Skip to main content

Data Protection Policy

This policy sets out how we handle your personal information if you’re a client of, or a website visitor to, Chilli Information Solutions Ltd (Chilli IS). We are committed to safeguarding the privacy of our clients and website visitors.

When we say ‘we’, ‘us’ it refers to Chilli IS.

When we say ‘policy’ we’re talking about this privacy policy.

Your principal rights under data protection law:

  • the right to access
  • the right to rectification
  • the right to erasure
  • the right to restrict processing
  • the right to object to processing
  • the right to data portability
  • the right to complain to a supervisory authority
  • the right to withdraw consent

What personal information we hold:

  • your name
  • email address
  • website URL
  • telephone number
  • company name and address
  • access / logging in dates
  • financial information for invoicing purposes
  • How we keep your personal information secure
  • Our company is based in Lichfield, Staffordshire, UK and we use the Microsoft Azure cloud platform to host our software solutions in the UK. We also use Office 365 and One Drive. Both Azure and Office 365 are compliant with the international standard ISO 27001 on Information Security Management.

Personal information that we store or transmit is protected by security and access controls, including username and password authentication and data encryption where appropriate.

How you can access your personal information

You have the right to make a request to access personal information we hold about you and to request corrections of any errors in that information. You can also ask us to delete your information at any time. To make an access or correction request, contact our privacy champion using the contact details at the end of this policy.

How we use your personal information

We use your information to contact you about the services we are providing you with. Including support of those services and on-going management of these services. For example:

  • Software consultancy
  • Web application, mobile app and email hosting, support and development
  • Digital marketing services
  • Learning management services

We do not use your information for marketing purposes, or sell, or allow third parties to access your information.

How long we keep your data

Personal data that we process for any purposes shall not be kept for longer than is necessary for those purposes.

We will retain your personal data as follows for a minimum period of 1 month and a maximum period of 3 months following the date we cease our business relationship with you.

Cookies and Web Analytics

When someone visits we use cookies and Google Analytics, to collect and log information regarding visitor patterns of behaviour. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website. We’re talking about the following kinds of details but not your name, email or postal address:

  • your IP address or proxy server IP address
  • the name of your internet service provider is sometimes captured depending on the configuration of your ISP connection
  • the date and time of your visit to the website
  • the length of your session
  • the pages which you have accessed
  • the number of times you access our site
  • the file URL you look at and information relating to it
  • the website which referred you to our site
  • the operating system which your computer device uses
  • When we need to update this policy
  • This policy came into effect on May 25th 2018.

We will need to change this policy from time to time to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.

When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on this page.

How you can contact us

If you have any questions about our privacy practices or the way in which we have been managing your personal information, please contact our privacy champion in writing at


If you’re a user or visitor in the European Economic Area these rights apply to you for the purposes of applicable EU data protection law (including the General Data Protection Regulation 2016/679 (the “GDPR”), we are a ‘data controller’ of your personal information.

If you have unresolved concerns, you have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.

Cookie Notice

We use cookies to remember your accessibility preferences and for understanding how this website is being used.

If you would like to learn more please read our Privacy Policy.

Back to top