Data Protection & Privacy Policy - Last revised: 24 June, 2025

MGAP advisory is committed to protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act (2018). This policy outlines how we collect, use, and safeguard your information.

We may process the following data:
- Personal Identifiers (e.g., name, contact details)
- Professional Information (e.g., job title, company)
- Technical Data (e.g., IP address, cookies)

Your information is used for:
- Providing legal services and advice
- Complying with regulatory obligations
- Improving our website and services
- Marketing communications (where consent is given)

As Legal Basis for Processing we rely on:
- Contractual necessity (for client engagements)
- Legitimate interests (e.g., business development)
- Legal obligation (e.g., anti-money laundering checks)
- Consent (for marketing or sensitive data)

Data Sharing & International Transfers
We may share data with:
- Regulatory bodies (where legally required)
- Third-party service providers (under strict confidentiality)
- International parties (with appropriate safeguards, e.g., EU Standard Contractual Clauses)

Under UK GDPR, you have the right to:
- Access, correct, or request deletion of your data
- Restrict or object to processing
- Data portability (where applicable)
- Withdraw consent (if processing relies on it)

We retain personal data only as long as necessary for:
- The purposes it was collected
- Legal, accounting, or regulatory requirements

Policy Updates
This policy may be revised periodically. Last updated: [24/06/2025]