1. Who we are
Arklen is a digital infrastructure systems company focused on secure, governed and auditable AI-ready infrastructure for public sector, care and enterprise organisations.
For the purposes of this Privacy Policy, “Arklen”, “we”, “us” and “our” refer to the organisation operating this website and providing Arklen services.
We are responsible for deciding how personal information collected through this website and related business interactions is used.
2. Information we collect
We may collect personal information when you submit an enquiry, communicate with us, request information, use our website or engage with our services.
Information you provide directly
- Name and organisation name.
- Email address and any contact details you choose to provide.
- Your area of interest, such as AI-ready infrastructure, public sector support, care provider support, enterprise readiness or compliance assurance.
- Information included in enquiry forms, messages, emails or service discussions.
- Information needed to manage quotes, invoices, receipts or business administration where relevant.
Website and technical information
- Basic technical information such as IP address, browser type, device type and pages visited.
- Security information that may help us prevent spam, misuse, unauthorised access or malicious activity.
- Cookie or analytics information where such tools are used and where permitted by law.
3. How we use personal information
We use personal information for clear business and operational purposes connected with Arklen’s website, enquiries and services.
- To respond to enquiries and provide requested information.
- To understand your organisation’s needs and discuss relevant Arklen services.
- To manage business communications, proposals, quotes, invoices, receipts and service administration.
- To operate, secure and improve the website.
- To prevent spam, misuse, fraud, unauthorised access or security incidents.
- To maintain appropriate business, legal, accounting and compliance records.
- To improve our service content, website structure and enquiry handling.
4. Lawful bases for processing
Depending on the context, we may rely on one or more lawful bases under UK data protection law.
| Purpose | Likely lawful basis |
|---|---|
| Responding to enquiries and discussing services | Legitimate interests or steps before entering into a contract |
| Providing services, proposals, quotes, invoices and client administration | Contract or steps before entering into a contract |
| Keeping financial, tax or legal records | Legal obligation |
| Website security, fraud prevention and misuse prevention | Legitimate interests and, where applicable, legal obligation |
| Optional marketing communications | Consent or legitimate interests, depending on the communication and applicable law |
Where we rely on legitimate interests, we consider whether our interests are balanced against the rights and freedoms of the individual.
6. International transfers
Some technology providers may process or store information outside the United Kingdom. Where this applies, we aim to use appropriate safeguards such as adequacy arrangements, contractual safeguards or other lawful transfer mechanisms.
If international transfers become relevant to a particular service engagement, appropriate arrangements should be considered as part of the service scope, data protection review or supplier due diligence process.
7. How long we keep information
We keep personal information only for as long as necessary for the purpose for which it was collected, including any legal, accounting, reporting, security or business continuity requirements.
| Information type | Typical retention approach |
|---|---|
| General website enquiries | Kept for as long as needed to respond and manage potential business follow-up, then reviewed or deleted. |
| Client and service records | Kept for the duration of the relationship and then for a reasonable period for legal, contractual and business records. |
| Invoices, receipts and accounting records | Kept in line with accounting, tax and legal record-keeping requirements. |
| Security logs and anti-spam records | Kept for a proportionate period to protect the website and investigate misuse or incidents. |
Where we cannot specify an exact retention period, we use criteria such as the nature of the information, the reason it was collected, legal obligations, business need, security requirements and whether continued retention is proportionate.
8. Your data protection rights
Depending on the circumstances and lawful basis used, you may have rights under data protection law. These may include:
- The right to be informed about how your personal information is used.
- The right of access to personal information held about you.
- The right to rectification if information is inaccurate or incomplete.
- The right to erasure in certain circumstances.
- The right to restrict processing in certain circumstances.
- The right to data portability in certain circumstances.
- The right to object to certain processing.
- The right not to be subject to decisions based solely on automated processing where this has legal or similarly significant effects.
- The right to withdraw consent where processing is based on consent.
Your right to object
You have the right to object to certain processing, particularly where we rely on legitimate interests. If you object, we will review the request and respond in line with applicable data protection law.
To exercise your rights, use the enquiry form on the Contact page and clearly state that your request relates to data protection or privacy.
10. Security
We use appropriate technical and organisational measures to help protect personal information. These may include secure hosting, access control, encryption where appropriate, spam prevention, audit logging, administrative restrictions and responsible website maintenance.
No website or online transmission can be guaranteed to be completely secure. However, we take reasonable steps to protect information against unauthorised access, loss, misuse or disclosure.
11. Automated decision-making
We do not use website enquiry information to make decisions about individuals based solely on automated processing that would have legal or similarly significant effects.
Arklen’s wider service approach is based on responsible AI infrastructure, human oversight, governance and auditability.
12. Third-party links
This website may include links to third-party websites or services. We are not responsible for the privacy practices, security or content of those third-party websites. You should read their privacy information before providing personal information to them.
13. Complaints and concerns
If you have a concern about how we use personal information, please contact us first through the website enquiry form so we can review the matter.
You also have the right to complain to the Information Commissioner’s Office, the UK supervisory authority for data protection matters.
14. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, website, legal requirements or operational practices.
When we make changes, the updated version will be published on this page.
Last reviewed: June 2026