contract or service request.
  • Legal Obligation – Where data must be retained for tax, compliance, or legal purposes.
  • Consent – For marketing communications where required.

 

We use personal data to:

  • Provide our consultancy services and fulfil contracts
  • Respond to inquiries and service requests
  • Manage client relationships
  • Send marketing communications (subject to opt-out rights)
  • Improve our website and services through analytics

6. Data Sharing and Third Parties

We do not sell or rent personal data. We may share data with:

·Service providers supporting our operations (IT, marketing, legal, etc.)

·Regulatory authorities, if legally required

·Business partners where necessary for service fulfilment

7. International Data Transfers

If we transfer personal data outside the Isle of Man, the UK and the EU, we ensure that appropriate safeguards (such as Standard Contractual Clauses) are in place to protect the data.

8. Data Retention

We retain personal data only for as long as necessary:

  • Business & client data – Retained for up to 6 years for tax and business record purposes.
  • Marketing data – Retained until opt-out or withdrawal of consent.
  • Website data – Retention period varies; see our Cookie Policy.

9. Data Subject Rights

You have the following rights under Applied GDPR:

  • Right to access your data
  • Right to rectify inaccurate data
  • Right to erasure “right to be forgotten” (where applicable)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing (including marketing opt-out)
  • Right to lodge a complaint with the Isle of Man Information Commissioner (www.inforights.im)

10. Data Security

We implement appropriate technical and organisational measures to protect personal data from unauthorised access, loss, or misuse.

11. Updates to This Policy

We may update this Privacy Policy periodically. The latest version will always be available on our website.

 

For any questions about this Privacy Policy, please contact DPO@carnadvisory.com.

  

Cookie Policy

 

Cookie Policy
Effective Date: 5 March 2025

Policy Management Record

Policy Version

Last Updated

Next Review Date

Changes Incorporated

1.0

5 March 2025

5 March 2026

Initial version

 

 Contents

1. Introduction. 

2. What Are Cookies?. 

3. Types of Cookies We Use. 

4. How We Use Cookies. 

5. Managing Your Cookie Preferences. 

6. Third-Party Cookies. 

7. Updates to This Policy. 

 

1. Introduction

Carn Advisory ("Carn," "we," "us," or "our") uses cookies and similar tracking technologies to enhance user experience, analyse website performance, and support marketing activities.

This Cookie Policy explains what cookies we use, why we use them, and how you can manage your preferences.

2. What Are Cookies?

Cookies are small text files placed on your device when you visit our website. They help us recognize users, improve functionality, and analyse site usage.

 Some cookies are necessary for the site to function properly, while others support analytics and marketing activities.

3. Types of Cookies We Use

We use the following categories of cookies:

·Strictly Necessary Cookies – Essential for website functionality, security, and accessibility. These cannot be disabled.

·Performance & Analytics Cookies – Help us understand how visitors interact with our website by collecting anonymised data (e.g., Google Analytics).

·Functional Cookies – Enhance user experience by remembering preferences and settings.

·Marketing & Advertising Cookies – Used to track user interactions and provide personalised ads. These cookies require consent.

4. How We Use Cookies

We use cookies to:

  • Ensure website security and performance.
  • Improve website navigation and usability.
  • Analyse visitor behaviour to optimize content and services.
  • Personalise marketing efforts where consent has been provided.

 

5. Managing Your Cookie Preferences

You can manage or disable cookies via:

·Our Cookie Consent Banner, which allows you to accept, reject, or customise cookie settings.

·Browser settings, where you can block or delete cookies at any time.

·Third-party opt-out tools (e.g., Google Analytics opt-out)

6. Third-Party Cookies

Some cookies on our website may be placed by third-party providers (e.g., Google, LinkedIn). These third parties may collect data about your browsing activities for their own purposes. We recommend reviewing their privacy policies for more information.

7. Updates to This Policy

We may update this Cookie Policy periodically. Changes will be posted on our website, and we encourage users to review it regularly.

 

For any questions about this Cookie Policy, please contact DPO@carnadvisory.com.

Social responsibility icons created by Freepik - Flaticon
Carn Advisory