Our approach to GDPR compliance.
azure-insight follows UK GDPR and the Data Protection Act 2018. This page summarises our legal basis and data subject rights.
Legal basis for processing
We process personal data under legitimate interests for service delivery, contractual necessity for client engagements, and consent where required.
Legitimate interests
Responding to enquiries and improving our services.
Contractual necessity
Delivering agreed training and advisory services.
Consent
Optional updates or research participation.
Data subject rights
You have the right to access, rectify, erase, restrict, or object to processing of your data, and the right to data portability.
Requests can be sent to [email protected].
Right of access
Request a copy of the personal data we hold.
Right to rectification
Ask us to correct inaccurate or incomplete data.
Right to erasure
Request deletion of data when appropriate.
Data processing roles
We act as a data controller for website enquiries and as a data processor for client training engagements.
Processors we use
Secure scheduling, document storage, and communication platforms with data protection agreements.
International transfers
Where data leaves the UK, we use standard contractual clauses and equivalent safeguards.
Security
Access controls, encryption, and regular reviews protect personal data.
Questions or concerns
We aim to resolve privacy concerns quickly and transparently.
If you are not satisfied with our response, you can raise a concern with the UK Information Commissioner’s Office.
Review cycle
Our GDPR practices are reviewed annually or whenever significant changes occur.
Last reviewed: April 2026.