Arrange a call

Privacy policy

Last updated: 2nd February 2025

Who are we:

Cyber21 Limited, a UK registered company.

Scope of the policy:

The scope of this privacy policy is the use of the website and excludes our incident management portal or other processing of personal data.

The Policy

Use of Cookies

The use of Cookies is important for some of the key features of this website.  As per data protection requirements, a user may opt out of providing us with information but be advised that some of the functionality of this website may not function as you may otherwise expect.

We collect information and store them as Cookies mainly for providing analytics in relation to the usage of the website.  We may also store Cookies to enable functionality that supports a more seamless experience for our users when completing contact forms.

Please contact our DPO if you need more information and we will provide our Cookie Report upon request.

Contact:

data-protection@cyber21.co.uk

 

What data do we collect?

This website collects minimal data. The purpose of this website is to provide an overview of our services to our potential and existing clients. That said, we want people to make contact with us through the use of this website. In doing so, we will ask you to give us your personal data. Typically, this data will be restricted to contact information such as:

  • Name
  • Address
  • Email Address
  • Phone Number

We may ask for additional information such as why you are contacting us, this information may be about you as an individual therefore can be classified as personal data.

 

Who do we share your data with?

We may share your personal data with our business partners such as:

  • Processors of personal data including but not limited to:
    • IT providers of cloud based solutions which are used to operate our business processes e.g.
      • Customer Relationship Management solutions
      • Collaboration solutions such as Microsoft products and services (e.g. for email, team based collaboration and documentation management)
    • Financial companies such as Banks for the purpose of paying invoices or processing of our accounts e.g.
      • Online banking providers
      • Account software providers
    • Accountancy partners for management of company accounts
    • Third party solution and services providers, for the purposes of providing contracted services

 

Note – the legal basis for such processing will fall under the categories of:

  1. Contract necessity – where a verbal or written contract exists between the parties
  2. Consent – where the data subject has either implied their consent or specifically and explicitly consented to the processing
  3. Legitimate interest – where the processing is being undertaken for the purpose of legitimate business reasons

 

How long we retain your data?

The retention of data aligns to our Data Retention Policy.

Note – data is only retained for a proportional and legitimate period of time. For example, we may have to adhere to legal obligations to retain data such as is the case for accounting and tax related purpose.

Our retention is reviewed on a frequent basis and where data can be deleted, it is deleted promptly and permanently.

 

What rights you have over your data?

We adhere to the rights and freedoms of data subjects as per the requirements of the Data Protection Act 2018 (also known as UK GDPR).

Typically these include:

  • The right to know what data we have about you
  • The right to have access to the data that we have about you
  • The right to have your data removed from our data repositories
  • The right to amend your data if this is considered to be inaccurate
  • The right to provide your data (data portability) to other providers of services (in certain circumstances)

 

You may contact us with your request in relation to any of the above rights. Note – Our Data Subject Access Policy will be applied (available upon request) and we will be required to:

  • Confirm your identity in circumstances where you are not known to us and we need to confirm you are who you say you are
  • Confirm your method of receipt of the data
  • Confirm your residential address (if data is to be received via post)

 

Contact our Data Protection Officer (DPO) at data-protection@cyber21.co.uk.

 

Where is your data transferred?

Data is normally retained in the United Kingdom or within the European Economic Area (EEA). On occasions, your data may be transferred to countries that may not be covered under the adequacy rules of the Data Protection Act 2018 or the EU GDPR. Typically, this may be the case with some cloud solution providers. If this is the case, we will review that transfer, complete any necessary legally required risk assessments and ensure that adequate safeguards are in place as per the requirements of the data protection legislation.

Arrange a call

Arrange a call

Please provide brief details and the best time to call you back.

Best time to call