Skip to content
Tifalon
Green Hydrogen for Future Energy Solutions
Privacy, cookies, and your rights

Privacy Policy

This Privacy Policy explains how Tifalon collects, uses, shares, and protects personal data when you visit our website, contact us about green hydrogen projects, or request information. We aim to be specific about the data we handle and the choices you have.

Last Updated: January 15, 2026

Privacy questions? Contact us

1. Data controller (who we are)

For the purposes of data protection law, the data controller is Tifalon Ltd. We determine how and why personal data is processed in connection with this website and our related communications.

Registered address

10 Finsbury Square, London, EC2A 1AF, United Kingdom

Privacy contact

[email protected]

If you have questions about this policy, your rights, or how we handle personal data in a project inquiry, you can contact us using the details above or via our Contact page.

2. Personal data we collect

We collect personal data that you provide directly, and some data that is collected automatically when you use our website. We do not intentionally seek sensitive categories of data. Please do not include special category data (such as health information) in messages to us unless it is strictly necessary and you have a lawful basis to share it.

Data you provide

  • Full name (for example, when you send an inquiry)
  • Email address (to reply to you and keep correspondence)
  • Phone number (if you choose to provide it for call-back)
  • Message content (project notes, site constraints, and questions you submit)
  • Business context you share voluntarily (company name, role, project location, timeline)

Data collected automatically

  • IP address and approximate location derived from it (city/region level)
  • Device and browser information (type, version, operating system, language)
  • Usage data (pages viewed, clicks, time on page, referring page)
  • Cookies and similar identifiers (see the Cookies section)
  • Server logs (request timestamps, requested URLs, user agent)

If you contact us, we generally do not require more data than needed to respond. Where a form field is optional, you can leave it blank. If you prefer not to use forms, you can email us directly at [email protected].

3. How we collect personal data

We collect personal data using the methods below. Some are initiated by you (such as sending a message), while others occur automatically as part of delivering a secure website experience.

Web forms and direct communications

When you use our contact forms or email us, we receive the details you submit and may store them in our email system and internal records so we can respond, maintain continuity, and understand the context of your request. If you request a call, we may use your phone number to schedule and conduct that call.

Cookies and similar technologies

Our site uses cookies for essential functions and, if you consent, analytics. We present a cookie banner so you can accept or reject analytics cookies. You can also control cookies through your browser settings. More detail is provided in the Cookies section below.

Analytics tools

If you accept analytics cookies, we may measure how visitors use our pages to improve navigation, content clarity, and performance. We are compatible with Google Analytics 4 (GA4) and Meta Pixel in the sense that we may deploy them in campaigns, but we do not run them without consent for analytics or marketing cookies where required. If you reject cookies, we will not set non-essential analytics cookies through our banner logic.

Server logs and security monitoring

Like most websites, our hosting environment may log requests to help maintain reliability and defend against abuse. These logs can include IP addresses, request dates and times, and user agent strings. We use this information to maintain security, diagnose issues, and prevent fraudulent or malicious activity.

5. Purposes of processing (why we use personal data)

We use personal data for the purposes below. We limit use to what is relevant for a green hydrogen project inquiry and for operating a secure, well functioning website.

Service delivery and communication

  • Responding to inquiries and questions
  • Scheduling and conducting calls or meetings when requested
  • Providing requested materials and clarifying project constraints
  • Keeping a record of discussions to avoid repeated questions and to maintain continuity

Website operations and improvement

  • Maintaining site performance, accessibility, and security
  • Diagnosing errors and preventing abuse
  • Understanding which content is most useful (analytics, if you consent)
  • Improving navigation and clarity based on aggregated usage trends

Marketing communications (consent-based)

If we offer newsletters or updates in the future, we will only send marketing emails if you have opted in. Where an email includes marketing content, it will include an unsubscribe method. We do not use sensitive data for marketing and we do not sell marketing lists.

Fraud prevention and legal compliance

We may process limited personal data to protect the site and our communications from fraud, spam, or misuse, and to comply with legal requirements. This can include filtering automated submissions, monitoring unusual traffic patterns, and retaining certain records where required by law.

6. Retention periods (how long we keep data)

We keep personal data only for as long as needed for the purpose it was collected, then delete or anonymise it. Retention can be influenced by legal obligations, dispute resolution needs, and practical continuity for ongoing inquiries. The periods below are typical and may be adjusted where necessary and proportionate.

Typical retention schedule

  • Form submissions and inquiry emails: 2 years from last interaction.
  • Analytics data (if consented): 14 months (typical GA4 retention setting).
  • Cookie consent choice: stored in your browser local storage until you clear it.
  • Security logs: typically 90 days, unless needed longer for investigation.
  • Email list (if you opt in): until you unsubscribe, then deleted within 30 days.

Deletion and data minimisation

If you ask us to delete your data, we will respond in line with applicable law. In some cases we may need to retain limited information to demonstrate compliance or to handle legal claims. Where possible we will restrict processing rather than keep full records, and we will not use retained data for marketing.

You can request deletion by emailing [email protected] with sufficient detail to locate your records (for example, the email address you used to contact us).

7. Data sharing (processors and third parties)

We may share personal data with service providers that help us operate the website and manage communications. These providers act as processors on our behalf and are expected to process personal data only under our instructions and with appropriate security measures. We do not sell personal data.

