logo.svg

Northern
Relay

Privacy Policy

Last Updated: 5 June 2026

Northern Relay Ltd ("we", "our", or "us") is committed to protecting your privacy and handling your personal data transparently and securely.

This Privacy Policy explains how we collect, use, store, and protect personal information when you interact with us, visit our website, or engage our services.

1. Who We Are

Northern Relay Ltd is a software development and IT consultancy company registered in England and Wales.

Registered Address:
78 Metcombe Way
Manchester
M11 3BY
United Kingdom

Email: hello@northernrelay.ltd

Northern Relay Ltd is the data controller for the personal information described in this Privacy Policy.

2. Personal Information We Collect

Information You Provide Directly

When you contact us through our website or engage our services, we may collect:

  • First name
  • Last name
  • Email address
  • Information contained within your enquiry
  • Company details
  • Contract and project-related contact information

Information Collected Through Business Relationships

When entering into agreements with clients, suppliers, or contractors, we may collect:

  • Names
  • Business email addresses
  • Business telephone numbers
  • Job titles
  • Company information
  • Contractual and invoicing information

Website Usage Information

When you visit our website, we may collect technical information such as:

  • IP address
  • Browser type
  • Device information
  • Pages visited
  • Usage analytics

This information is collected through PostHog analytics and essential website technologies.

3. How We Use Your Information

We use personal information to:

  • Respond to enquiries submitted through our website
  • Communicate with prospective and existing clients
  • Prepare and manage proposals, Master Services Agreements, and Statements of Work
  • Deliver consultancy and software development services
  • Issue invoices and maintain accounting records
  • Comply with legal, regulatory, and tax obligations
  • Improve the performance and usability of our website

4. Legal Bases for Processing

Legitimate Interests

To:

  • Respond to business enquiries
  • Manage client relationships
  • Operate and improve our business
  • Maintain website security

Contract

To:

  • Enter into and perform contracts with clients, suppliers, and contractors

Legal Obligation

To:

  • Maintain accounting records
  • Comply with HMRC requirements
  • Meet other legal and regulatory obligations

5. Sharing Your Information

We do not sell personal information.

We may share information with trusted service providers that support our business operations, including:

  • Google Workspace (email and communications)
  • Amazon Web Services (website hosting and infrastructure)
  • Xero (accounting and invoicing)
  • PostHog (website analytics)

These providers process data under contractual arrangements and appropriate security measures.

We may also disclose information where required by law, regulation, court order, or governmental authority.

6. International Transfers

Some of our service providers may process information outside the United Kingdom.

Where international transfers occur, we ensure appropriate safeguards are in place, including:

  • UK International Data Transfer Agreements (IDTAs)
  • UK Addendum to Standard Contractual Clauses
  • Other lawful transfer mechanisms recognised under UK GDPR

7. Data Retention

We retain personal information only for as long as necessary.

Typical retention periods include:

Data TypeRetention Period
Website enquiries12 months
Client contracts and Statements of Work6 years after contract completion
Accounting and invoicing records6 years
Website analytics dataAs configured within PostHog

Where required by law, we may retain information for longer periods.

8. Security

We take appropriate technical and organisational measures to protect personal information.

These measures include:

  • Multi-factor authentication (MFA)
  • Encrypted company devices
  • Password management systems
  • Secure cloud hosting
  • Access controls and least-privilege principles

However, no method of transmission or storage can be guaranteed to be completely secure.

9. Your Rights

Under UK GDPR, you may have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Request erasure of your information
  • Restrict processing
  • Object to processing
  • Request data portability
  • Withdraw consent where consent is relied upon

To exercise any of these rights, please contact: hello@northernrelay.ltd

10. Complaints

If you are unhappy with how we handle your personal information, please contact us first so we can attempt to resolve the issue.

You also have the right to complain to the Information Commissioner's Office (ICO).

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

Any changes will be published on this page with an updated revision date.