Back to Home

Privacy Policy

How we collect, use, and protect your personal information.

Last updated: 31 March 2026

1. Introduction

Apex Hospitality Solutions Ltd (Company No. 17100162), registered at 3 Lambrook Terrace, London, SW6 6TF ("we", "our", "us"), is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, store, and share your data when you visit our website (apexhospitalityltd.co.uk), use our services, or interact with us.

We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all applicable UK data protection legislation.

2. Data Controller

Apex Hospitality Solutions Ltd is the data controller for the purposes of data protection law. If you have any questions about this policy or our data practices, please contact us at info@apexhospitalityltd.co.uk or call 020 3916 6737.

3. Information We Collect

Information you provide directly

  • Partner enquiry forms: company name, contact name, email address, phone number, staffing requirements, and any message you provide.
  • Staff application forms: first name, last name, email address, phone number, role interest, and any additional information you include in your message.
  • Email and phone correspondence: content of communications you send to us.

Information collected automatically

  • Technical data: IP address, browser type and version, operating system, referring URL, pages visited, time and date of visit, and time spent on pages.
  • Cookie data: see our Cookie Policy for full details.

4. How We Use Your Information

We process your personal data for the following purposes:

  • To respond to your enquiries and provide our staffing services.
  • To process and assess staff applications.
  • To match hospitality professionals with suitable client placements.
  • To communicate with you about our services, including shift confirmations and updates.
  • To comply with legal and regulatory obligations, including right-to-work checks and employment law requirements.
  • To improve our website and services.
  • To prevent fraud and ensure the security of our systems.

5. Lawful Basis for Processing

We rely on the following lawful bases under UK GDPR:

  • Consent: where you have given clear consent for us to process your personal data for a specific purpose (e.g. submitting an application form).
  • Contract: where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legitimate interests: where processing is necessary for our legitimate business interests, such as improving our services, provided your rights do not override those interests.
  • Legal obligation: where processing is necessary to comply with UK employment, tax, or immigration law.

6. Data Sharing

We may share your personal data with:

  • Client partners: hospitality businesses we work with, where necessary to arrange placements (staff applicants only).
  • Service providers: including our website hosting provider (Netlify), email service provider, and form processing service (Web3Forms), who process data on our behalf under appropriate agreements.
  • Professional advisors: lawyers, accountants, and insurers where necessary.
  • Regulatory bodies: HMRC, the Home Office, or other authorities where required by law.

We do not sell your personal data to third parties.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Partner enquiries: retained for up to 24 months from last contact, unless a business relationship is established.
  • Staff application data: retained for up to 12 months from submission. If you are placed with a client, data is retained for the duration of the working relationship plus 6 years for legal compliance.
  • Website analytics: aggregated data retained for up to 26 months.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encrypted data transmission (HTTPS/TLS), access controls, and regular security reviews.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data (Subject Access Request).
  • Rectification of inaccurate or incomplete data.
  • Erasure of your data in certain circumstances ("right to be forgotten").
  • Restriction of processing in certain circumstances.
  • Data portability — receive your data in a structured, commonly used format.
  • Object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at info@apexhospitalityltd.co.uk. We will respond within one month.

10. International Transfers

Your data is primarily processed within the United Kingdom. Where data is transferred outside the UK (for example, to service providers), we ensure appropriate safeguards are in place in accordance with UK GDPR requirements.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

12. Contact & Complaints

If you have any questions, concerns, or complaints about our use of your personal data, please contact us:

Apex Hospitality Solutions Ltd
3 Lambrook Terrace, London, SW6 6TF
Email: info@apexhospitalityltd.co.uk
Phone: 020 3916 6737

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.