Legal

GDPR Compliance

Last updated: 14 January 2027

Qazi & Company Limited operates in full compliance with the UK GDPR and the Data Protection Act 2018. This page summarises the safeguards we apply across our lead-generation, verification, and delivery pipeline.

1. Lawful basis and consent

Every commercial enquiry we generate is collected on a Qazi Shahroz-owned landing page with explicit, granular consent, a linked privacy notice, and a documented lawful basis for processing. Consent is captured with time-stamp, IP, source URL, and consent-text version.

2. Data minimisation

We collect only the fields required to qualify and deliver a lead against your ICP. Sensitive personal data is not collected via our B2B enquiry forms.

3. Audit trail

Full acquisition and delivery audit trails are retained per lead and available on request for your own compliance records.

4. Data subject rights

We honour access, rectification, erasure, restriction, portability, and objection requests within the statutory timeframes. Consent can be withdrawn at any time via hello@qazishahroz.com.

5. Processors and transfers

Every processor operates under a written DPA. Cross-border transfers rely on UK IDTA, EU SCCs, or adequacy decisions.

6. Security

Encryption in transit, role-based access controls, audit logging, and regular access reviews. Incident-response procedures include ICO notification within 72 hours where required.

7. Contact

Data protection queries: hello@qazishahroz.com.