Privacy Policy

Last updated: 1st August 2024

Cyber Intelligence & Advisory LTD (“we,” “us,” or “our”), located at https://www.ciauk.ltd/, is committed to safeguarding your personal data and ensuring your privacy. This Privacy Policy outlines how we collect, use, and protect your personal data when you interact with us through our website, via email, or over the phone. We strive to be transparent about our data practices and your rights regarding your personal information.

1.   Data Controller

Cyber Intelligence & Advisory LTD (Company Registration Number: 15898804), located at 124 City Road, London, England, EC1V 2NX, is the Data Controller responsible for the processing of your personal data as outlined in this Privacy Policy. This means that we determine how your personal information is collected, used, and protected. If you have any questions about this Privacy Policy or our data processing practices, please contact us using the contact details provided below.

2.   Information We Collect

We collect personal information when you create an account on our website or contact us through our website’s contact form, via email, or by phone. The types of personal information we may collect include, but are not limited to:

  • Personal Identification Information: This includes your name, email address, and phone number. This information is essential for us to respond to your enquiries and provide the services or information you request. We also use this information to create your account.
  • Communication Data: Any messages or information you provide in your communications with us, whether through our contact form, emails, or phone calls. This may include the content of your messages, enquiries, feedback, or any other details you choose to share.
  • Technical Data: While we do not actively collect technical data from users, any communications may contain technical information such as your IP address, browser type, operating system, and device information if you contact us through electronic means. This data is generally collected automatically by our website hosting service and may be used to help us maintain the security and functionality of our website.
  • Usage Data: We may collect information about how you use our website, such as the pages you visit, the time and date of your visit, the duration of your visit, and other similar information. This information helps us understand how users interact with our website, allowing us to improve user experience and website functionality.
  • Transaction Data: When you engage in any purchases or transactions through our website, we collect details related to those transactions. This may include your payment information, billing address, delivery address, and any other relevant transaction details necessary to process your order and provide you with our services.
  • Feedback and Survey Data: If you choose to participate in any surveys or provide feedback regarding our services or website, we may collect additional personal information, including your opinions and preferences.

We ensure that all personal information collected is done so lawfully and transparently, in accordance with the UK General Data Protection Regulation (UK GDPR).

3.   How We Use Your Information

We use the personal information we collect from you for various purposes, including but not limited to:

  • Responding to Enquiries: The primary use of your information is to respond to your enquiries, questions, or comments. Whether you contact us via our website’s contact form, email, or phone, we will use your personal data to provide you with the information or assistance you require.
  • Creating Your Account: If you register for an account on our website, we will use your personal information to set up and manage your account, allowing you to access our services and features securely.
  • Providing Customer Support: Your information may be used to manage and provide customer support, ensuring that we address your concerns and enhance your experience with our services.
  • Improving Our Services: We may analyse the information we collect to better understand user needs and preferences. This helps us improve our website, services, and overall customer experience. We may also use feedback you provide to enhance our offerings and address any issues.
  • Marketing Communications: With your consent, we may use your information to send you promotional materials, newsletters, or other communications regarding our services. You have the right to opt out of receiving such communications at any time.
  • Compliance with Legal Obligations: We may process your personal data as required to comply with applicable laws, regulations, or legal requests, including responding to subpoenas or other legal processes.
  • Safety and Security: Your information may be used to detect, prevent, or address fraudulent or unlawful activities, and to ensure the security and integrity of our website and services.
  • Personalisation of User Experience: We may use your data to tailor the content and advertisements you see on our website, ensuring that they are relevant to you and your interests.
  • Transaction Processing: We use your transaction data to process payments, fulfil orders, and manage your purchases effectively. This includes sending you confirmations, updates, and notifications related to your transactions.
  • Account Management: We may use your information to maintain and manage your account, including providing you with access to account features, managing subscriptions, and processing account-related requests.

We ensure that any processing of your personal data is carried out in accordance with the principles of the UK GDPR, ensuring transparency, fairness, and accountability in how we handle your information. If we wish to use your personal information for a purpose that is not covered in this Privacy Policy, we will seek your explicit consent before doing so.

4.   Legal Basis for Processing Your Information

We rely on the following legal bases for processing your personal data in accordance with the UK General Data Protection Regulation (UK GDPR):

  • Consent: In cases where you provide us with your personal information voluntarily, such as when you create an account, contact us through our website's contact form, or subscribe to our newsletters, we will rely on your consent as the legal basis for processing your information. You have the right to withdraw your consent at any time, and we will ensure that the withdrawal process is straightforward.
  • Contractual Necessity: If you enter into a communication with us that relates to our services or any contractual arrangements, we may process your personal data as necessary to fulfil our obligations under that contract. This may include responding to enquiries, processing your orders, or providing requested information related to our consulting services.
  • Legitimate Interests: We may process your personal data based on our legitimate interests, provided that such interests do not override your rights and interests. For example, we may process your information to improve our website and services, respond to user enquiries, conduct analysis to enhance user experience, and ensure the security and integrity of our services. We ensure that we assess and balance our legitimate interests against your privacy rights before proceeding with such processing.
  • Legal Obligations: We may process your personal data when it is necessary for compliance with a legal obligation to which we are subject. This includes any requirements imposed by law or regulatory authorities, such as maintaining accurate records or responding to lawful requests for information.

