Privacy Policy

Areti Legal Services Limited, incorporated in England with company number 16454396 (“Areti Legal”, “we”, “us”, “our”), respects your privacy and is committed to protecting your personal data. This privacy policy explains what personal information we collect through this website, how we use it, and your rights.

1. Who we are

Areti Legal is a corporate and commercial legal consultancy located in England that serves clients located that are predominantly located in the United Kingdom and/or South Africa (however such clients may have operations or businesses in different geographical areas). For the purposes of UK data protection law, Areti Legal is the data controller for personal data collected through this website.

If you have any questions about this policy or how we handle your data, you can contact us at:

Email: info@aretilegal.com

2. What personal data we collect

The only personal data we collect through this website is information you voluntarily submit via the Get in touch form:

• Name
• Email address
• Phone number (optional)
• Service area of interest (if selected)
• Your message

We do not use cookies or tracking technologies.

This site uses localStorage only to store your light/dark theme preference. This data is stored only on your device, is never transmitted to us, and does not contain or process any personal information.

3. How we use your personal data

We use the information you provide solely to:

• Respond to your enquiry
• Communicate with you about the services you have asked about
• Keep a record of your enquiry

We do not use your data for marketing unless you explicitly consent.

4. Legal basis for processing

Under the UK GDPR, our lawful basis is legitimate interests: you have contacted us and we need your details to respond to your enquiry. We have carried out a legitimate interests assessment and determined that our processing does not override your rights or freedoms.

Under South Africa’s POPIA, processing is justified because it is necessary to respond to your request.

You may object to our processing at any time by contacting us.

5. How we store and share your data

Form submissions are processed and stored by Netlify, our hosting provider. Netlify acts as our data processor and stores submission data on secure servers. You can review Netlify’s privacy practices and policy here.

Because Netlify is based in the United States, your data may be transferred outside the UK. Where this occurs, Netlify relies on Standard Contractual Clauses (SCCs) or equivalent safeguards to protect your data.

We do not share your data with any other third parties unless required by law or unless you explicitly consent thereto.

6. Data retention

We retain enquiry data for 12 months from the date of your enquiry unless:

• You become a client (in which case your data will be handled under our client engagement terms), or
• You ask us to delete it sooner.

7. Your rights

Under the UK GDPR and POPIA, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to or restrict processing
• Request a copy of your data in a portable format
• Lodge a complaint with a supervisory authority

UK: Information Commissioner’s Office (ICO) – ico.org.uk

South Africa: Information Regulator – inforegulator.org.za

To exercise any of these rights, please contact us using the details above.

8. Providing your data

Providing your personal data is entirely voluntary, but we cannot respond to your enquiry without it.

9. Automated decision-making

We do not use automated decision-making or profiling.