Privacy Policy

Privacy Policy

This website is owned by Graphene Composites Ltd and managed according to our Privacy Policy which is outlined below.


  1. Scope

Under data protection legislation we have a legal duty to protect any personal information we collect from you. We take data protection seriously and safeguarding your personal information is important to us. We are committed to maintaining the privacy and confidentiality of information provided by you to us. This Privacy Policy explains what personal information we collect, how we use that information and what rights you have in relation to the personal data we collect about you. The term ‘personal data’ refers to personally identifiable information about you as defined in data protection legislation.


  1. Collection of personal data including email addresses

We may collect personal data about you in a variety of ways, including:


We may collect, use, store and transfer different kinds of personal data about you, including:


We only collect special categories of personal data about you in very specific circumstances, such as where we are required to do so in connection with fulfilment of orders to comply with financial and security regulations or potential investment enquiries.


If you do not provide information requested by us from time to time, we may not be able to provide services to you or otherwise fulfil the purpose for which we have requested the information.


  1. Use of personal data

We will only use your personal data where the law allows us to do so. Graphene Composites Ltd and its employees, agents, consultants and subcontractors may use your personal data and disclose it on a confidential basis to third parties for the following purposes:


We consider that the processing of personal data as described above is necessary for the legitimate interests of Graphene Composites Ltd. In deciding this:


We will also process your personal data where it is necessary in order to perform a contract we are about to enter into or have entered into with you, or where we need to do so in order to comply with a legal or regulatory obligation.


You may at any time request that we stop processing your personal data for direct marketing purposes by emailing us as set out further below.


  1. Disclosure of your personal data

We may share your personal data within Graphene Composites Ltd and may share your personal data with third parties where we reasonably consider that it is in our legitimate interests to do so and your interests, rights and freedoms do not override our legitimate interests. We will not sell, resell, lease or license your personal data to any third parties. We may share, transfer or disclose your personal data to comply with a legal and regulatory requirement, for the administration of justice, interacting with anti-fraud databases, to protect your vital interests, to protect the security or integrity of our databases or our website, to take precautions against legal liability, or in the event of a joint venture, collaboration, financing, sale, merger, reorganisation, change of legal form, dissolution or similar event.


We may share, transfer or disclose your personal data to a potential or actual successor to us. In each case we require the relevant third party to take adequate precautions to protect your personal data and to comply with applicable law though we cannot control the use of your personal data by third parties.


As part of the services offered to you through the website, the personal data you provide may be transferred to and stored in the United States and in certain circumstances, other countries outside of the European Economic Area (EEA). By way of example, a transfer of your personal data will happen when we send email communications through our email provider Mailchimp, whose servers are based in the US or in fulfilment of an order to conform with US ITAR (International Traffic in Arms Regulations.


We will only transfer personal data outside of the EEA where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your personal data, for example, by way of data transfer agreement incorporating the current standard contractual clauses adopted by the European Commission, or by self-certifying to the EU-US Privacy Shield Framework in the event that the organisation in receipt of the information is based in the United States.


To ensure that your Personal Information receives an adequate level of protection, we have put in place appropriate safeguards and procedures with the third parties we share your personal data with. This ensures your information is treated by those third parties in a way that is consistent with data protection laws.


  1. Data Security and Retention

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.


We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.


  1. Your Rights

Under GDPR, you have various rights in relation to your Personal Information, such as the rights of access, rectification, restriction, objection, portability, and erasure. Please note that these rights are subject to certain limitations set forth in applicable law.  You may:


If you wish to exercise any of the rights set out above, please put your request in writing to  We will seek to deal with your request without undue delay, and in any event in accordance with the requirements of applicable laws. Please note that we may keep a record of your communications to help us resolve any issues you raise.


We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.


You have the right to make a complaint at any time to the Information Commissioner’s Office; the UK supervisory authority for data protection issues. Further information about data protection issues and your rights as a data subject can be found at


  1. Unsubscribe

If you do not wish to receive emails from us and want to be removed from our electronic mailing list, please either unsubscribe from any email communication you have received, or email us at with “email unsubscribe” in the subject heading.