Privacy & Cookie Policy

1.     About This Policy

This is the Privacy Policy of Alt-Secure Cyber Solutions Limited and the Cookie Policy for our website. In this document we explain how we collect, use and protect your personal data for example, when you contact us, visit our website, apply for a job, or contract with us to buy and/or sell products and services.

We take our privacy responsibilities seriously and are committed to respecting your privacy and protecting your personal data. Please read this privacy policy carefully to understand our views and practices regarding your personal data and how we will treat it.

Amendments and updates to this policy may be made from time-to-time. Any revisions will be posted on this page, so you will always be aware of what information we collect and how we use that information. Please review this page regularly so that you are aware of any changes.

If you have any comments, questions or concerns about this privacy policy or the ways in which we handle your personal data we encourage you to contact us at [email protected].

2.     About Us

Alt-Secure Cyber Solutions Limited is a B2B provider of cyber security products and services. We are registered in England and Wales as a private limited company under number 12237870, and our registered office is at 2 Old Bath Road, Newbury, RG14 1QL, United Kingdom.

3.     Data Controller versus Data Processor

For the purpose of data protection legislation, in respect of data we collect from you, we are the ‘data controller’. This means that we determine what personal data is collected, how this data is used and how it is protected.

In respect of data provided to us by a third-party organisation acting on your behalf e.g. a reseller or vendor, we do not act as a data controller; instead, we act as a data processor. Insofar as we act as a data processor rather than a data controller, this policy shall not apply. Our legal obligations as a data processor are instead set out in the contract between us and the relevant data controller. In these circumstances, you should refer to the privacy policy of the third-party.

4.     Personal Data

When we say ‘personal data’ we mean anything that makes you directly or indirectly identifiable, for example your name, address, telephone number. It can be automated personal data or data held in manual filing systems.

5.     The Lawful Basis for Collecting Your Personal Data

Under the general data protection regulation (GDPR) we must be able to demonstrate a lawful basis for collecting and using personal data. We will only use your personal data when the law allows us to; this includes, among other things:

  • where we have your consent;
  • where processing is necessary for the preparation and/or performance of a contract with you;
  • where we need to comply with a legal obligation to which we are subject;
  • where we have a legitimate interest to process your personal data, and where the processing of that data is both necessary and is not overridden by your interests, rights or freedoms.

6.     The Collection of Personal Data

The personal data we collect from you will be for one or more of the following purposes:

  • to provide you with information that you have requested about our products and/or services;
  • to initiate and complete commercial transactions with you, or the entity that you represent, for the purchase and/or sale of products and/or services;
  • to fulfil a contract that we have entered into with you, or the entity that you represent;
  • to manage any communication between you and us;
  • to process a job application or enquiry;
  • to ensure the security and safe operation of our websites and underlying business infrastructure.

 

Some data types are collected for multiple purposes and some data may be shared with third parties. Should it be necessary to use your personal data for a new purpose, we will notify you and communicate the legal basis which allows us to do so before starting any new processing.

The table at the end of this policy details the various categories and types of personal data we collect and the lawful basis for processing this data.

7.     Your Rights

As a data subject whose personal information we hold, you have certain rights. Your rights are as follows:

  • The right to know how your personal data is being processed;
  • The right to access your data through a subject access request;
  • The right to rectification if you believe your personal data is inaccurate;
  • The right to erasure (the right to be forgotten), in certain circumstances;
  • The right to object to some types of data processing, such as direct marketing;
  • The right to restrict processing if the accuracy of the data or the lawful basis is contested; and
  • The right to data portability.

 

If you wish to exercise any of these rights, please email [email protected]. To process your request, we will ask you to provide two valid forms of identification for verification purposes.

8.     Keeping your personal data up to date

We have a responsibility to keep your personal data accurate and up to date. Please tell us if your details change.

9.     Subject access request

You have the right to access the personal data that we hold about you. This process for doing this is called a subject access request. If you wish to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please use the contact details set out at the beginning of this policy.

10.   Retaining and Deleting Your Personal Data

We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected. In general, your personal data will be retained for as long as you have a relationship with us. Thereafter, for a maximum of six years. Additionally, we may retain your personal data where such retention is necessary to fulfil our statutory obligations. At the end of the data retention period, we will take all necessary actions to ensure that your personal data is deleted or anonymised.

The table at the end of this policy provides more information regarding the retention of data.

11.   Sharing Your Personal Data

In the course of our commercial activities, business administration and statutory obligations we may disclose your personal data to third parties. We will disclose only the personal data that is necessary, and we will take all reasonable steps to ensure that an adequate level of protection is in place to safeguard your privacy and personal data under the GDPR. Where possible and appropriate, we will notify you of this type of disclosure. We may share your personal data with the following types of third parties:

  • Customers, suppliers, contractors and other business partners to carry out our commercial activities;
  • Professional advisers such as lawyers and accountants;
  • Insurance providers to obtain insurance coverage and manage risk;
  • Cloud-based software companies which provide us with business solutions such as our customer relationship and financial management systems;
  • Providers which host our servers in their data centres;
  • Providers which help us collate and organise data effectively and securely;
  • Statutory bodies, government agencies, courts or other third parties where it is necessary to comply with laws or regulations, or to exercise, establish or defend our legal rights.

