Privacy Policy
Effective Date: 6th March 2025
Last Updated: 7th March 2026
Regal Personnel Limited (trading as Regal Cloud) Ltd (“we”, “us”, “our”) is committed to protecting and respecting your privacy.
This Privacy Policy explains how we collect, use, and safeguard personal data when you interact with our website, services, or business communications.
We process personal data in accordance with:
- UK General Data Protection Regulation (UK GDPR)
- Data Protection Act 2018
- Applicable data protection legislation
Our information security and governance framework is supported by certifications including:
- ISO/IEC 27001 – Information Security Management
- ISO/IEC 42001 – Artificial Intelligence Management
- ISO 9001 – Quality Management
- Cyber Essentials and Cyber Essentials Plus
1. Who We Are
Regal Personnel Limited T/A Regal Cloud
26 Kings Hill Avenue, West Malling, Kent, ME194AE
6738634
Data Protection Officer / Responsible Contact
Jamie Clarke
Email: compliance@regal-cloud.com
2. The Personal Data We Collect
We may collect and process the following categories of personal data.
Identity Data
Name, job title, company, professional background.
Contact Data
Email address, telephone number, business address.
Recruitment Data
CVs, employment history, professional qualifications, references.
Communication Data
Email communications, meeting notes, call recordings or transcripts where applicable.
Technical Data
IP address, device information, browser type, usage logs.
Business Relationship Data
Information relating to contracts, service delivery, supplier relationships.
3. Call Recording and Meeting Transcription
To improve service delivery, operational efficiency, and record keeping, we may record or transcribe business calls and meetings.
This may include:
- Video meeting transcripts
- Call summaries
- Automated meeting notes
These records may be generated using AI-enabled transcription tools.
Transcripts may include:
- Video conference transcripts
- Call summaries
- Meeting notes
These recordings and transcripts are used solely for:
- Documentation
- Service delivery
- Quality management
- Compliance and dispute resolution
Transcription systems are selected and managed in accordance with our AI governance framework aligned with ISO 42001.
Where appropriate, participants are notified that meetings may be recorded or transcribed.
4. Use of Artificial Intelligence
We use AI technologies to support certain business activities such as:
- Meeting transcription
- Document summarisation
- Productivity tools
- Service automation
AI tools are governed under our AI Management System (ISO 42001) and are used in accordance with the following principles:
- Transparency
- Security
- Human oversight
- Data minimisation
- Responsible use
These systems are used with human oversight and are not used to make fully automated decisions that have legal or similarly significant effects on individuals.
5. How We Use Your Data
We process personal data for the following purposes:
Service Delivery
Providing IT services, consulting, and managed services.
Recruitment Services
Matching candidates with job opportunities and managing recruitment processes.
Business Communications
Managing communications with clients, candidates, and suppliers.
Operational Management
Managing internal operations, meetings, documentation, and service records.
Legal and Regulatory Compliance
Complying with legal obligations including tax, employment law, and regulatory requirements.
Security and Risk Management
Protecting our systems, networks, and information assets.
6. Legal Basis for Processing
We process personal data on the following lawful bases:
Legitimate Interests
To operate and improve our services and maintain business relationships.
Contractual Necessity
Where processing is required to perform contractual obligations.
Legal Obligations
Where we are required to comply with legal or regulatory requirements.
Consent
Where required, particularly for optional communications.
7. Data Sharing
We may share personal data with trusted third parties including:
- Cloud service providers
- IT infrastructure providers
- Recruitment platforms
- Professional advisers
- Regulatory authorities where required
All suppliers are subject to appropriate security and data protection controls.
Supplier risk is managed under our ISO 27001 supplier relationship framework.
8. International Transfers
Where data is transferred outside the UK or EEA, appropriate safeguards are implemented, including:
- Standard Contractual Clauses
- Adequacy decisions
- Contractual security controls
9. Data Retention
Personal data is retained only for as long as necessary to fulfil the purposes outlined in this policy.
Typical retention periods include:
- Recruitment data: up to 24 months
- Client records: duration of contract + statutory retention
- Meeting transcripts: retained in line with operational documentation policies
Retention schedules are governed by our Information Classification and Records Management policies.
10. Security of Your Data
We implement appropriate technical and organisational security measures to protect personal data.
These include:
- Access control and least privilege
- Encryption in transit and at rest
- Secure cloud infrastructure
- Monitoring and incident response processes
- Regular security reviews
Our information security programme is certified to ISO/IEC 27001 and supported by Cyber Essentials Plus certification.
11. Your Data Protection Rights
Under UK GDPR you have the right to:
- Access your personal data
- Correct inaccurate data
- Request erasure of your data
- Restrict processing
- Object to processing
- Data portability
Requests can be submitted via:
compliance@regal-cloud.com
12. Complaints
If you believe your data has been handled incorrectly, you may contact us first so we can address your concern.
You also have the right to complain to the Information Commissioner’s Office (ICO).
ICO Website:
https://ico.org.uk
13. Changes to this Privacy Policy
We may update this Privacy Policy periodically.
The latest version will always be available on our website.
