Core Automation

Who we are

Core Automation Ltd is registered in England and Wales, Company No. 06634708.

Address: Apex Business Centre, First Floor Unit 15, Boscombe Road, Dunstable, LU5 4SB.

Email: sales@coreautomation.co.uk

Phone: +44 (0) 1582 667998

For data protection purposes, Core Automation Ltd is the data controller for personal data processed through this website and through your enquiries under UK data protection law (including UK GDPR).

What personal data we collect

  • Enquiries: If you contact us by email, phone, or the website contact form, we will process the information you provide such as your name, email address, phone number, company, and the contents of your message.
  • Website logs: Like most websites, our hosting provider may log technical information such as IP address, browser type, pages requested, and time and date of access for security and troubleshooting.
  • Server-side analytics: Our hosting provider (IONOS) runs basic website analytics at server level. This may include aggregated visitor statistics such as page views and referral sources. No additional tracking scripts are loaded by this service.
  • Third-party services: When you view the embedded Google Maps on our Contact page, Google may collect data and set cookies in line with their own policies.

How we use your data and our lawful basis

We use personal data to respond to enquiries, provide information about our services, operate and secure our website, and keep basic business records. We generally rely on one or more of the following lawful bases under UK GDPR:

  • Legitimate interests to respond to enquiries, operate and secure our website (including hosting logs), and run our business in a proportionate way.
  • Contract where processing is needed to take steps at your request before entering into a contract or to deliver contracted services.
  • Consent for any non-essential cookies or third-party content (such as embedded maps) that requires opt-in consent.
  • Legal obligation where we must retain certain information for tax or regulatory reasons.

Who we share data with

We share personal data only where needed to operate our website and deliver services. This may include:

  • Our website hosting provider (IONOS) and IT service providers, where required for hosting, security, and support.
  • Professional advisers such as accountants, insurers, and legal advisers, where needed.
  • Clients and suppliers involved in a project, where sharing is necessary for delivery.

We do not sell personal data.

International transfers

We aim to keep personal data within the UK where possible. Some providers we use may store or process data outside the UK. Where this happens, we rely on safeguards recognised under UK data protection law, such as transfers to countries covered by a UK adequacy decision or, where needed, the UK International Data Transfer Agreement (UK IDTA).

How long we keep your data

We keep personal data only for as long as necessary for the purposes set out in this policy. This typically means:

  • Enquiry emails are kept for up to 24 months after the last communication, unless a project engagement follows.
  • Project records are kept for 6 years after completion to meet tax and insurance requirements.
  • Technical logs are retained for up to 90 days in line with hosting provider settings.

Your rights

Under UK GDPR, you have rights including access, rectification, erasure, restriction, objection, and data portability, depending on the circumstances. You also have the right to withdraw consent at any time where we rely on consent.

To exercise your rights, contact us at sales@coreautomation.co.uk. For general enquiries about our engineering services, please visit our contact page.

You can also complain to the Information Commissioner's Office if you are not satisfied with how we handle your data.

Automated decision-making

We do not use automated decision-making or profiling in relation to any personal data we process.

Data breach notification

In the unlikely event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware of it, and will contact you directly if the breach is likely to result in a high risk to you.

Cookies and similar technologies

We use essential cookies and local storage to remember basic preferences, such as dismissing the cookie notice.

Our contact form uses a technical cookie (ca_csrf) to protect against cross-site request forgery. This is classified as a strictly necessary cookie under the Privacy and Electronic Communications Regulations (PECR) and does not require consent. It is HttpOnly, Secure, set only when the contact page loads, and contains no personal data.

On the Contact page, you can choose to load an embedded Google Map to show our location. The map is disabled by default and only loads when you click the "Load map" button. If you choose to load it, Google may set cookies or use local storage. We store your choice in local storage so you do not have to click again.

You can control cookies through your browser settings. Blocking some cookies may affect site functionality.