07448 609 427 WhatsApp Get my price

Privacy Policy

Last updated: June 2026

This Privacy Policy explains how Clear Fire Compliance collects, uses, stores and protects personal information when you visit this website, enquire about our services, or book a fire risk assessment. It is written in plain English and is designed to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We take your privacy seriously. This policy tells you exactly what information we hold, why we hold it, who we share it with, and how you can exercise your rights over that information.

1. Who we are

Clear Fire Compliance is an independent fire risk assessment business operating as a sole trader. For the purposes of UK data protection law, Clear Fire Compliance is the data controller for the personal information described in this policy.

How to contact us about your data

2. What information we collect

We only collect the information we genuinely need to provide our services. The information we collect depends on how you interact with us.

2.1 When you visit our website

Our website is a static site hosted by Vercel. When you visit, our hosting provider may automatically process limited technical information such as your IP address, device type, browser, and the pages you request, in order to serve the site and keep it secure. See our Cookie Policy for the cookies and similar technologies used on the site.

2.2 When you enquire or book an assessment

When you send an enquiry through our website, contact us directly, or book a fire risk assessment, we collect:

  • Your name
  • Your email address
  • Your phone number
  • The town or postcode, and (when booking) the address of the premises to be assessed
  • Details about the premises (type, size, use, occupancy) relevant to the assessment
  • Any additional information you choose to share

When you submit the website enquiry form, the details are processed by a function on our hosting platform (Vercel), stored in our enquiry-records system (Airtable), and emailed to us so we can respond. You also receive an automatic acknowledgement email.

2.3 When we carry out an assessment

During a fire risk assessment visit we may record information about the premises and its occupants that is relevant to fire safety. This can include photographs of the premises, details of fire safety equipment, notes on structural features, and information about how the premises is used. In shared buildings and houses in multiple occupation (HMOs) we may also record information you provide about tenants or occupants, strictly for the purpose of assessing fire risk.

We do not ask for or record sensitive personal data (such as health information, ethnicity, or religious beliefs) unless it is directly relevant to a specific fire safety risk — for example, where a resident has a mobility impairment that affects evacuation planning. Where such information is recorded, it is handled with additional care and is only included in your report where essential.

2.4 When you pay your invoice

We do not collect or store payment card details. When your finalised report is issued, we send an invoice by email containing our bank details. Payment is made by bank transfer directly into our account. We do not have access to your banking information.

3. Why we use your information and our lawful basis

UK data protection law requires us to have a specific lawful basis for every purpose we use your information for.

3.1 Providing a fire risk assessment you have booked

Lawful basis: performance of a contract. When you book an assessment, we process your information because it is necessary to carry out the service you have requested — arranging the visit, conducting the assessment, producing the report, and issuing the invoice.

3.2 Responding to enquiries

Lawful basis: legitimate interests. When you contact us without yet booking, we use your details to respond to your enquiry. Our legitimate interest is in running our business and providing a helpful response. You can object at any time by asking us to delete your details.

Lawful basis: legal obligation and legitimate interests. We are required by HMRC to keep accounting records for six years. We also keep copies of the fire risk assessments we produce because a completed assessment is a professional record that may need to be referred to, updated, or defended for many years after it is issued.

3.4 Keeping our website secure and understanding how it is used

Lawful basis: legitimate interests for strictly necessary site security, and consent for analytics. Where we use analytics or similar technologies that are not strictly necessary, we rely on your consent given through the cookie banner. You can withdraw that consent at any time — see our Cookie Policy.

4. Who we share your information with

We do not sell your personal information to anyone. We only share it with a small number of trusted third-party service providers (‘processors’) who help us run our business. Each acts only on our instructions and is bound by contract to protect your information.

4.1 Vercel (website hosting)

Our website is hosted on the Vercel platform, and the enquiry form is processed by a function running there. Vercel processes basic technical information about your visit and your enquiry submission to serve the website and keep it secure. Vercel’s privacy practices are described at vercel.com/legal/privacy-policy. Vercel may process data in the United States and other regions.

4.2 Resend (email delivery)

The email notification we receive when you enquire, and the automatic acknowledgement sent back to you, are delivered using Resend (Resend, Inc.). Resend processes the name and email address involved in order to send these messages on our behalf. Resend’s privacy policy is at resend.com/legal/privacy-policy. Resend processes this data within the European Union (Ireland).

4.3 Zoho Mail (email inbox)

Our business email inbox (office@clearfirecompliance.co.uk) is provided by Zoho Mail (Zoho Corporation B.V.). Email you send us, and the notification and acknowledgement emails generated by the enquiry form, are received and stored in our inbox by Zoho on our behalf (the sending of those automated emails is handled by Resend, above). Zoho’s privacy policy is at zoho.com/privacy.html. Zoho may process data in the European Union, the United Kingdom, the United States, and India.

4.4 Airtable (enquiry records)

The details you submit through the enquiry form are stored in Airtable (Formagrid, Inc., trading as Airtable) so we can keep track of and respond to your enquiry. Airtable’s privacy policy is at airtable.com/company/privacy. Airtable processes data in the United States.

