Privacy Policy

Hadley Industries Holdings Limited (Ltd) are a cold rolled metal manufacturer with its head offices based in the UK and its subsidiaries located in the UAE, Thailand, Turkey, and the Netherlands. (Collectively known as the ‘Hadley Group’) To find out more , please visit our ‘about us’ page.

Hadley Industries Holdings Ltd (“Hadley Group”, “we”, “us”, or “our”) are committed to protecting the privacy and security of your personal information. This privacy notice describes how we collect and use personal information during and after your visit of our website.

Hadley Industries Holdings Ltd is a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you (I.e. the visitor of this website). We are required under the data protection legislation to notify you of the information contained in this privacy notice to provide transparency in the use of your personal data.


Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as: “Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.


During the use of our site you may be asked to provide your contact details such as a name, email, phone number, job title, company name, address, where:

  • You wish to make a general enquiry, an enquiry for a quote to be provided, or product information to be provided or where you ask us to contact you, using the contact forms provided on the site.
  • You wish to download our free software such as Design Suite Pro
  • You wish to sign up to our email marketing list.
  • You wish to apply for vacancies on our website

In some circumstances, we may also collect further details such as work history, personal interests, date of birth, academic history, personal references, where:

  • You willingly supply a Curriculum Vitae or covering letter to us in response to a job advertisement or vacancy on our website.

The personal data you provide us is optional, we endeavor to only collect data that is relevant to the service you have requested or have shown an interest in.

Like many other websites we also utilize automated processing to produce site statistics using Google analytics. This allows us to gain a better insight into the use of our site and help optimize your user experience. The following information is collected on each visit using cookies (See ‘cookies’ section for more details):

  • Online personal identifiers such as the geographical location and Internet Protocol (IP) address
  • Internet browser and operating system details
  • The date and time of your visit
  • The referral URL and the pages you visit on the site.

This data is collected for statistical and administration purposes only and is stored by Google Analytics. You can prevent google analytics from collecting data at any time by disabling the cookies in your internet browser or by installing the Google Analytics Opt-Out Browser Add-On.


Cookies are small text files that exchange information between our site and the computer or device used to access it . Cookies are used to improve efficiency, performance of websites and to provide an enhanced user experience. We use cookies on our website to:

  • Enable you to freely navigate the website and find the information you are looking with ease.
  • Collect Statistics about our website activity, e.g. how many people visit the website, which pages they look at, what devices they use (PC’s mobile phones etc).

These are the types of Cookies we use:

  • CraftSessionId – This cookie is issued by Craft CMS and contains a unique ID to help recognise when an anonymous user attempts to log in. This cookie contains no personally identifiable information. (Necessary)
  • CRAFT_CSRF_TOKEN – This cookie is issued by Craft CMS and contains a unique ID that is used to verify that any form requests to the site are coming from valid user sessions. This cookie contains no personally identifiable information (Security)
  • Google Analytics – We use Google Analytics tracking cookies to collect anonymous traffic data about your use of this website to help us improve the site for future visitors. Google Analytics collects information such as pages you visit on this site, IP Address, the browser and operating system you use and time spent viewing pages. The information collected is stored by Google and subject to their privacy policy (Performance).

This website may link through to third party websites which may also use cookies which we have no control over. We recommend that you check the relevant third parties privacy policy for information about any cookies that may be used on their site.

You can configure your web browser to refuse cookies, to delete cookies, or to be informed if a cookie is set. You can find out how to do this by clicking “help” on your browser menu.

To opt-out from Google Analytics, please visit: Google Analytics Opt-Out Browser Add-On.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit All About Cookies.

You should note that by deleting or blocking cookies, the Website may not function correctly and you may not be able to access certain areas.


We need the categories of information listed above primarily to allow us to perform a contract with you, to enable us to comply with legal obligations or to pursue legitimate interests of our own or those of third parties provided your interests and fundamental rights do not override those interests. You may also have consented to the processing of your data for one or more specified purposes (please note that such consent can be withdrawn at any time ).

Some of the grounds for processing may overlap and there may be several grounds which justify our use of your personal information.

We will only use the personal information for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose, If we need to use your personal information for an unrelated purpose , we will notify you and we will explain the legal basis which allows us to do so.

