Privacy Policy

Last updated: 17 December 2025

Secure Cyber Care Ltd is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or engage with our services.

We operate in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and guidance issued by the Information Commissioner’s Office (ICO).

1. Data Controller Information

Company name: Secure Cyber Care Ltd
Registered in: England and Wales
Registered office: 71-75 Shelton Street Covent WC2H 9JQ
Email: info@securecybercare.net

Secure Cyber Care Ltd acts as the Data Controller for all personal data processed through this website and in the course of delivering our services, unless otherwise stated in a contractual agreement.

2. Scope of This Policy

This Privacy Policy applies to:

  • Visitors to our website
  • Individuals who contact us via email, forms, or phone
  • Prospective and existing clients
  • Business contacts and partners

It does not apply to data processed entirely on behalf of clients where Secure Cyber Care acts as a Data Processor (e.g. during consultancy engagements). In such cases, processing is governed by a Data Processing Agreement (DPA).

3. Categories of Personal Data We Collect

3.1 Personal Data You Provide Directly

We may collect:

  • Full name
  • Business email address
  • Telephone number
  • Company name and role
  • Enquiry details and correspondence
  • Contractual and billing information
  • Information shared during assessments, consultations, or service delivery

3.2 Technical & Usage Data (Automatically Collected)

When you access our website, we may collect:

  • IP address
  • Browser type and version
  • Device and operating system
  • Pages visited, time spent, navigation paths
  • Referrer URLs

This data is collected using cookies, logs, and analytics tools and does not normally identify you directly.

4. Special Category Data

We do not intentionally collect special category personal data (such as health data, religious beliefs, or political opinions).

If such data is provided unintentionally (e.g. within free-text enquiries), it will be processed only where strictly necessary and deleted as soon as reasonably possible.

5. Purposes for Processing Personal Data

We process personal data for the following purposes:

  • Responding to enquiries and requests
  • Providing cybersecurity consultancy and advisory services
  • Client onboarding and account management
  • Contractual performance and service delivery
  • Invoicing, payment processing, and accounting
  • Business communications
  • Website security, analytics, and performance improvement
  • Legal, regulatory, and compliance obligations
  • Protecting our business, systems, and clients from cyber threats

6. Lawful Basis for Processing

Under UK GDPR Article 6, we rely on the following lawful bases:

PurposeLawful Basis
Responding to enquiriesLegitimate interests
Delivering servicesPerformance of a contract
Invoicing & accountingLegal obligation
Website analyticsLegitimate interests
Marketing communications (where applicable)Consent
Security & fraud preventionLegitimate interests

Where consent is required, it may be withdrawn at any time.

7. Data Sharing & Disclosure

We may share personal data with trusted third parties, including:

  • Cloud service providers (e.g. Microsoft 365)
  • Secure hosting and email providers
  • Accounting, invoicing, and payment providers
  • Legal, regulatory, or law-enforcement authorities (where legally required)

All third parties are subject to contractual confidentiality and data protection obligations.

We do not sell or trade personal data.

8. Data Processing on Behalf of Clients

When acting as a Data Processor, Secure Cyber Care:

  • Processes data only on documented client instructions
  • Implements appropriate technical and organisational controls
  • Supports client GDPR obligations (e.g. breach notification, DSARs)
  • Ensures confidentiality and secure handling

Processor activities are governed by a Data Processing Agreement (DPA).

9. International Transfers

Where personal data is transferred outside the UK:

  • We ensure adequacy regulations apply, or
  • Use approved safeguards such as standard contractual clauses

All transfers are conducted securely and lawfully.

10. Information Security Measures

We implement robust security measures aligned with industry best practice, including:

  • Secure cloud infrastructure
  • Encryption of data in transit and at rest (where applicable)
  • Multi-factor authentication
  • Role-based access controls
  • Secure device management
  • Regular security reviews

As a cybersecurity consultancy, protecting confidentiality, integrity, and availability of data is a core operational principle.

11. Data Retention

We retain personal data only for as long as necessary:

  • Client data: duration of contract + statutory retention
  • Enquiry data: typically up to 12 months
  • Financial records: in line with UK legal requirements
  • Website analytics: anonymised or aggregated where possible

Data is securely deleted or anonymised when no longer required.

12. Your Data Protection Rights

You have the right to:

  • Access your personal data
  • Rectify inaccurate or incomplete data
  • Request erasure
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time

Requests can be made by contacting privacy@securecybercare.net.
We aim to respond within one calendar month.

13. Cookies & Tracking Technologies

We use cookies to:

  • Ensure website functionality
  • Improve performance and user experience
  • Monitor security and usage trends

You can manage cookies via your browser settings.
For more information, see our Cookie Policy [link].

14. Third-Party Websites

Our website may contain links to third-party sites. We are not responsible for their privacy practices or content.

15. Changes to This Privacy Policy

We may update this policy periodically. The latest version will always be available on our website with the updated revision date.

16. Complaints & Supervisory Authority

If you have concerns about how we handle personal data, please contact us first.

You also have the right to lodge a complaint with:

Information Commissioner’s Office (ICO)
🌐 https://www.ico.org.uk

Scroll to Top