4.5 ServiceM8 (job management, scheduling and invoicing)

Once an assessment is booked, we use ServiceM8 (ServiceM8 Pty Ltd) to schedule the visit, produce documentation, and issue invoices. ServiceM8’s privacy policy is at servicem8.com/privacy. ServiceM8 processes data in Australia.

4.6 Google Analytics (website usage — only with your consent)

If you accept analytics cookies, we use Google Analytics (Google) to understand how visitors use the site so we can improve it. No analytics data is collected unless you consent. This is described in full in our Cookie Policy. Google may process data in the United States and other regions.

4.7 WhatsApp (if you choose to message us)

If you contact us using a WhatsApp link, your message and phone number are handled through WhatsApp (operated by Meta Platforms Ireland Limited). We receive and reply using a WhatsApp Business account. Meta’s privacy policy is at whatsapp.com/legal/privacy-policy. Meta may process data in the United States and other regions.

4.8 Fire authorities and enforcement bodies

If we are legally required to share information with a fire and rescue authority, a local authority, or another enforcement body — for example, if we identify an immediate risk to life that we are obliged to report — we will do so. This is rare and we will tell you if it happens, unless the law prevents us.

In the event of a dispute, complaint, or legal claim, we may share relevant information with our insurer, accountant, or legal adviser. Any such sharing is strictly limited to what is necessary.

5. International transfers of your information

Some of our service providers are based outside the United Kingdom. Where personal data is transferred outside the UK, we rely on the safeguards approved under UK GDPR, including the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or adequacy decisions issued by the UK government.

If you would like further detail about the safeguards in place for any specific transfer, contact us at office@clearfirecompliance.co.uk.

6. How long we keep your information

6.1 Completed fire risk assessments and associated records

We keep a copy of each completed fire risk assessment and the supporting records (site photographs, notes, and client details relevant to the assessment) for ten years from the date the finalised report is issued. A fire risk assessment is a professional record that may need to be referred to or defended long after it is produced, and ten years is our professional standard retention period.

6.2 Accounting and tax records

We keep invoices, payment records, and other financial information for six years from the end of the relevant tax year, as required by HMRC.

6.3 Enquiries that do not result in a booking

If you contact us but do not go on to book an assessment, we will delete your enquiry and the personal information attached to it within twelve months of our last contact, unless you ask us to keep it for longer.

6.4 Website and analytics data

Website technical and analytics data is kept for the period set out in our Cookie Policy, typically no longer than fourteen months.

7. Your rights

Under UK data protection law you have a number of rights over the personal information we hold about you. These rights are free to exercise and we will respond to any valid request within one month.

  • The right to be informed — you have the right to know what personal information we hold about you and how we use it. This policy is how we tell you.
  • The right of access — you can ask us for a copy of the personal information we hold about you (a ‘subject access request’).
  • The right to rectification — you can ask us to correct any information that is wrong or incomplete.
  • The right to erasure — you can ask us to delete your personal information in certain circumstances. This is not absolute: we may need to keep information where we are legally required to (for example, completed assessments and accounting records).
  • The right to restrict processing — you can ask us to stop using your information in particular ways while a query or complaint is resolved.
  • The right to data portability — where we hold information based on your consent or a contract, you can ask us to provide it in a portable electronic format.
  • The right to object — you can object to us using your information on the basis of legitimate interests. We will stop unless we have compelling grounds to continue.
  • The right to withdraw consent — where we rely on your consent (for example, analytics cookies), you can withdraw it at any time. Withdrawal does not affect anything we did while consent was in place.

To exercise any of these rights, contact us at office@clearfirecompliance.co.uk. We may need to verify your identity before responding, particularly for access requests.

8. How to complain

If you are unhappy with how we have handled your personal information, please tell us first — email office@clearfirecompliance.co.uk and we will do our best to resolve it quickly.

You also have the right to complain directly to the Information Commissioner’s Office (ICO):

  • Website: ico.org.uk/make-a-complaint
  • Helpline: 0303 123 1113
  • Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

We would ask that you contact us first so we have a chance to put things right, but you are entitled to go directly to the ICO if you prefer.

9. How we keep your information secure

We take appropriate technical and organisational measures to protect the personal information we hold. These include using reputable service providers with their own security certifications, strong passwords and two-factor authentication on the accounts that hold client information, keeping devices up to date, and limiting access to client information to those who need it.

No system is ever completely secure. If a personal data breach occurs that poses a risk to your rights or freedoms, we will notify the ICO within 72 hours where required, and we will tell you directly if the breach poses a high risk to you.

10. Children

Our services are not directed at children, and we do not knowingly collect personal information from anyone under the age of 18. If you believe a child has provided personal information to us, please contact us and we will delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the ‘Last updated’ date at the top of this page. Significant changes will also be notified to clients whose contact details we hold, where appropriate.

This Privacy Policy was prepared in plain English and is designed to meet the requirements of Articles 13 and 14 of the UK GDPR.