Welcome to the Komfi Group Privacy Policy

We are the Komfi Group, or ‘Komfi’ for short; we’re a UK Limited company based in West Yorkshire.

When you use goods or services from Komfi Group you inherently trust us with your personal information. This Privacy Policy is designed to help you understand everything you need to know about the what, why and how’s of our data gathering and processing operations.

We hope you’ll take some time to read this document; we’ve tried to keep it all as simple as possible but if you’re not familiar with any of the terms or descriptions then we advise you read up on them separately before continuing. Komfi Group takes its responsibilities to protecting your data very seriously and we do advise you get to know our practices – If there’s anything in this policy you don’t understand or if you want to ask any questions, please feel free to get in touch with us (contact details are listed further on down).

The conditions of use

At the beginning of a relationship between Komfi and yourself we will be relying on your consent to for us to use your personal data (further details on what ‘consent’ and ‘personal data’ is can be found further). Without your consent at this early stage we shall have no legal basis for having or using your personal data.

If you decide to employ Komfi for goods or services we shall require a contract be approved and signed by both parties; this contract will then become our legal basis for processing your personal data, in that it will be necessary for us to deliver on the terms and conditions set out in that contract.

Information that we collect

The information we collect from our customers has one purpose, to enable us to provide our goods and services; in order to do that we will need personal data such as your name and addresses, telephone number and email address. We will need your financial information in order to process payments, and during the audit stage of our GDPR readiness service we will have to audit your business which will mean taking details of your policies and practices, researching the third party vendors you engage with, reviewing your contracts; at no stage during the audit process will we request you share personal data you are responsible for with us.

Visitors to our website

Our website ‘ukgdprpolicy.co.uk’ has several sections where we request you provide us with your details; there is the ‘Contact Us’ page, and a ‘Call Back Form’. Information we receive from here is used to provide more information about our services, for those who then decide they do not wish to pursue matters further we shall remove your information from our systems.

We receive this information in an automatically generated email; none of this information shall be shared with any other organisation.

Our website uses Cookies from Google Analytics to monitor your activity so we can better understand the areas people are most interested in, we are then able to tailor the site to better provide the information people want. This feature does not collect any personal data that can be used to identify you.

When you call our telephone number

When you call Komfi we automatically collect Calling Line Identification (CLI) information, which is the number you are calling us from.

If you Email us

No organisation other than the Komfi Group is authorised to access any mailbox we use, nor do we share information we receive via email with any third parties.

Any Email sent to us (including any attachments) will be monitored for security reasons; email messages that exceed our accepted security risk level will be blocked and hence will not be responded to. Please be aware that it is your responsibility to ensure emails you send to us are virus free, sent from reputable email providers and within the bounds of the law.

If we don’t have it, we can’t work with it…

It’s always your choice on whether to provide information of course, but if you decide that you don’t want to provide us with this information then we in turn will not be able to provide any services advertised by Komfi. If we can’t legally contact you, we won’t be able to begin working together!

Who will we share your information with?

The information we have about our customers is vital to us being able to offer a high quality service, and we are not going to share it or sell it on.

During the preparation stage of our GDPR readiness service we will be providing advice on new systems and technologies, we shall also provide the contact details of our partners who provide those services. Only with your specific consent shall we share your personal data with these third parties.

No third party we employ who must have access to our data in order to perform their function will be allowed to use any of that data for any other purpose.

Where, and for how long is my data going to be kept?

Komfi group uses no system held outside the list of European countries approved by the EU Commission as having appropriate safeguards for data transfers. Our various Cloud data system is a private platform hosted entirely in the United Kingdom, our Email system is provided by one of the biggest providers of Cloud technologies in Europe. We employ several levels of online security, plus all information we receive is backed up in an encrypted format and held for 12 months.

We will retain your personal data for as long as a professional working relationship exists between Komfi and yourself; if/when this relationship ends (or when you explicitly request it) we shall encrypt and archive as much personal data as is possible which will then be placed into our 12 month retention cycle, sources of data that cannot be placed in this archive will be anonymised within 3 months of the relationship ending.

Your Rights, Our Responsibility

There are several rights granted to you immediately upon providing us with your personal information; we’d like you to know that at Komfi we take your rights as a Natural Person seriously and will always conduct ourselves in a way that is considerate of our responsibility to serve your legal rights.


In order for us to first legally collect and use your data we require your consent, the method for providing your consent is found on our website in the form of a tick box. Equally important to providing consent is your right to withdraw that consent;

Withdrawing consent

Should the time come where you no longer wish for us to have or use your personal data you may withdraw your consent, and you may withdraw your consent at any time. To withdraw your consent for us to process your data you can either return to the ‘Contact Us’ page of our website and tick the relevant box before submitting a form, or email us with instructions of your wishes.

After a withdrawal of consent request is received we may contact you to verify the request.

The Right of Erasure (‘Right to be Forgotten’)

You have the right to request that Komfi (as the data controller) erase all personal data we have about you, and we must respond to that request without undue delay. There are some conditions that apply with this right, but we will make every attempt to respond to a ‘Right to be Forgotten’ request within 30 days or receiving it.

The Right to Rectification

This one is fairly straight forward; if you notice that the data we have about you is inaccurate or incomplete, you may request we rectify the mistake. We will make every effort to respond to requests of this type immediately.

The Right to Restriction

In circumstances where data cannot be removed immediately you have a right to request we restrict using it. The right to restriction is there to protect you in cases where an immediate resolution cannot be found.

In the unfortunate event of this type of request being received, we will cease all processing activates immediately.

The Right to Objection

The right to object is a basic freedom all democracies enjoy, and Komfi is no different. If you wish to object to the way we use, or have used, your personal data you may do so freely.

The Right to Portability

This is a legal right afforded to you that most companies already provide; it basically states that if you request it, we must pass on all of the details you have given to us to another provider of your choosing.

The Right to Complain

The Komfi Group will always try to maintain the highest standards and encourage the confidence our customers have in us as an organisation. In order that we can achieve this we do request that any complaints be first brought to our attention so we can properly investigate matters; if however you would like to complain about Komfi to a supervisory authority you may do so by contacting the Information Commissioners Office on 0303 123 1113, or anyone of the other reporting methods listed on their website - https://ico.org.uk/concerns

Our contact details

If you wish to get in touch with The Komfi group, please use the below contact details:

The Komfi Group This email address is being protected from spambots. You need JavaScript enabled to view it.