Privacy Policy
Pilani Group Limited (“Pilani Group”, “we”, “us” or “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you visit https://pilani.group/ (the “Website”) or otherwise interact with us.
This policy is issued in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR). Where your interaction with us takes place outside the United Kingdom, additional local data protection laws may also apply.
If you have any questions about this policy or how we handle your personal data, please contact us using the details in the Contact Us section below.
1. Who we are
Pilani Group Limited is the data controller responsible for the personal data we collect through this Website. We are a multi-industry group with operations spanning agriculture, hospitality, technology, and philanthropy across the United Kingdom, India, the United States, Liberia, and Nigeria.
Our group also includes separately operated businesses (including, without limitation, Makeney Hall Hotel, Lace Market Hotel, Georgian Hollies Hotel, Beechfield, Paradome AI, Invente, Ryze Up, LNPI, Lawton, Rainier, ElectrOtel, and iOlive). Those businesses operate their own websites and may have their own privacy notices applicable to their specific services. This policy covers only personal data collected through pilani.group.
2. Information we collect
We collect the following categories of personal data:
Information you provide to us directly. When you complete our contact form, email us, or otherwise correspond with us, we collect your first name, last name, email address, telephone number, the name of your organisation, the industry your enquiry relates to (Agriculture, Technology, or Hospitality), and any further information you choose to include in your message.
Information we collect automatically. When you browse the Website, we and our analytics providers automatically collect technical information including your IP address, device type, browser type and version, operating system, referring website, pages visited, time spent on pages, and the date and time of your visit. This information is collected via cookies and similar technologies (see Section 7 below).
Information from third parties. We may receive information about you from publicly available sources (such as Companies House or LinkedIn) where this is relevant to a business enquiry you have made or a commercial relationship we are exploring with you or your organisation.
We do not knowingly collect special category data (such as data revealing racial or ethnic origin, political opinions, religious beliefs, or health data) through this Website. Please do not submit such information to us via the contact form.
3. How we use your information and our lawful basis
Under UK GDPR, we must have a lawful basis to process your personal data. We rely on the following bases:
To respond to your enquiries (legitimate interests). When you submit a contact form or email us, we use your data to identify you, understand your enquiry, and respond appropriately. Our legitimate interest is operating our business and engaging with prospective partners, customers, and stakeholders.
To manage business relationships (legitimate interests / performance of a contract). Where you represent a current or prospective commercial partner, we may retain your contact details to manage that relationship, share relevant updates, and fulfil contractual obligations.
To operate, secure, and improve the Website (legitimate interests). We analyse usage data to understand how visitors use the Website, fix problems, prevent fraudulent activity, and improve our content and services.
To send marketing communications (consent). Where you have explicitly opted in, we may send you news, updates, or invitations relating to Pilani Group. You can withdraw this consent at any time using the unsubscribe link in any communication or by contacting us directly.
To comply with legal obligations. We may process your personal data where required to comply with applicable laws, regulations, or lawful requests from public authorities.
We will not use your personal data for purposes incompatible with those listed above without first informing you and, where required, obtaining your consent.
4. Sharing your information
We do not sell your personal data. We may share your information in the following limited circumstances:
Within the Pilani Group. Where your enquiry relates to a specific group business (for example, a hospitality enquiry relating to one of our hotels), we will route your information to the relevant operating company so they can respond to you directly.
With trusted service providers. We work with third parties who provide services on our behalf, including website hosting, email delivery, analytics, customer relationship management software, and IT support. These providers are contractually required to protect your data and use it only for the purposes we specify.
For legal and safety reasons. We may disclose information where required by law, court order, or regulatory authority, or where necessary to protect our rights, property, or safety, or that of our users or others.
In connection with a business transaction. If we are involved in a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred as part of that transaction, subject to appropriate confidentiality protections.
5. International transfers
Because we operate across multiple jurisdictions (United Kingdom, India, United States, Liberia, and Nigeria), your personal data may be transferred to, stored in, or accessed from countries outside the UK and European Economic Area. Some of these countries may not provide the same level of data protection as UK law.
When we transfer personal data internationally, we put appropriate safeguards in place, which may include:
- transfers to countries the UK government has determined provide an adequate level of protection;
- the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses; or
- other lawful transfer mechanisms recognised under UK GDPR.
You can request further details of the safeguards we use by contacting us.
6. Data retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting requirements.
In practice this means:
- Contact form submissions and enquiries: typically retained for up to 24 months following our last meaningful interaction, after which records are reviewed and deleted or anonymised unless an ongoing business relationship exists.
- Business contacts: retained for the duration of the relationship and for a reasonable period afterwards (generally up to 6 years) to support legitimate business interests and comply with legal obligations.
- Website analytics: retained in line with the retention settings of our analytics providers, generally no longer than 26 months in identifiable form.
7. Cookies and analytics
The Website uses cookies and similar tracking technologies to function correctly and to help us understand how visitors use the site.
We use Site Kit by Google, which integrates Google Analytics and may set associated cookies, to measure visitor numbers and behaviour in aggregate. Google may process this data on servers located outside the UK.
You can control cookies through your browser settings and, where presented, through our cookie consent banner. Disabling certain cookies may affect the functionality of the Website. For more detail on the specific cookies we use, please refer to our cookie banner or contact us.
8. Your rights
Under UK GDPR you have a number of rights in relation to your personal data. These include the right to:
- be informed about how your personal data is used;
- access the personal data we hold about you;
- request correction of inaccurate or incomplete data;
- request erasure of your personal data in certain circumstances;
- restrict or object to our processing of your personal data;
- request portability of data you have provided to us;
- withdraw consent at any time where we rely on consent to process your data; and
- not be subject to decisions based solely on automated processing that produce legal or similarly significant effects (we do not currently carry out such processing through this Website).
To exercise any of these rights, please contact us using the details below. We will respond within one calendar month, although in complex cases we may extend this period and will notify you if so.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you believe we have not handled your personal data lawfully. The ICO can be contacted at ico.org.uk or on 0303 123 1113. We would, however, appreciate the opportunity to address your concerns directly before you approach the ICO.
9. Security
We take the security of your personal data seriously and apply appropriate technical and organisational measures to protect it against unauthorised access, loss, alteration, or disclosure. These include encrypted data transmission, access controls, and regular review of our security practices.
While we work hard to protect your data, no method of transmission over the internet or electronic storage is fully secure, and we cannot guarantee absolute security.
10. Children’s privacy
The Website is intended for a business audience and is not directed at children. We do not knowingly collect personal data from anyone under the age of 16. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
11. Third-party links
The Website contains links to third-party websites, including those of our group companies and partners. This Privacy Policy does not apply to those websites, and we are not responsible for their privacy practices. We encourage you to read the privacy policies of any third-party sites you visit.
12. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. The updated version will be indicated by the “Last updated” date at the top of this page. We encourage you to review this policy periodically.
13. Contact us
If you have any questions about this Privacy Policy or wish to exercise any of your rights, please contact us at:
Pilani Group Limited Email: info@pilani.group
For data protection enquiries specifically, please mark your correspondence “FAO Data Protection”.