In each instance, we ensure that we handle your personal data in a manner that is fair, transparent, and compliant with applicable data protection laws.

5.   Data Retention

We will retain your personal information only for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. Our data retention practices are guided by the following principles:

  • Purpose Limitation: We will retain your personal data only for as long as is necessary to fulfil the purposes we collected it for, which may include responding to your enquiries, providing customer support, processing transactions, and improving our services.
  • Legal Requirements: In some cases, we may be required to retain your personal information for a specified period to comply with applicable laws and regulations. For instance, this may include tax laws that require us to retain certain financial records for a number of years, as well as compliance with other legal obligations related to our consulting services.
  • Review Periods: We periodically review the personal data we hold to ensure that we do not keep it longer than necessary. When assessing retention periods, we consider the nature of the data, the potential risk of harm from unauthorised use or disclosure, and the purposes for which we process the data, ensuring a balanced approach to data retention.
  • Anonymisation: Where possible, we may anonymise your personal data so that it no longer directly identifies you. This anonymised data may be retained for analytical purposes without the limitations associated with personal data retention, enabling us to enhance our services based on aggregated data insights.
  • Data Disposal: Once the retention period has expired, or if you request deletion of your personal data in accordance with your rights under the UK GDPR, we will securely delete or destroy your personal information in a manner that ensures it cannot be reconstructed or retrieved, thereby protecting your privacy.

6.   Data Security

We take the security of your personal information seriously and have implemented appropriate technical and organisational measures to protect your data from unauthorised access, loss, misuse, or alteration. However, please note that no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee its absolute security.

7.   Sharing Your Information

We are committed to protecting your personal information and will only share your data in specific circumstances as outlined below:

  • Service Providers: We may engage third-party service providers to assist us in operating our website and conducting our business. These service providers may have access to your personal information in order to perform tasks on our behalf, such as hosting our website, managing communications, processing transactions, and providing customer support. We ensure that these service providers are bound by contractual obligations to protect your personal data and to process it only in accordance with our instructions.
  • Legal Compliance: We may share your personal information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency). This may include situations where we believe that disclosure is necessary to comply with legal obligations, protect our rights, the safety of our users, or the safety of others, investigate fraud, or respond to a government request.
  • Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal information may be transferred as part of that business transaction. We will notify you of any such change in ownership or use of your personal information, as well as any choices you may have regarding your personal data.
  • Consent: We may share your personal information with third parties if we have your explicit consent to do so. For example, if you agree to receive marketing communications from our partners or affiliates, we will share your information with them as per your request.
  • Aggregated Data: We may share aggregated or anonymised data with third parties for research, marketing, or analytical purposes. This data does not identify individual users and is not considered personal information under the UK GDPR.
  • Protection of Rights: We may share your personal information where we believe it is necessary to protect our rights, privacy, safety, or property, or that of others, or to investigate fraud or respond to a government request.

We will not sell, trade, or otherwise transfer your personal information to third parties for marketing purposes without your explicit consent. We ensure that any third parties with whom we share your personal information are compliant with applicable data protection laws and maintain appropriate safeguards to protect your data.

8.   Your Rights

Under the UK General Data Protection Regulation (UK GDPR), you have certain rights regarding your personal data. These rights allow you to have control over how your information is used and processed. Below are the rights you have:

  • Right to Access: You have the right to request copies of your personal data that we hold about you. This allows you to understand what information we have and how we use it. We may charge a small fee for this service, but we will notify you beforehand.
  • Right to Rectification: If you believe that any personal information we hold about you is inaccurate or incomplete, you have the right to request that we correct it. We will respond to your request within a reasonable timeframe and take steps to rectify any inaccuracies.
  • Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which we collected it, or if you withdraw your consent on which the processing is based. There are certain exceptions to this right, such as when we need to retain your data to comply with legal obligations or for legitimate business purposes related to our consulting services.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions. For example, you may request a restriction if you contest the accuracy of the data or if you believe that the processing is unlawful.
  • Right to Data Portability: You have the right to request the transfer of your personal data to another data controller in a structured, commonly used, and machine-readable format. This right only applies when the processing is based on consent or is necessary for the performance of a contract.
  • Right to Object: You have the right to object to our processing of your personal data under certain conditions. This includes situations where we process your data for direct marketing purposes or for our legitimate interests, and you believe your rights and interests outweigh those interests.
  • Right to Withdraw Consent: Where we are processing your personal data based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please contact us using the contact details provided in this Privacy Policy. We will respond to your request within one month. If we require additional time, we will inform you of the reasons for the delay.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

9.   Additional State-Specific Privacy Disclosures for US Residents

This additional privacy disclosure ("Disclosure") supplements the Cyber Intelligence & Advisory Ltd Privacy Policy. The Cyber Intelligence & Advisory Ltd Privacy Policy describes the personal information we collect, the sources from which we collect it, the purposes for which we use it, the limited circumstances under which we share personal information, and with whom we share it.

