We are Apto DC Limited, registered in England and Wales at 10th Floor, 5 Churchill Place, London, E14 5HU with company number 14376995.

Your privacy is protected by law, and it is also protected by our data security and protection policies. This page gives you an idea of how we use your data and the safeguards we put in place to protect it.

You can contact our voluntarily appointed Data Protection Officer at simon.ghent@aptodc.com if you have any concerns or wish to exercise your rights.

1. Our Promises:

We’re committed to your data privacy and security. As such we give you these promises:

• We will only collect data about you that is relevant and necessary.
• Your data will only be held on systems that meet compliance standards.
• Your data will only be accessed by those who need it and we will minimise the amount of data that is processed, wherever possible.
• We won’t share or sell your data to any third party except for the marketing of our own services to you unless either you have agreed, we are required to share it by law or we need to fulfil our service commitments to you through a third party that meets our own privacy standards.
• We will always remember that it is your personal data, not ours. As such we will ensure complete transparency and openness with you wherever possible. 
• We respect your rights as outlined in the next section and will respond to all requests promptly.

2. Your Rights

You have the following rights over any data we hold about you:

• Request a copy of personal information we hold about you.
• Ask that we update the personal information we hold about you or correct such personal information that you think is incorrect or incomplete.
• Ask that we delete personal information that we hold about you or restrict the way in which we use such personal information.
• Object to our processing of your personal information; and/or
• Withdraw your consent to our processing of your personal information (to the extent such processing is based on consent and consent is the only permissible basis for processing).

You can read more about your rights here.

If you would like to uphold your rights, then please contact our Data Protection Officer at simon.ghent@aptodc.com

If you are in dissatisfied with our response you also have the right to lodge a complaint with the Data Protection Authority. This can be done at https://ico.org.uk/concerns/

3. How we Collect your Data

We collect information about you in two main ways:

• Passive – you give us information on our website, email us, call us, send us a CV, meet one of us at events or meetings or approach us on social media
• Proactive – this is data about you that we may hold from referrals, resellers, clients or proactive marketing activity including obtaining your work-related data from publicly available databases.

4. What Data we Collect

We try and minimise the data held and the exact data elements we hold will be dependent on your journey with us. Typically, data elements we collect is restricted to:

• Your personal contact details – job title, email address, phone numbers, business related social media and source of your data.
• Your company details – as above but also company name, address, website and other public held information including credit rating and invoicing details if relevant.
• Transmitted information – such as emails, texts, messaging, phone call information and recordings, voice mails, meeting notes, CVs and delivery details.

5. Why we process your Data

We ensure we have a “legal basis” to use your data for the purpose we have collected it for. The primary legal basis that we process your data is for the fulfilment of Contract. Normally this means a services contract with your employer.

The information that we collect is essential for us to be able to carry out the services that you require from us effectively.

Data gained from marketing our services or other business activities are processed for our Legitimate Interests.  Where we use your information for our legitimate interests, we make sure we consider any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation).

6. How we Process your Data

In general terms our marketing activity is exclusively “Business to Business”.

Data is processed/stored on encrypted systems on-premises and hosted cloud services such as Microsoft 365, , Azure and AWS. In addition, we may use Large Language Models (LLM) to help us fulfil some of our services.

As such, some data will either be in UK and EU data centres or on US based servers. We may also process limited data in countries outside the UK or European Union from time to time in other aspects of our business.

Further to Section 119A of the Data Protection Act 2018 and noting Case C-311/18 in the European Court of Justice, if your data is transferred or processed outside of the UK or EEA where adequacy decisions are not in place, we ensure the safeguards of International Data Transfer Agreements (IDTAs) or Addendums are enforced.

Where this is not possible, we ensure that appropriate UK or European Standard Contractual Clauses are entered. For data transfer between the USA we may rely on the Data Privacy Framework or the UK Extension Data Bridge.

We regularly review suppliers for data security compliance to ensure your data is safe and track where your data is held. All our processes are subject to various internal policies to ensure that your data privacy and security is upheld.

7. What we use your Data for

We process your data for several reasons:

• To send you promotional emails containing the information we think you will find interesting.
• To communicate with you regarding your project
• To fulfil a contractual obligation or service to you
• To better understand your needs.
• To improve our services and products.
• To send invitations to events and follow these up if you have signed up to them.

8. Sharing Your Data

Data is only shared with third parties in connection to the delivery of our services or marketing of our services.

These include:

• Construction Companies who you will purchase your property from,
• Joint agents with us such as funders,
• Representatives or professional advisers such as solicitors, accountants and surveyors,
• Other entities associated directly with Apto,
• If required by law to do so.

We use remarketing services from third parties. These may rely on the use of cookies. You can read more about these in our Cookie policy.

Our website and other materials sent to you may contain links to other third-party websites. We may also offer buttons to social media that link to third party services. We’re not responsible for the content or your data privacy these sites provide through their tools or sites.

9. Data Retention

Dependent on the data you provide us and for what purpose it is provided we may need to retain your data for up to 5 years. If you wish to find out more about your specific data retention, please contact us.

10. Data Permissions

Every marketing email sent from Us allows you to opt out of receiving emails from us, except for the purposes of fulfilling any contractual arrangements.

You can also contact us at the email address above and request to opt out, view, export or delete your data.

If you request for your data to be deleted, your name and email address will be added to an exceptions list and all other data removed.

11. Legal Compliance

We seek to uphold our legal obligations as covered by the Data Protection Act 2018, General Data Protection Regulation 2016, Data Use and Access Act 2025 and the Privacy and Electronic Communications Regulations. Our Data Protection Authority is designated as the Information Commissioners Office (UK).

This Privacy Notice is reviewed on a regular basis and was last reviewed in July 2025. We will post the most current version on our website.