Categories of recipients

  • Hosting and infrastructure providers (website delivery and security)
  • Email service providers (to send and receive communications)
  • Analytics providers (only if you consent to analytics cookies)
  • Professional advisors (legal or accounting) where necessary and confidential

Sharing for legal reasons

We may disclose personal data if required to do so by law or if we reasonably believe disclosure is necessary to comply with a legal obligation, protect our rights, investigate suspected wrongdoing, or protect the safety of users and the public. Where appropriate, we will limit the scope of disclosure.

If we introduce additional providers (for example, a dedicated CRM for handling project inquiries), we will update this policy and ensure suitable agreements are in place to protect your data.

8. International data transfers

Tifalon is based in the United Kingdom. Some of our service providers may process personal data outside the UK or European Economic Area. When personal data is transferred internationally, we take steps designed to ensure it receives an essentially equivalent level of protection.

Where transfers occur from the UK or EEA to countries that are not covered by an adequacy regulation/decision, we typically rely on appropriate safeguards such as the UK International Data Transfer Agreement (IDTA) and/or the European Commission’s Standard Contractual Clauses (SCCs), together with supplementary measures where needed. The specific mechanism depends on the provider and data flow.

If you would like more information about international transfers relevant to your interactions with us, contact [email protected].

9. Your rights under data protection law

If you are located in the UK or EEA, you have rights in relation to your personal data. Some rights are not absolute and may depend on the legal basis used for processing. We will respond to requests without undue delay and typically within one month.

Core rights

  • Access: request a copy of your personal data and information about how we use it.
  • Rectification: ask us to correct inaccurate or incomplete data.
  • Erasure: ask us to delete your data in certain circumstances.
  • Restriction: ask us to limit processing while a concern is investigated.
  • Portability: receive certain data in a structured, machine-readable format.
  • Objection: object to processing based on legitimate interests.
  • Withdraw consent: where we rely on consent (for example, analytics cookies).

How to exercise your rights

Email [email protected] with your request. Please include the email address you used with us and a clear description of what you want to do. We may ask for reasonable verification to ensure we are responding to the correct person.

If you want to opt out of analytics cookies after accepting them, you can clear your stored cookie consent in your browser settings (local storage) and reload the page, then choose “Reject” in the banner.

Right to complain to a supervisory authority

If you believe our processing of your personal data infringes data protection law, you have the right to lodge a complaint with the UK supervisory authority:

Information Commissioner’s Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom

We encourage you to contact us first so we can try to address your concerns promptly and transparently.

10. Cookie policy

Cookies are small text files stored on your device. They help websites function and can support analytics and marketing. We use a cookie banner to provide choice about non-essential cookies. You can also manage cookies through your browser settings.

Cookie categories we use

Strictly necessary

These support core functionality such as remembering choices needed to run the site properly and protecting against basic security risks. Without these, the site may not work as expected.

Typical duration: session to 12 months, depending on the specific cookie.

Analytics (optional)

If you accept, analytics cookies help us understand traffic and content engagement. This data is used to improve page structure, accessibility, and relevance for visitors researching green hydrogen solutions.

Typical duration: up to 14 months for associated analytics identifiers and event data, depending on provider settings.

Marketing (optional)

If used, marketing cookies can support measurement for advertising platforms (for example, Meta) by helping attribute visits to campaigns. If we deploy marketing cookies, we will do so on a consent basis where required and will describe the impact in this policy.

Typical duration: up to 3 months to 24 months depending on the vendor cookie.

How to manage cookies

You can accept or reject analytics cookies using the cookie banner. If you have already made a choice and want to change it, you can clear site data in your browser (including local storage) and refresh the page to see the banner again.

You can also disable cookies through your browser settings. If you block all cookies, some site features may not work correctly.

Our cookie banner text: “We use cookies to improve your experience and for analytics. Read our Privacy Policy.” This message appears in the bottom-right corner and does not block access to the main content.

11. Children’s privacy

Our website and services are not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided personal data to us, contact [email protected] and we will take steps to delete the information where appropriate.

12. Changes to this Privacy Policy

We may update this policy to reflect changes in our practices, legal requirements, or the tools we use. When we make a material change, we will take reasonable steps to notify users, such as posting a prominent notice on this page and, where appropriate, providing notice by email if we have an ongoing relationship and you have provided an email address for that purpose.

The “Last Updated” date at the top of this page indicates when the latest version took effect. If you continue using the site after an update is posted, we will treat that as acknowledgement of the updated policy, subject to any cookie-consent requirements for non-essential cookies.

13. Contact details and data protection contact

We do not currently appoint a formal Data Protection Officer (DPO) because our activities typically do not require one. However, we maintain a dedicated privacy contact for handling requests, questions, and concerns.

Email

[email protected]

Use this address for access requests, deletion requests, cookie questions, and general privacy inquiries.

Mailing address

Tifalon Ltd, 10 Finsbury Square, London, EC2A 1AF, United Kingdom

If you send a request by post, include your preferred reply email address so we can respond efficiently.

Related pages

For additional legal information, read our Terms of Service. If you want to understand what we do and how we support green hydrogen projects, visit About and Solutions.

Data deletion request

If you want us to delete personal data associated with an inquiry, use the form below. We will use your details only to locate the record and respond. For security, we may ask for confirmation from the email address used in the original correspondence.

By submitting this form, you agree to our Privacy Policy.

Alternative: email [email protected].