We collect or store your personal data where it is considered lawful under the GDPR . We may use your data to:

  • Provide information and services that you have requested
  • Provide product quotes or respond to product queries
  • Respond to contact requests -Store contact details in our secure CRM database, where you have provided this to us (I.e. via the contact form). We will not market emails to you unless you have explicitly agreed to this.
  • Provide marketing updates such as product updates, newsletters or details on product launches, ongoing organisational updates, events/exhibitions news, where you have actively given us your consent or have shown us a clear interest. (Please note that such consent can be withdrawn at any time by contacting
  • Provide software access and continuous updates
  • Understand how visitors, interact with our website
  • Produce statistics to continually improve and develop our site and services
  • Help prevent online/cyber-crime and fraud and to improve the security of our information systems.

In any event, we are committed to ensuring that the information we collect and use is appropriate for a specified purpose and does not constitute an invasion of your privacy. In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.


We will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, use it for the purpose it was obtained for and not keep it for longer than is necessary. We will determine retention for personal data on a case by case basis and dispose data in a secure manner when required. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure and the purposes for which we process this data.

In some cases, we may be required to retain your personal data in accordance with the law, for fraud prevention, legal or accounting requirements, reporting or where there may be a legitimate business reason in doing so.

How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices. Personal data may be held in addition to these periods depending on individual business needs.


We may pass your personal data on to third-party service providers or data processors contracted to Hadley Industries Holdings Ltd in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details secure and may be subject to necessary due diligence to ensure confidentiality integrity and availability of the information shared.

We do not allow our third-party service providers to use your personal data for their own purposes. They are only permitted to process your personal data for specified purposes and only in accordance with our instructions. When the data is no longer required to fulfil the service, they will dispose of the details in line with Hadley Industries Holdings Ltd’s procedures. We may share your data with the following:

  • Government departments, regulatory agencies where reporting is mandatory or a legal requirement.
  • Microsoft Dynamics CRM, a secure data protection compliant platform where we store business/customer contacts, leads and marketing lists. This service deploys Encryption in transit and at rest using AES FIPS 140-2-compliant solutions to ensure personal data is secured at all times. (Data centre hosted in the EU)
  • Google Analytics, a web analytics solution used to provide statistics on the use of our site. The data collected by Google Analytics is anonymised and therefore does not reveal your identity to us. To learn more about Google Analytics and how it processes data please view their privacy policy. Our group which includes the ultimate holding company and its subsidiaries, where this is legally permitted.
  • Third parties used to facilitate secure payment transactions
  • Marketing partners for direct mailing, mail shots or company / order process updates.
  • Website Host, to ensure ongoing availability, maintenance and security of the site and it’s information system. (Data centre hosted in the EU)


We will endeavour to keep your personal data secure by taking appropriate technical and organisational measures in preventing unauthorised access or accidental loss by maintaining the confidentiality integrity and availability of the information systems storing your data. Our Microsoft Dynamics 365 CRM database in particular provides up to date and compliant security and privacy features ensuring your data is secure and protected at all times. For more information, visit Microsoft’s Trust Center.


We, at your request can confirm what information we hold about you and how it is processed. If we hold personal data about you, you can request the following information:

  • Identity and the contact details of the person or organisation that has determined how and why to process your data. In some cases, this will be a representative in the EU.
  • Contact details of the data protection officer, where applicable.
  • The purpose of the processing as well as the legal basis for processing.
  • If the processing is based on the legitimate interests of Hadley Industries Holdings Ltd or a third party, information about those interests.
  • The categories of personal data collected, stored and processed.
  • Recipient(s) or categories of recipients that the data is/will be disclosed to.
  • If we intend to transfer the personal data to a third country or international organisation, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
  • How long the data will be stored.
  • Information about your right to withdraw consent at any time.
  • How to lodge a complaint with the supervisory authority.
  • Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
  • The source of personal data if it wasn’t collected directly from you.
  • Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.


Under the GDPR you as the data subject have the right to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it. You will be provided with this information within 1 month of the request.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.

If you want to request access, review, verify, correct or request erasure or object to the processing or request that we transfer a copy of your personal information to another party, please contact our Data Protection representative in writing or send an enquiry via the contact details provided at the end of this notice.


Hadley Industries Holdings Ltd accepts the following forms of ID when information on your personal data is requested:

  • Photo ID or proof of address or similar


If you have any queries relating to the way we treat your personal data or in the unlikely event you would like to raise a complaint with us, you can do this by emailing: accompanied with all the details. Alternatively, you can contact us in writing on:

Hadley Industries Holdings Ltd – Data Protection Contact

Address: 92 Downing Street, Smethwick, West Midlands, B66 2PA

If you are not satisfied in how a complaint or query was handled by us, you have the option to raise a concern with the Data Protection Supervisory Authority. For more details, visit the ICO Website.


This Privacy Notice was last updated: April 2018

View Hadley Group’s privacy policy

Download Hadley Group’s privacy policy

© 2024