Portas Consulting Group is committed to protecting the personal privacy and ensuring that personal information is handled in a safe and responsible manner, in compliance with the General Data Protection Regulation (GDPR) and other relevant legislation.

This Privacy Policy applies to all personal data collected and processed by Portas Consulting Group from non-employees, including but not limited to contact information, usage data, communication data, and survey data. It covers data collected through our website, professional engagements, and any other interactions with our clients and partners.  

Portas Consulting Group is dedicated to safeguarding the personal data of all individuals who engage with us. We collect and process personal data based on consent, legitimate interests, contractual necessity, and legal obligations. Our use of personal data includes maintaining and improving our website, personalising user experiences, communicating with clients, delivering client-based work, and complying with legal requirements. We implement security measures to protect personal data and retain it only as long as necessary. Individuals have rights under GDPR, including access, rectification, erasure, restriction, data portability, and objection, which we fully support and facilitate 

Portas Consulting Group is the data controller responsible for personal data. When Portas collects and processes the personal data in accordance with this Privacy Notice, we do so as authorised under applicable data privacy laws, whether as data controller or joint controller (similar terms may be used under applicable law), which means that we determine and are responsible for how your personal data is collected, used, protected, disclosed, and disposed of. 

We may collect and process the data in the course of our business activities through various means such as website forms, cookies, direct communication, and surveys: 

  • When you interact with our Sites, including when you manage your cookie preferences, as described in our Cookie Notice 

  • When you create or log into a user profile in our Sites. 

  • When you register to receive Portas newsletters and alerts and when you interact with those newsletters and alerts. 

  • When you sign up for and participate in Portas conferences and events. 

  • When you participate in public content posting areas, such as bulletin boards, discussion forums, and Portas social media sites. 

  • When you participate in a survey, panel discussion, or individual discussion conducted by Portas. 

  • When you interact with Portas or its employees on its Sites, by email, or telephone, to ask a question, request information, or otherwise seek a response from Portas. 

Portas may also receive personal data about from third parties, including service providers and data vendors in the course of our business activities. When we collect personal information from third parties, the data consists primarily of publicly available personal information compiled from business websites, public-facing social media platforms, and other widely used public sources. We also acquire deidentified datasets from certain service providers that we maintain in deidentified form. In each instance, we do our best to confirm that the third party has lawfully collected the data from appropriate sources and is authorised to share the data with Portas for the uses intended by Portas. 

In addition, we use tools and applications that reduce security threats and reduce the risk of access by bots and automated devices, but we do not use those tools and applications for non-security purposes. 

We process your personal data based on the following legal grounds: 

  • Consent: When you provide consent for specific purposes. 

  • Legitimate Interests: For business interests that do not override your privacy rights. 

  • Contractual Necessity: To fulfil our contractual obligations to you and our clients.  

  • Legal Obligations: To comply with legal requirements. 

​​We use your personal data for the following purposes: 

  • To provide and maintain our Site. 

  • To improve and personalise your experience. 

  • To communicate with you, including responding to inquiries. 

  • To deliver our client-based work. 

  • To analyse usage and trends to improve our Site and other external communications  

  • To collect information and produce reports that are in line with our organisational aims.  

  • Provide our services or products to our clients 

  • To comply with legal obligations. 

We use cookies and similar technologies to enhance the experience on our Site. Portas may collect information about whether you open or click any links on the website, research, or event communications that you interact with. You have options regarding our use of cookies and other tracking technologies. Please refer to our Cookie Notice for more details and to manage your choices. 

Personal data collected in the course of Portas business activities may be transferred and made available to Portas entities, service providers, and third parties as necessary to accomplish the specific business purposes for which the personal data were collected and to support our interactions with you, and otherwise as required to comply with applicable law. Third parties must adhere to strict data protection standards and only process your data for specified purposes.  

  • To Portas subsidiaries and affiliates and personnel across our global organisation. 

  • To Portas service providers and personnel. 

  • To Portas legal and professional advisors. 

  • To third parties in the following circumstances: 

  • If we are required to do so by law or legal process 

  • To law enforcement authorities or other government officials pursuant to lawful request 

  • When we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity. 