Categories of Personal Information Collected

The personal information that Cyber Intelligence & Advisory Ltd collects, or has collected from users in the twelve months prior to the effective date of this Disclosure, falls into the following categories:

  • Identifiers: Name, alias, postal address, email address, phone number.
  • Internet or Other Electronic Network Activity: Information on your interaction with our websites, applications, or advertisements.
  • Communication Data: Any messages or information you provide in your communications with us, whether through our contact form, emails, or phone calls. This may include the content of your messages, enquiries, feedback, or any other details you choose to share.
  • Technical Data: Any communications may contain technical information such as your IP address, browser type, operating system, and device information if you contact us through electronic means. This data is generally collected automatically by our website hosting service and may be used to help us maintain the security and functionality of our website.
  • Transaction Data: When you engage in any purchases or transactions through our website, we collect details related to those transactions. This may include your payment information, billing address, delivery address, and any other relevant transaction details necessary to process your order and provide you with our services.
  • Usage Data: We may collect information about how you use our website, such as the pages you visit, the time and date of your visit, the duration of your visit, and other similar information. This information helps us understand how users interact with our website, allowing us to improve user experience and website functionality.
  • Feedback and Survey Data: If you choose to participate in any surveys or provide feedback regarding our services or website, we may collect additional personal information, including your opinions and preferences.

Categories of Personal Information Disclosed for a Business Purpose

In the twelve months prior to the effective date of this Disclosure, Cyber Intelligence & Advisory Ltd has disclosed the following categories of personal information to third parties for a business purpose, depending on the services used:

  • Identifiers
  • Commercial Information
  • Internet or Other Electronic Network Activity

This disclosure is consistent with the information shared with our service providers for operational purposes.

Categories of Personal Information Sold

In the twelve months prior to the effective date of this Disclosure, Cyber Intelligence & Advisory Ltd has not sold any personal information of users.

Your Rights Under US Privacy Laws

If you are a resident of California, Colorado, Connecticut, Utah, or Virginia, you may have the following rights regarding your personal information:

  • Right to Access: You have the right to request details about the personal information we have collected about you in the past twelve months. This includes information on how your data is used, shared, and stored.

  • Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format, allowing you to transfer your data easily.

  • Right to Delete: You have the right to request the deletion of your personal information. We will delete your data unless there are exceptions, such as compliance with legal obligations or fulfilling contractual requirements.

  • Right to Correct: You have the right to request the correction of any inaccurate or incomplete personal information that we hold about you. We will respond to your request within the applicable legal timeframe.

  • Right to Opt-Out of the Sale of Personal Information: Under the CCPA, you have the right to request that we do not sell your personal information. We want to clarify that Cyber Intelligence & Advisory Ltd does not sell personal information.

  • Right to Limit Use of Sensitive Personal Information: If applicable, you have the right to limit the use or disclosure of your sensitive personal information, including data related to race, ethnicity, health, or financial status.

  • Right to Non-Discrimination: You have the right to exercise your privacy rights without facing discrimination. This means you should not receive a different level or quality of services based on your exercise of these rights.

How to Exercise Your Rights

To exercise any of these rights, or to ask questions about this Disclosure, you can contact us at:

  • Email: [email protected]
  • Phone: +44 (0)20 3026 4626
  • Postal Address: 124 City Road, London, EC1V 2NX

To ensure the security of your personal information, we will verify your identity before processing your request. The verification process may require you to provide additional information, such as your email address, phone number, or other identifying details.

We will respond to your request within the timeframes required by applicable law.

Authorised Agents

You may designate an authorised agent to make a request on your behalf. The authorised agent must provide proof that they have been authorised by you to make requests on your behalf. We may deny a request from an authorised agent if they do not submit proof that they have been authorised by you to act on your behalf.

Do Not Track Signals

Some web browsers may transmit "Do Not Track" signals to websites. Given the lack of industry consensus on how companies should respond to these signals, Cyber Intelligence & Advisory Ltd currently does not take action in response to these signals.

10.  Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any changes will be posted on this page with an updated effective date. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

CYBER INTELLIGENCE & ADVISORY LTD
124 City Road, London, England, EC1V 2NX
Email: [email protected]
Phone: +44 (0)20 3026 4626