12.   Data Transfers to Third Countries

To benefit from our services, it may be necessary to transfer your personal data to countries outside the European Economic Area (EEA), including some that may not provide the same level of privacy regulation. When this happens, we will take all reasonable steps to ensure that an adequate level of protection is in place to safeguard your privacy rights under the GDPR and this privacy policy.

13.   Security Measures

We have put in place appropriate technical and organisational measures to secure your personal data and to prevent its loss, misuse or alteration. We have business systems and processes in place to make sure that only those people in our organisation who need to access your data can do so. Our security policies and procedures are reviewed regularly, internally and independently. In accepting this privacy policy, you acknowledge that the transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.

14.   Links to Other Websites

This privacy policy applies to personal data collected by us. Our website may include hyperlinks to other websites. Please be aware that we have no control over, and are not responsible for, the privacy policies and practices of third parties. We encourage our users to be aware when they leave our site, and to read the privacy policy of other sites that collect personal data.

15.   Cookies

A cookie is a small text file which is transferred to your computer or mobile device when you visit a website. Cookies enable your browser to be recognised by the website. There are different types of cookies, which perform different functions.

We use the following cookies on our website:

  • Strictly Necessary Cookies: these cookies are essential for the operation of our website. They include, for example, cookies that enable users to log into secure areas of a website. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work.
  • Analytical/Performance Cookies: these cookies are used to provide us with information about our website visitors. They allow us to count visits and traffic sources. The data we collect helps us to monitor and analyse the use and performance of our website. We only use these cookies to improve how our websites work. We may use cookies from Google Analytics to monitor user interaction with our website. We may use cookies from Cloudflare to monitor and protect our website against malicious attacks.

You can find our cookies in your browser settings. Most web browsers allow you to accept, decline or delete cookies. You can use the “Help” function in your browser to locate your cookie settings. Please note that if you choose to disable or delete certain cookies, you may affect the function of a website.

By using our website, you consent to our use of cookies in accordance with the terms of this policy.

Purpose Category & Type of Data Collected Specific Purpose Lawful Basis Shared With Retention
To provide information Information Data: Your name; company position; your organisation’s name, postal address, and telephone number; your mobile number, your business email address To provide you with information that you have requested about our products and/or services Consent Internally and any third-party partners with whom we contract in order to fulfil these requirements Data will be retained for as long as you have a relationship with us. Thereafter, a maximum of six years
To follow up to ensure requested information meets needs and identify further requirements Legitimate Interest
To carry out a transaction Transaction Data: Your name, company position, your organisation’s name, postal address, and telephone number; your mobile number, your business email address, and your organisation’s bank details To initiate and complete commercial transactions with you, or the entity that you represent, for the purchase and/or sale of products and/or services Contractual Internally and any third-party partners with whom we contract in order to fulfil these requirements Data will be retained for as long as you have a relationship with us. Thereafter, a maximum of six years
For accounting and taxation purposes Statutory Obligation Internally and, as necessary, with professional advisers
For documentation should any contractual legal claim arise Legitimate Interest
To fulfil a contract Contractual Data: Your name; company position; your organisation’s name, postal address, and telephone number; your mobile number, your business email address To fulfil a contract that we have entered into with you, or the entity that you represent; delivery of products or services, in physical or digital form, that you may have purchased from us; licensing details necessary for allocation and maintenance of a licence purchased for use of software and related products Contractual Internally and any third-party partners with whom we contract in order to fulfil these requirements Data will be retained for as long as you have a relationship with us. Thereafter, a maximum of six years
To manage correspondence Correspondence Data: Your name; company position; your organisation’s name, postal address, and telephone number; your mobile number, your business email address To correspond with you about any issue that you raise with us or which follows from an interaction between us Legitimate Interest Internally and, as necessary, with professional advisers Relevant statutes of limitation
To process a job application Job Application Data: Your name, home address; telephone number; email address; CV; employment references; assessment data; interview notes, or other relevant information To process a job application or enquiry; to consider your application and suitability for employment Consent Internally and, following acceptance of an offer of employment, with selected vetting partners A minimum period of 6 months and a maximum period of 2 years following receipt, in case we decide to contact you at a later date
Website Security Website Data: Your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use To ensure the security and safe operation of our websites and underlying business infrastructure; to protect our websites and infrastructure from cyber-attack or other threats and to report and deal with any illegal acts Legitimate Interest Internally and other organisations with which we might contract for this purpose Relevant statutes of limitation

 

Alt-Secure Cyber Solutions Limited - Privacy & Cookie Policy - Last Revised 12 February 2020