Last updated: 17 December 2025
Secure Cyber Care Ltd is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or engage with our services.
We operate in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and guidance issued by the Information Commissioner’s Office (ICO).
1. Data Controller Information
Company name: Secure Cyber Care Ltd
Registered in: England and Wales
Registered office: 71-75 Shelton Street Covent WC2H 9JQ
Email: info@securecybercare.net
Secure Cyber Care Ltd acts as the Data Controller for all personal data processed through this website and in the course of delivering our services, unless otherwise stated in a contractual agreement.
2. Scope of This Policy
This Privacy Policy applies to:
- Visitors to our website
- Individuals who contact us via email, forms, or phone
- Prospective and existing clients
- Business contacts and partners
It does not apply to data processed entirely on behalf of clients where Secure Cyber Care acts as a Data Processor (e.g. during consultancy engagements). In such cases, processing is governed by a Data Processing Agreement (DPA).
3. Categories of Personal Data We Collect
3.1 Personal Data You Provide Directly
We may collect:
- Full name
- Business email address
- Telephone number
- Company name and role
- Enquiry details and correspondence
- Contractual and billing information
- Information shared during assessments, consultations, or service delivery
3.2 Technical & Usage Data (Automatically Collected)
When you access our website, we may collect:
- IP address
- Browser type and version
- Device and operating system
- Pages visited, time spent, navigation paths
- Referrer URLs
This data is collected using cookies, logs, and analytics tools and does not normally identify you directly.
4. Special Category Data
We do not intentionally collect special category personal data (such as health data, religious beliefs, or political opinions).
If such data is provided unintentionally (e.g. within free-text enquiries), it will be processed only where strictly necessary and deleted as soon as reasonably possible.
5. Purposes for Processing Personal Data
We process personal data for the following purposes:
- Responding to enquiries and requests
- Providing cybersecurity consultancy and advisory services
- Client onboarding and account management
- Contractual performance and service delivery
- Invoicing, payment processing, and accounting
- Business communications
- Website security, analytics, and performance improvement
- Legal, regulatory, and compliance obligations
- Protecting our business, systems, and clients from cyber threats
6. Lawful Basis for Processing
Under UK GDPR Article 6, we rely on the following lawful bases:
| Purpose | Lawful Basis |
|---|---|
| Responding to enquiries | Legitimate interests |
| Delivering services | Performance of a contract |
| Invoicing & accounting | Legal obligation |
| Website analytics | Legitimate interests |
| Marketing communications (where applicable) | Consent |
| Security & fraud prevention | Legitimate interests |
Where consent is required, it may be withdrawn at any time.
7. Data Sharing & Disclosure
We may share personal data with trusted third parties, including:
- Cloud service providers (e.g. Microsoft 365)
- Secure hosting and email providers
- Accounting, invoicing, and payment providers
- Legal, regulatory, or law-enforcement authorities (where legally required)
All third parties are subject to contractual confidentiality and data protection obligations.
We do not sell or trade personal data.
8. Data Processing on Behalf of Clients
When acting as a Data Processor, Secure Cyber Care:
- Processes data only on documented client instructions
- Implements appropriate technical and organisational controls
- Supports client GDPR obligations (e.g. breach notification, DSARs)
- Ensures confidentiality and secure handling
Processor activities are governed by a Data Processing Agreement (DPA).
9. International Transfers
Where personal data is transferred outside the UK:
- We ensure adequacy regulations apply, or
- Use approved safeguards such as standard contractual clauses
All transfers are conducted securely and lawfully.
10. Information Security Measures
We implement robust security measures aligned with industry best practice, including:
- Secure cloud infrastructure
- Encryption of data in transit and at rest (where applicable)
- Multi-factor authentication
- Role-based access controls
- Secure device management
- Regular security reviews
As a cybersecurity consultancy, protecting confidentiality, integrity, and availability of data is a core operational principle.
11. Data Retention
We retain personal data only for as long as necessary:
- Client data: duration of contract + statutory retention
- Enquiry data: typically up to 12 months
- Financial records: in line with UK legal requirements
- Website analytics: anonymised or aggregated where possible
Data is securely deleted or anonymised when no longer required.
12. Your Data Protection Rights
You have the right to:
- Access your personal data
- Rectify inaccurate or incomplete data
- Request erasure
- Restrict processing
- Object to processing
- Data portability
- Withdraw consent at any time
Requests can be made by contacting privacy@securecybercare.net.
We aim to respond within one calendar month.
13. Cookies & Tracking Technologies
We use cookies to:
- Ensure website functionality
- Improve performance and user experience
- Monitor security and usage trends
You can manage cookies via your browser settings.
For more information, see our Cookie Policy [link].
14. Third-Party Websites
Our website may contain links to third-party sites. We are not responsible for their privacy practices or content.
15. Changes to This Privacy Policy
We may update this policy periodically. The latest version will always be available on our website with the updated revision date.
16. Complaints & Supervisory Authority
If you have concerns about how we handle personal data, please contact us first.
You also have the right to lodge a complaint with:
Information Commissioner’s Office (ICO)
🌐 https://www.ico.org.uk