EPOS NI and Brisk Technology are trading names of Enhuk Limited, a company registered in Northern Ireland (company number NI646709) with its registered office at Unit 1 Block A, Scrabo Business Park, Jubilee Road, Newtownards, Co. Down, N. Ireland, BT23 4ZP (“we”, “us”, “Enhuk”). Our VAT number is GB 305142450.
Enhuk Limited is the data controller of the personal data described in this policy. If you have any questions about this policy or how we handle your data, contact us at admin@wearebrisk.com or by post to the registered office above.
This policy applies to personal data we collect through our websites — including eposni.com (EPOS NI) and wearebrisk.com (Brisk Technology) — and by email, by telephone and in the course of providing our products and services. It should be read alongside our Cookie Policy and our Terms and Conditions.
Last updated: 14 June 2026
1. The information we collect
Enquiries. When you contact us through a form on our websites, by email or by telephone, we collect the details you provide — typically your name, email address, telephone number, company name and the content of your enquiry.
Customer and account records. When you become a customer, we collect the information needed to supply and support our products and services — your name and business contact details, billing address, a record of the systems, hardware, software and services we supply to you, your orders, invoices and payment history, and your support history.
Payments. Payment is processed by third-party providers (such as GoCardless, Stripe and PayPal); we do not store your full card details on our systems.
Support and correspondence. We keep records of support tickets, emails, calls and other communications with you so that we can manage our relationship, resolve issues and maintain an accurate service history.
Website usage. We collect limited information about how visitors use our websites through cookies and similar technologies, as described in our Cookie Policy. Analytics and other non-essential cookies are only set with your consent.
We do not knowingly collect personal data from children, and our products and services are directed at businesses.
2. How we use your information and our lawful bases
- To respond to enquiries and supply our products and services — necessary for the performance of a contract with you, or to take steps at your request before entering into one.
- To administer accounts, billing and payments, and to recover debts — necessary for the performance of a contract and for our legitimate interests in running our business.
- To provide support and maintenance for the systems, hardware and services we supply — necessary for the performance of a contract with you.
- To meet our legal obligations — for example retaining accounting records for the periods required by law.
- To send service communications — such as renewal reminders, maintenance and support notices, security notifications and changes to our terms — for our legitimate interests in providing the services and keeping customers informed, and in some cases to perform our contract with you.
- To send marketing about our own products and services — only where you have consented, or where permitted as an existing customer in relation to similar products and services (with the option to opt out in every message). You can unsubscribe at any time.
- To analyse and improve our websites — with your consent, via analytics cookies.
We do not sell personal data, and we do not use your information to serve third-party advertising.
3. Who we share information with
We share personal data only as needed to run our business and provide our products and services, with:
- Payment providers, to process payments;
- IT, hosting and infrastructure providers that support our systems and the services we deliver, including our web and hosting providers;
- Software, subscription and hardware vendors and their distributors, where we supply or administer products, licences or subscriptions (such as Microsoft or Google services) on your behalf;
- Manufacturers and suppliers of EPOS, networking, security and other equipment, where necessary to fulfil an order or a warranty claim;
- Professional advisers (such as accountants, insurers and legal advisers) where necessary;
- Authorities or regulators, where we are required to do so by law or court order.
Each of these providers processes data under its own contractual and legal obligations. We do not share your personal data with third parties for their own marketing purposes.
4. International transfers
Some of our providers may process data outside the United Kingdom. Where that happens, we ensure appropriate safeguards are in place as required by UK data protection law, such as UK adequacy regulations or approved contractual protections.
5. How long we keep your information
We keep personal data only as long as necessary for the purposes described above: enquiry data for a reasonable period after the enquiry concludes; customer and service records for the duration of the relationship and a reasonable period afterwards to deal with any follow-up matters; and financial records for the periods required by tax and company law (generally six years). When data is no longer needed, we delete or anonymise it.
6. How we protect your information
We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss or misuse, including access controls, encrypted connections (SSL/TLS) across our websites, and secure infrastructure, and we review these measures regularly. No transmission over the internet can be guaranteed completely secure, but we take the protection of your data seriously.
7. Your rights
Under UK data protection law (the UK GDPR and the Data Protection Act 2018), you have the right to:
- request access to the personal data we hold about you;
- request correction of inaccurate or incomplete data;
- request erasure of your data in certain circumstances;
- object to, or request restriction of, certain processing;
- receive certain data in a portable format;
- withdraw consent at any time, where processing is based on consent.
Exercising these rights is free of charge. To make a request, contact us at admin@wearebrisk.com. We will respond within one month. If you are unhappy with how we have handled your data, you can complain to the Information Commissioner’s Office (ico.org.uk), although we would welcome the chance to resolve your concern first.
8. Data we process on behalf of our customers
Where we host or manage websites, email or systems for our customers, or where we supply, install or support EPOS, CCTV, networking or other systems, those systems may contain or capture personal data belonging to our customers’ own customers, staff and contacts. In those cases, our customer is the data controller and we act as a data processor under the data protection provisions of our Terms and Conditions. In particular, where we supply or install CCTV or other monitoring systems, the customer is and remains the controller of any personal data captured by those systems. If your data appears on or is captured by a system we provide for someone else, please direct any privacy questions or requests to the operator of that system in the first instance.
9. Third-party websites
Our websites contain links to websites we do not operate. This policy does not apply to those websites, and we are not responsible for their privacy practices.
10. Changes to this policy
We may update this policy from time to time. The current version will always be available on this page, and material changes will be highlighted by a notice on our website.
