Privacy Policy

A legal disclaimer

At Athena, we value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your personal information when you visit athenamanagement.co.uk.

If you are located in the European Economic Area (EEA), this policy also explains your rights under the General Data Protection Regulation (GDPR).

1. Information We Collect

We may collect the following types of information:

Personal Information:

Name, email address, phone number, billing/shipping address, and payment details (if purchases are made).
Information you provide when filling out forms, subscribing to newsletters, or contacting us.

Non-Personal Information:

IP address, browser type, device type, operating system, referral source, and usage data such as pages viewed and time spent on the website.

Cookies & Tracking Technologies:
We use cookies and similar technologies to enhance your experience, analyze traffic, and personalise content. You can manage cookie settings in your browser.

2. Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data on one or more of the following legal bases:

Consent – where you have given us explicit permission (e.g., subscribing to a newsletter).
Contract – where processing is necessary to perform a contract with you (e.g., fulfilling an order).
Legal Obligation – where processing is required by law.
Legitimate Interests – where it is in our legitimate business interest and does not override your rights (e.g., to improve services or prevent fraud).

3. How We Use Your Information

We use your information to:

Provide and improve our services.
Process orders and payments.
Respond to inquiries and support requests.
Send newsletters and promotional materials (if you have opted in).
Ensure website security and prevent fraudulent activity.
Comply with legal requirements.

4. Sharing Your Information

We do not sell your personal data. However, we may share it with:

Service Providers: Trusted partners who assist with payment processing, hosting, analytics, or email distribution.
Legal Requirements: Authorities or regulators if required by law or to protect our rights and safety.
Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred.

5. International Data Transfers

If you are located in the EEA, your personal data may be transferred outside the EEA. Where we do so, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses or transfers to countries with adequate protection as recognized by the European Commission).

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law.

7. Your GDPR Rights

If you are located in the EEA, you have the following rights under GDPR:

Right of Access – Obtain a copy of the personal data we hold about you.
Right to Rectification – Request correction of inaccurate or incomplete data.
Right to Erasure – Request deletion of your data (“right to be forgotten”).
Right to Restrict Processing – Limit how we use your data.
Right to Data Portability – Request transfer of your data to another service.
Right to Object – Object to processing based on legitimate interests or direct marketing.
Right to Withdraw Consent – If processing is based on consent, you may withdraw it at any time.

8. Data Security

We implement appropriate technical and organizational measures to safeguard your personal information. However, no online transmission or storage system can be guaranteed 100% secure.

9. Children’s Privacy

Our services are not directed to children under 16, and we do not knowingly collect personal data from children. If we become aware of such data collection, we will delete it immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated Effective Date.