This Privacy Policy explains how ARX Rural collects and uses personal data when you visit our website or contact us. We are committed to protecting your privacy and handling personal data in line with the UK GDPR and the Data Protection Act 2018.

1. Who we are

ARX Rural is a trading name of BCS Hendricks Limited.

BCS Hendricks Limited is the data controller for the personal data described in this policy.

Contact (including data protection queries): enquiries@arxrural.co.uk

2. Personal data we collect

We may collect and process the following categories of personal data:

  • Contact and identity details: name, email address, telephone number, postal address, and any information you include in messages to us.

  • Business and enquiry details: information relating to your enquiry and our communications with you.

  • Website and technical data: IP address, browser type/version, device information, operating system, referral source, pages viewed, and approximate location derived from IP address.

  • Cookies and similar technologies: information collected via cookies (see section 8).

If you provide personal data about another person (for example, a colleague), you must ensure you have the right to share it with us.

3. How we use your personal data

We use personal data to:

  • respond to enquiries and provide information about our services

  • manage our relationship with you, including keeping records of communications

  • operate, maintain, and secure our website

  • analyse website usage and improve our site and services

  • comply with legal and regulatory obligations

  • establish, exercise, or defend legal claims (if required)

We do not sell your personal data.

4. Lawful bases for processing

We process personal data using one or more of the following lawful bases under Article 6 UK GDPR:

  • Legitimate interests (for example, responding to enquiries, improving our services, and keeping our website secure), where those interests are not overridden by your rights

  • Contract (where processing is necessary to take steps at your request or to perform a contract)

  • Legal obligation (where we must process data to comply with the law)

  • Consent (for example, where you have opted in to a specific type of marketing or non-essential cookies, where used)

The UK GDPR requires at least one lawful basis for processing. 

5. Who we share personal data with

We may share personal data with:

  • service providers who support our website and business operations (for example, hosting, IT support, security, analytics, and communications tools)

  • professional advisers (for example, legal, accounting, or compliance advisers) where necessary

  • authorities and regulators where required by law or to protect rights, safety, and security

Where we use service providers, we require appropriate contractual protections and security measures.

6. International transfers

If we or our service providers transfer personal data outside the United Kingdom, we will ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to EU Standard Contractual Clauses, where applicable. 

7. Data retention

We keep personal data only for as long as necessary for the purposes described in this policy, including to meet legal, accounting, regulatory, or reporting requirements. Retention periods vary depending on the nature of the data and why it was collected.

8. Cookies

We use cookies and similar technologies to:

  • help the website function properly

  • remember preferences (where applicable)

  • understand how visitors use our website and improve performance

You can control cookies through your browser settings. Where a cookie banner or preference tool is in place, you can also manage non-essential cookies there.

9. Your rights

Under the UK GDPR, you have rights including:

  • the right to be informed

  • the right of access

  • the right to rectification

  • the right to erasure

  • the right to restrict processing

  • the right to data portability

  • the right to object

  • rights relating to automated decision-making and profiling (where applicable)

These rights are set out in ICO guidance. 

To exercise your rights, contact: enquiries@arxrural.co.uk

10. Complaints

If you have concerns, please contact us first and we will try to resolve the issue.

You also have the right to complain to the Information Commissioner’s Office (ICO). The ICO provides complaint and contact information, including its helpline. 

11. Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. No system is completely secure, but we work to keep protections proportionate to the risk.

12. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will be posted on our website with the updated “Last updated” date.