  • If disclosure is necessary to protect the vital interests of a person; 

  • To protect our property, services, and legal rights. 

  • To prevent fraud against Portas Group, our subsidiaries and/or business partners 

  • To aid in a Portas investigation of an actual or suspected security incident, such as a breach involving confidential information or personal information. 

  • To support auditing, compliance, and corporate governance functions. 

  • To comply with any and all applicable laws. 

  • To a successor or different business entity in the event of a reorganisation, merger, sale, joint venture, assignment, or other transfer or disposition of all or any portion of our business. 

If personal data is transferred to and processed in countries outside of your country. We ensure appropriate safeguards are in place to protect your data, such as standard contractual clauses.  

We implement appropriate technical and organisational measures to protect your personal data from unauthorised access, use, or disclosure. Despite these precautions however, Portas cannot guarantee that unauthorised persons will not obtain access to your personal data. 

We retain your personal data only as long as necessary to accomplish the business purposes for which it was collected to meet our legal or contractual obligations and in compliance with Portas data-retention policy. We will delete personal data promptly after the purposes described cease to apply in accordance with the prevailing market practice for such destruction. 

If we receive a request to delete personal data, Portas will comply with applicable law and will make reasonable attempts to delete all instances of the personal data, subject to our right to keep a copy of such data for the purposes mentioned above.  

Under the General Data Protection Regulation (GDPR), you have several rights regarding your personal data. These rights are designed to give you more control over how your data is used and to ensure that your privacy is protected. Below, we outline each of these rights in detail. 

  1. Right to Access You have the right to request access to the personal data we hold about you. This means you can ask us to provide you with a copy of your personal data, as well as information about how we use it, who we share it with, and how long we intend to keep it. This right allows you to be informed about and verify the lawfulness of our processing of your data. 

  1. Right to Rectification If you believe that any of the personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct or update this information. This ensures that we maintain accurate and up-to-date records about you, which is essential for providing you with the best possible service. 

  1. Right to Erasure (Right to be Forgotten) You have the right to request the deletion of your personal data in certain circumstances. This includes situations where the data is no longer necessary for the purposes for which it was collected, if you withdraw your consent (where consent is the legal basis for processing), or if you object to the processing and there are no overriding legitimate grounds for continuing the processing. This right is not absolute and may be subject to certain legal exceptions. 

  1. Right to Restrict Processing In certain situations, you have the right to request that we restrict the processing of your personal data. This means that we can store your data but cannot use it for any other purposes. You might exercise this right if you contest the accuracy of the data, if the processing is unlawful but you oppose erasure, or if you need the data for legal claims even though we no longer require it for our purposes. 

  1. Right to Data Portability You have the right to request that we transfer your personal data to another data controller in a structured, commonly used, and machine-readable format. This right applies when the processing is based on your consent or on a contract and is carried out by automated means. It allows you to obtain and reuse your data across different services. 

  1. Right to Object You have the right to object to the processing of your personal data when it is based on legitimate interests, including profiling. If you raise an objection, we will cease processing your data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is for the establishment, exercise, or defense of legal claims 

  1. Right to Withdraw Consent Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent. 

  1. Right to Lodge a Complaint If you believe that we have not complied with data protection laws, you have the right to lodge a complaint with a supervisory authority. This is typically the data protection authority in the country where you live, work, or where the alleged infringement took place 

  1. Right to Non-Discrimination You have the right not to be discriminated against for exercising any of your data protection rights. We will not deny you services, charge you different prices, or provide a different level of service because you have exercised your rights 

To exercise any of these rights, please contact us at operations@portasconsulting.com. Complete the data-subject requestform 

We will respond to the request in accordance with applicable data protection laws and will take reasonable steps to verify your identity before fulfilling the request to ensure your privacy and security.  

If you have any questions or concerns about this Privacy Policy, please contact us at: 

  • Portas Consulting Group 

  • Emailing your request to us at Operations@portasconsulting.com 

  • For UK Residents call us at +44 208 3990 144