1. About This Policy
Amendments and updates to this policy may be made from time-to-time. Any revisions will be posted on this page, so you will always be aware of what information we collect and how we use that information. Please review this page regularly so that you are aware of any changes.
2. About Us
Alt-Secure Cyber Solutions Limited is a B2B provider of cyber security products and services. We are registered in England and Wales as a private limited company under number 12237870, and our registered office is at 2 Old Bath Road, Newbury, RG14 1QL, United Kingdom.
3. Data Controller versus Data Processor
For the purpose of data protection legislation, in respect of data we collect from you, we are the ‘data controller’. This means that we determine what personal data is collected, how this data is used and how it is protected.
4. Personal Data
When we say ‘personal data’ we mean anything that makes you directly or indirectly identifiable, for example your name, address, telephone number. It can be automated personal data or data held in manual filing systems.
5. The Lawful Basis for Collecting Your Personal Data
Under the general data protection regulation (GDPR) we must be able to demonstrate a lawful basis for collecting and using personal data. We will only use your personal data when the law allows us to; this includes, among other things:
- where we have your consent;
- where processing is necessary for the preparation and/or performance of a contract with you;
- where we need to comply with a legal obligation to which we are subject;
- where we have a legitimate interest to process your personal data, and where the processing of that data is both necessary and is not overridden by your interests, rights or freedoms.
6. The Collection of Personal Data
The personal data we collect from you will be for one or more of the following purposes:
- to provide you with information that you have requested about our products and/or services;
- to initiate and complete commercial transactions with you, or the entity that you represent, for the purchase and/or sale of products and/or services;
- to fulfil a contract that we have entered into with you, or the entity that you represent;
- to manage any communication between you and us;
- to process a job application or enquiry;
- to ensure the security and safe operation of our websites and underlying business infrastructure.
Some data types are collected for multiple purposes and some data may be shared with third parties. Should it be necessary to use your personal data for a new purpose, we will notify you and communicate the legal basis which allows us to do so before starting any new processing.
The table at the end of this policy details the various categories and types of personal data we collect and the lawful basis for processing this data.
7. Your Rights
As a data subject whose personal information we hold, you have certain rights. Your rights are as follows:
- The right to know how your personal data is being processed;
- The right to access your data through a subject access request;
- The right to rectification if you believe your personal data is inaccurate;
- The right to erasure (the right to be forgotten), in certain circumstances;
- The right to object to some types of data processing, such as direct marketing;
- The right to restrict processing if the accuracy of the data or the lawful basis is contested; and
- The right to data portability.
If you wish to exercise any of these rights, please email [email protected]. To process your request, we will ask you to provide two valid forms of identification for verification purposes.
8. Keeping your personal data up to date
We have a responsibility to keep your personal data accurate and up to date. Please tell us if your details change.
9. Subject access request
You have the right to access the personal data that we hold about you. This process for doing this is called a subject access request. If you wish to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please use the contact details set out at the beginning of this policy.
10. Retaining and Deleting Your Personal Data
We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected. In general, your personal data will be retained for as long as you have a relationship with us. Thereafter, for a maximum of six years. Additionally, we may retain your personal data where such retention is necessary to fulfil our statutory obligations. At the end of the data retention period, we will take all necessary actions to ensure that your personal data is deleted or anonymised.
The table at the end of this policy provides more information regarding the retention of data.
11. Sharing Your Personal Data
In the course of our commercial activities, business administration and statutory obligations we may disclose your personal data to third parties. We will disclose only the personal data that is necessary, and we will take all reasonable steps to ensure that an adequate level of protection is in place to safeguard your privacy and personal data under the GDPR. Where possible and appropriate, we will notify you of this type of disclosure. We may share your personal data with the following types of third parties:
- Customers, suppliers, contractors and other business partners to carry out our commercial activities;
- Professional advisers such as lawyers and accountants;
- Insurance providers to obtain insurance coverage and manage risk;
- Cloud-based software companies which provide us with business solutions such as our customer relationship and financial management systems;
- Providers which host our servers in their data centres;
- Providers which help us collate and organise data effectively and securely;
- Statutory bodies, government agencies, courts or other third parties where it is necessary to comply with laws or regulations, or to exercise, establish or defend our legal rights.
12. Data Transfers to Third Countries
13. Security Measures
14. Links to Other Websites
A cookie is a small text file which is transferred to your computer or mobile device when you visit a website. Cookies enable your browser to be recognised by the website. There are different types of cookies, which perform different functions.
We use the following cookies on our website:
- Strictly Necessary Cookies: these cookies are essential for the operation of our website. They include, for example, cookies that enable users to log into secure areas of a website. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work.
You can find our cookies in your browser settings. Most web browsers allow you to accept, decline or delete cookies. You can use the “Help” function in your browser to locate your cookie settings. Please note that if you choose to disable or delete certain cookies, you may affect the function of a website.
|Purpose||Category & Type of Data Collected||Specific Purpose||Lawful Basis||Shared With||Retention|
|To provide information||Information Data: Your name; company position; your organisation’s name, postal address, and telephone number; your mobile number, your business email address||To provide you with information that you have requested about our products and/or services||Consent||Internally and any third-party partners with whom we contract in order to fulfil these requirements||Data will be retained for as long as you have a relationship with us. Thereafter, a maximum of six years|
|To follow up to ensure requested information meets needs and identify further requirements||Legitimate Interest|
|To carry out a transaction||Transaction Data: Your name, company position, your organisation’s name, postal address, and telephone number; your mobile number, your business email address, and your organisation’s bank details||To initiate and complete commercial transactions with you, or the entity that you represent, for the purchase and/or sale of products and/or services||Contractual||Internally and any third-party partners with whom we contract in order to fulfil these requirements||Data will be retained for as long as you have a relationship with us. Thereafter, a maximum of six years|
|For accounting and taxation purposes||Statutory Obligation||Internally and, as necessary, with professional advisers|
|For documentation should any contractual legal claim arise||Legitimate Interest|
|To fulfil a contract||Contractual Data: Your name; company position; your organisation’s name, postal address, and telephone number; your mobile number, your business email address||To fulfil a contract that we have entered into with you, or the entity that you represent; delivery of products or services, in physical or digital form, that you may have purchased from us; licensing details necessary for allocation and maintenance of a licence purchased for use of software and related products||Contractual||Internally and any third-party partners with whom we contract in order to fulfil these requirements||Data will be retained for as long as you have a relationship with us. Thereafter, a maximum of six years|
|To manage correspondence||Correspondence Data: Your name; company position; your organisation’s name, postal address, and telephone number; your mobile number, your business email address||To correspond with you about any issue that you raise with us or which follows from an interaction between us||Legitimate Interest||Internally and, as necessary, with professional advisers||Relevant statutes of limitation|
|To process a job application||Job Application Data: Your name, home address; telephone number; email address; CV; employment references; assessment data; interview notes, or other relevant information||To process a job application or enquiry; to consider your application and suitability for employment||Consent||Internally and, following acceptance of an offer of employment, with selected vetting partners||A minimum period of 6 months and a maximum period of 2 years following receipt, in case we decide to contact you at a later date|
|Website Security||Website Data: Your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use||To ensure the security and safe operation of our websites and underlying business infrastructure; to protect our websites and infrastructure from cyber-attack or other threats and to report and deal with any illegal acts||Legitimate Interest||Internally and other organisations with which we might contract for this purpose||Relevant statutes of limitation|