Privacy Policy

Last updated: 9th March 2026

Hychor Ltd (“Hychor”, “we”, “us”, or “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, and protect personal data when you visit our website, https://hychor.com (the “Website”), in accordance with the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.

1. Who We Are

Hychor Ltd is the data controller for personal data processed through this Website.

Registered address:
ABVenture Zone, MacRobert Building, King Street, Aberdeen, United Kingdom AB24 5UA

Email contact:
info@hychor.com

If you have any questions about this Privacy Policy or how we handle your personal data, you can contact us using the details above.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

a) Information You Provide Voluntarily

  • Name
  • Email address
  • Any information you choose to include in messages or enquiries

This data is collected when you contact us via the Website’s contact form.

b) Website Usage Data

When you visit the Website, certain technical information may be automatically collected through analytics and security services, including:

  • IP address
  • Browser type and version
  • Device and operating system information
  • Pages visited and interactions with the Website

This information is collected through analytics and security tools to help us understand how the Website is used and to protect it from misuse.

3. How We Use Your Personal Data

We use personal data for the following purposes:

  • To respond to enquiries and communications
  • To administer and improve the Website
  • To monitor Website performance and usage
  • To protect the Website from spam, abuse, and security threats

4. Lawful Bases for Processing

We process personal data under the following lawful bases:

  • Article 6(1)(a) UK GDPR – Consent: where required for analytics cookies or other optional services
  • Article 6(1)(f) UK GDPR – Legitimate interests: to operate, secure, and improve the Website and respond to enquiries
  • Article 6(1)(b) UK GDPR – Contract: where communications relate to potential partnerships or services

You may withdraw consent at any time where consent is the applicable lawful basis.

5. Provision of Data

Providing personal data through the Website (for example via the contact form) is voluntary. However, certain information such as your email address is necessary for us to respond to your enquiry.

If this information is not provided, we may be unable to respond to your message.

6. Contact Forms and Communications

When you submit an enquiry via the Website’s contact form:

  • Your information is sent by email only
  • Submissions are not stored on the Website
  • Messages are received and processed via Microsoft 365

We use this information solely to respond to your enquiry.

The Website may contain links to third-party websites (including LinkedIn). We are not responsible for the privacy practices of external websites.

8. Analytics and Security Services

We use third-party services to help operate and secure the Website, including:

  • Google Analytics: to understand how visitors use the Website
  • Google reCAPTCHA: to protect forms from spam and abuse

These services may process technical data such as IP addresses and device information. Analytics and non-essential services are subject to your cookie preferences.

Further details about cookies and consent are provided in our Cookie Policy.

We implement appropriate technical and organisational measures to protect personal data processed through the Website, including secure hosting, access controls, and encryption where appropriate.

9. Data Sharing

We do not sell personal data.

We may share personal data with service providers who support the operation of the Website, including Microsoft 365, Google Analytics, and Google reCAPTCHA. These providers act as data processors and process personal data only on our instructions or in accordance with their own privacy policies where they operate as independent controllers.

All such providers are required to process personal data in accordance with applicable data protection laws.

10. International Data Transfers

Some of our service providers may store or process personal data outside the United Kingdom. Where personal data is transferred outside the UK, we rely on appropriate safeguards, including the UK Addendum to the EU Standard Contractual Clauses.

11. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected:

  • Enquiry communications are typically retained for up to 24 months after the last correspondence, unless required for ongoing business or legal purposes
  • Analytics data is retained in accordance with our analytics configuration

Data may be retained longer where required to meet legal or regulatory obligations.

12. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request erasure of personal data in certain circumstances
  • Request restriction of processing
  • Object to processing based on legitimate interests
  • Request data portability (where applicable)
  • Withdraw consent where processing relies on consent
  • Lodge a complaint with the Information Commissioner’s Office (ICO)

You can exercise your rights by contacting us using the details in section 1.