Privacy Policy

CTRD LTD · Registered in England & Wales · Company No. 13597753
35 New Broad Street, London, England, EC2M 1NH
Comms@ct-rd.co.uk

Last updated: 07.05.2026

1. Introduction

CTRD LTD("we","us", "our") is committed to protecting your personal data.This Privacy Policy explains what information we collect when you use our website at www.obsidiancve.com (the "Site"), why we collect it, and your rights in relation to it. We are the data controller for the personal data described in this policy. This policy is governed by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. What Personal Data We Collect

We collect the following information when you submit the contact form on our Site:

Full name
Email address
Company name

We do not collect any special category data (e.g. health, financial, or biometric data) through our Site.

3. How We Collect Your Data

We collect your personal data through the following means:

Contact form: when you voluntarily submit a query or request via the contact form on our Site.
Analytics data: we collect anonymised usage data automatically via Webflow's built-in analytics (see Section 7 for more detail).

4. How We Use Your Data

We use the personal data you submit to:

Respond to your enquiry or request.
Maintain a record of correspondence with you.
Improve our services where feedback is provided.

We will not use your data for automated decision-making or profiling.

5. Legal Basis for Processing

We process your personal data on the following legal bases under UK GDPR:

Legitimate interests (Article 6(1)(f)): responding to your contact form submission and managing our business correspondence is within our legitimate interests, and does not override your rights and freedoms.
Consent (Article 6(1)(a)): where you have freely provided your information by submitting our contact form, we rely on your consent as a supplementary basis.

6. How Long We Keep Your Data

We retain personal data submitted via the contact form for 2 years from the date of your enquiry, or until you request deletion, whichever comes first.

After this period, your data is securely deleted or anonymised.

Legitimate interests (Article 6(1)(f)): responding to your contact form submission and managing our business correspondence is within our legitimate interests, and does not override your rights and freedoms.
Consent (Article 6(1)(a)): where you have freely provided your information by submitting our contact form, we rely on your consent as a supplementary basis.

7. Analytics

Our Site uses Webflow's built-in analytics to help us understand how visitors interact with our Site. The analytics data collected is aggregated and anonymised, and does not identify you individually. It may include:

Pages visited and time spent on page
Referring website or source
Browser type and device type
General geographic location (country/region level)

Webflow analytics does not use third-party tracking cookies. For more information on how Webflow handles data, please refer to Webflow's Privacy Policy at webflow.com/legal/privacy.

8. Cookies

Our Site may use essential cookies required for the Site to function correctly. We do not use marketing, advertising, or non-essential analytics cookies beyond those set by Webflow's platform.

You can manage cookie preferences through your browser settings. Please note that disabling certain cookies may affect your experience on the Site.

10. International Data Transfers

Webflow, Inc. is based in the United States. Transfers of your data to Webflow are subject to appropriate safeguards, including reliance on the EU-US Data Privacy Framework and standard contractual clauses where applicable, ensuring your data receives an equivalent level of protection under UK GDPR.

11. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

Right of access: to request a copy of the personal data we hold about you.
Right to rectification: to ask us to correct inaccurate or incomplete data.
Right to erasure ('right to be forgotten'): to request deletion of your data in certain circumstances.
Right to restrict processing: to ask us to pause processing of your data in certain circumstances.
Right to data portability: to receive your data in a structured, machine-readable format.
Right to object: to object to our processing of your data where we rely on legitimate interests.
Right to withdraw consent: where we rely on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at Comms@ct-rd.co.uk. We will respond within one calendar month.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

12. Data Security

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These include access controls, encrypted connections (HTTPS), and limiting access to personal data to those who have a legitimate business need.

Where we have given you (or where you have chosen) a password for access to certain parts of our Site, you are responsible for keeping that password confidential.

13. Third-Party Links

Our Site may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to read their privacy policies independently.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page with a revised 'Last updated' date. Where changes are material, we will take reasonable steps to notify you.

We encourage you to review this policy periodically.

15. Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact:

CTRD LTD
35 New Broad Street, London, England, EC2M 1NH
Email: enquiries@obsidiancve.com