Privacy Policy
How we collect, use and protect personal information in line with UK and EU data protection law.
Overview
Phoenix Ascent Limited ("Phoenix Ascent", "we", "us" or "our") is committed to protecting personal data and handling it transparently, fairly and lawfully.
This policy explains how we process personal data when you use our website, contact us, or engage with our services. It is designed to align with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the EU GDPR (where applicable) and the UK Privacy and Electronic Communications rules (PECR).
Last updated: 19 February 2026
Who Controls Your Data
Phoenix Ascent Supported Living Limited is the data controller for personal data processed through this website and our direct communications, unless we tell you otherwise in a specific context.
Contact: info@phoenixascent.co.uk | +44 (0)7830 074853
What Data We Collect
- •Identity and contact details (for example, name, email address, phone number and organisation details where provided)
- •Enquiry and referral information submitted through email, phone or web forms
- •Communications records (for example, messages sent to us and our replies)
- •Technical and usage data (for example, IP address, browser/device information, pages viewed and timestamps)
- •Cookie and similar tracking data where these technologies are enabled on the website
How We Use Personal Data
We may use personal data to:
- •Respond to enquiries, referrals and requests
- •Assess and manage referrals and service-related communications
- •Operate, maintain and improve website performance and security
- •Meet legal, safeguarding, regulatory and governance obligations
Lawful Bases for Processing
Depending on the context, we rely on one or more lawful bases under UK GDPR/EU GDPR:
- •Consent: where you have clearly agreed to specific processing (for example, optional marketing communications)
- •Contract: where processing is necessary to take steps requested by you or to perform a contract
- •Legal obligation: where we must process data to comply with law and regulatory requirements
- •Legitimate interests: where processing is necessary for our legitimate interests and your rights do not override those interests
- •Vital interests/public task: where applicable under UK GDPR/EU GDPR in safeguarding or serious risk situations
International Data Transfers
If personal data is transferred outside the UK or EEA, we apply safeguards required by law (for example adequacy decisions or approved contractual clauses) and additional security measures where appropriate.
Data Retention
We retain personal data only for as long as necessary for the purposes set out in this policy, including legal, safeguarding, regulatory and record-keeping requirements.
Retention periods vary by data type and context. When data is no longer required, we securely delete or anonymise it.
Data Security
We apply technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse or alteration.
No internet transmission is completely secure, but we review our safeguards regularly and act promptly if a security issue is identified.
Your Data Protection Rights
You may have the following rights, subject to legal conditions:
- •Right to be informed
- •Right of access
- •Right to rectification
- •Right to erasure
- •Right to restrict processing
- •Right to data portability
- •Right to object
- •Rights related to automated decision-making and profiling
To exercise your rights, contact us at info@phoenixascent.co.uk. We may need to verify your identity before actioning a request.
Complaints
If you are unhappy with how we handle your data, please contact us first so we can try to resolve your concern.
You also have the right to complain to your local supervisory authority. In the UK, this is the Information Commissioner's Office (ICO): ico.org.uk.
Changes to This Policy
We may update this privacy policy from time to time. Updates will be posted on this page with a revised "last updated" date.