​

Last updated: January 2026

​

1. Introduction

​

This Privacy Policy explains how MAGUS LTD (“we”, “us”, “our”) collects, uses, stores, and protects personal information that you provide to us or that we obtain from other sources. It also explains your rights under UK data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

​

This Privacy Policy does not form part of any contract and does not create rights or obligations beyond those provided by applicable data protection legislation.

​

MAGUS LTD is a consulting firm operating in the United Kingdom.

If you have any questions or concerns about this Privacy Policy or how we handle personal information, please contact us at info@magus.biz.

​

2. Our Role Under Data Protection Law

​

Depending on the circumstances, MAGUS LTD may act as:

​

• a Data Controller, where we determine how and why your personal data is processed; or

• a Data Processor, where we process personal data on behalf of a client who is the Data Controller.

 

Where we act as a Data Processor, the relevant client remains primarily responsible for your personal data. In such cases, we may redirect your query to that client where appropriate.

 

MAGUS LTD operates in the United Kingdom and is registered with Companies House under company number 03682303.

 

MAGUS LTD is subject to oversight by the Information Commissioner’s Office (ICO), the UK’s independent authority responsible for upholding information rights. Further information can be found at https://ico.org.uk/

​

3. Your Rights

​

If we hold personal data about you, you are a Data Subject and have the following rights under UK data protection law:

​

• Right to be informed – to know how and why your personal data is collected and used (fulfilled through this notice and other communications);

• Right of access – to request a copy of the personal data we hold about you;

• Right to rectification – to request correction of inaccurate or incomplete data;

• Right to erasure – to request deletion of your personal data, subject to legal and regulatory obligations;

• Right to restrict processing – to limit how we use your personal data in certain circumstances;

• Right to data portability – to receive your data in a structured, machine-readable format where processing is based on consent or contract;

• Right to object – to object to processing, particularly for direct marketing;

• Right to decline automated decision-making – we do not use automated decision-making or profiling.

 

To exercise any of these rights, please contact info@magus.biz. We may request proof of identity before responding.

​

4. How and When We Collect Personal Data

​

We may collect personal data in the following circumstances:

​

• when you engage us directly for consulting or advisory services;

• when you represent, or are employed by, an existing or prospective client, supplier, or partner;

• when you contact us with an enquiry, complaint, or request;

• when you apply for employment or contract work with MAGUS LTD;

• when personal data is provided to us by a third party (such as a client or professional adviser) in connection with our services.

 

5. What Personal Data We Collect

​

The personal data we collect may include:

​

• name, job title, and business contact details;

• employment and professional background information;

• correspondence and communications with us;

• billing, contractual, and service-related information;

• in limited and relevant cases, sensitive personal data (special category data), which will only be processed with appropriate safeguards and, where required, your explicit consent.

 

We only collect personal data that is necessary, relevant, and proportionate to the purpose for which it is collected.

​

6. How We Use Your Personal Data

​

We use personal data for the following purposes:

​

6.1 Delivering Our Services

​

To provide consulting and advisory services to clients, including business strategy, operational support, analysis, and related professional services.

​

6.2 Managing Client and Partner Relationships

​

Including:

​

• due diligence and onboarding;

• communication, invoicing, and contract administration;

• handling complaints or service issues.

 

6.3 Legal and Regulatory Compliance

​

To comply with applicable laws, regulations, and professional obligations.

​

6.4 Recruitment and Employment

​

To assess candidates, manage recruitment processes, and administer employment or contractual relationships.

​

7. Emails and Communications

​

Please be aware that email communications may be vulnerable to interception unless appropriate security measures such as Transport Layer Security (TLS) are in place.

​

• Emails sent to us for our sole use will not be shared with third parties unless required by law or necessary to deliver services.

• Emails sent in connection with client work may be shared with relevant clients or professional advisers where necessary.

 

8. Employees and Contractors

​

We hold personal data relating to employees and contractors as required to manage the working relationship. Individuals are informed about:

​

• what data we hold;

• how it is used;

• how long it is retained; and

• their rights under data protection law.

 

Personal data is processed on the basis of consent, contractual necessity, or legal obligation, as appropriate.

 

9. Job Applicants

 

If you apply for a role with MAGUS LTD:

​

• personal data is processed for recruitment purposes;

• if unsuccessful, data will normally be deleted within two months, unless we are actively discussing a role with you or you consent to longer retention.

 

10. Complaints

​

If you raise a complaint, we will process personal data necessary to investigate and resolve the matter. Complaint data will not be shared with third parties unless required to resolve the issue or required by law.

​

11. Data Sharing

​

We may share personal data with:

​

• clients, where necessary to deliver our services;

• professional advisers (e.g. legal, accounting);

• regulators or authorities where legally required;

• service providers who support our operations, subject to confidentiality and data protection obligations.

 

We do not sell personal data.

​

12. International Transfers

​

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, such as contractual protections or adequacy decisions, to protect your information.

​

13. Data Security

​

We implement physical, technical, and organizational measures to protect personal data against unauthorized access, loss, misuse, or destruction. Access is limited to individuals who need it for legitimate business purposes, and staff are trained on data protection responsibilities.

​

14. Retention of Personal Data

​

We retain personal data only for as long as necessary for the purposes for which it was collected, taking into account legal, regulatory, and business requirements.

​

15. How to Raise a Concern

​

If you have concerns about how we handle your personal data, please contact us at:

Email: info@magus.biz

​

If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at https://ico.org.uk/

​

16. Further Information

​

This Privacy Policy applies only to MAGUS LTD and does not extend to third-party websites linked from our site. We are not responsible for the privacy practices of external organizations.

​

This policy may be updated from time to time to reflect changes in law or our practices. The latest version will always be available on request.

​

For any questions, data access requests, or complaints, please contact info@magus.biz.