Privacy Policy

Introduction

EPC Advisor ("we", "us", or "our") is operated by Zanzero Ltd. This privacy policy explains how we collect, use, and protect your personal data when you use our website at https://epcadvisor.co.uk.

We are committed to protecting your privacy and handling your data in an open and transparent manner in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data We Collect

Information You Provide

• Postcode searches: When you search for a property, we process the postcode you enter to retrieve EPC data.
• Contact form submissions: If you contact us, we collect your email address and message content.

Information Collected Automatically

• Analytics data: We use Google Analytics to understand how visitors use our site. This includes pages visited, time on site, and general location (country/region level).
• Cookies: We use essential cookies for site functionality and optional analytics cookies (with your consent).
• Server logs: Our hosting provider may collect IP addresses and browser information for security purposes.

How We Use Your Data

We use the data we collect to:

• Provide EPC lookup and recommendation services
• Improve our website and user experience
• Respond to your enquiries
• Analyse website usage patterns
• Ensure security and prevent fraud

Legal Basis for Processing

We process your data based on:

• Legitimate interests: To provide our services and improve user experience
• Consent: For analytics cookies and marketing communications (where applicable)
• Legal obligation: Where required by law

Data Sharing

We may share your data with:

• Partner services: When you click on partner links (e.g., to get a boiler quote), you will be redirected to their website. We share limited data (postcode, property type) to pre-fill forms. Each partner has their own privacy policy.
• Analytics providers: Google Analytics receives anonymised usage data.
• Hosting providers: Our website is hosted on DigitalOcean, who may process server logs.

We do not sell your personal data to third parties.

Cookies

We use the following types of cookies:

• Essential cookies: Required for the website to function (e.g., cookie consent preferences)
• Analytics cookies: Help us understand how visitors use our site (requires consent)

You can manage your cookie preferences at any time through the cookie consent banner or your browser settings.

Data Retention

• Search queries: Not stored beyond the immediate request
• Analytics data: Retained for 14 months (Google Analytics default)
• Contact enquiries: Retained for 2 years
• Server logs: Retained for 30 days

Your Rights

Under UK GDPR, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Request limited processing of your data
• Portability: Request your data in a machine-readable format
• Objection: Object to processing based on legitimate interests
• Withdraw consent: Where processing is based on consent

To exercise any of these rights, please contact us.

Data Security

We implement appropriate technical and organisational measures to protect your data, including:

• HTTPS encryption for all data in transit
• Secure hosting infrastructure
• Regular security updates
• Access controls for personnel

International Transfers

Some of our service providers (e.g., Google Analytics) may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses.

Children's Privacy

Our service is not directed at children under 16. We do not knowingly collect personal data from children.

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by posting a notice on our website.

Contact Us

If you have questions about this privacy policy or wish to exercise your rights, please contact us:

• Email: [email protected]
• Or use our contact form

Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection:

• Website: ico.org.uk
• Helpline: 0303 123 1113

Related Pages

• Contact Us – Get in touch with our team
• About Our Data – Data sources and transparency
• Accessibility Statement – Our commitment to accessibility