Last updated: 10 February 2026
CyberXpert Ltd is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website or contact us.
This policy is provided in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
CyberXpert Ltd
128 City Road
London
EC1V 2NX
United Kingdom
Website: https://cyberxpert.co.uk
Privacy contact email: [email protected]
For the purposes of data protection law, CyberXpert Ltd is the data controller of any personal data processed via this website.
We may collect and process the following categories of personal data.
This information is collected for security, operational, and performance purposes. It is not used for advertising, behavioural profiling, or direct marketing.
We use cookies that are strictly necessary for the operation of the website and, where you have provided consent, statistical cookies used to understand how visitors interact with the website.
Statistical technologies may collect information such as page views, interaction events, and approximate location derived from IP address. This data is processed in aggregated or pseudonymised form and is not used for advertising or marketing purposes.
Full details are provided in our Cookie Policy, which should be read alongside this Privacy Policy.
We process personal data only where permitted by law and for the following purposes:
Responding to enquiries and communications
Operating, maintaining, and securing our website
Preventing fraud, misuse, and unauthorised access
Ensuring website functionality and performance
Complying with legal and regulatory obligations
We do not use personal data for:
Marketing communications
Behavioural profiling
Automated decision-making
Under UK GDPR, we rely on the following legal bases:
Our website uses cookies to ensure proper operation, security, and performance.
Details of cookie categories, purposes, retention periods, and how to manage or withdraw consent are provided in our Cookie Policy.
You can change or withdraw your cookie preferences at any time using the cookie management controls available on our website.
We do not sell or rent personal data.
We may share limited personal data with trusted service providers who act as data processors on our behalf, strictly for operational purposes, including:
Website hosting and infrastructure providers
Security and content delivery services
Email and communication service providers
We use an online appointment scheduling service (Koalendar) to allow visitors to book consultations directly through our website.
When you book a meeting, Koalendar processes the information you provide (such as your name, email address and any details you choose to submit) for the purpose of scheduling and managing the appointment. This processing is carried out at your request and is necessary to provide the booking service.
Koalendar acts as a data processor on our behalf. We do not use this service for marketing, tracking, or profiling, and it does not place advertising or analytics cookies on your device as part of the booking process.
Koalendar’s privacy policy is available at: https://koalendar.com/privacy
The legal basis for this processing is Article 6(1)(b) UK GDPR (performance of a contract or steps taken at your request prior to entering into a contract).
All such providers are required to implement appropriate technical and organisational security measures and to process data only in accordance with our instructions.
We use the following analytics services to understand how our website is used and to improve its performance and content:
Google Analytics
Mixpanel
These services process technical and usage data such as page views, interaction events, and device information. Data is processed in accordance with our instructions and is not used for advertising or profiling.
Where required, these services are only activated after you have provided consent via our cookie management controls.
Some service providers may process data outside the United Kingdom.
Where this occurs, we ensure appropriate safeguards are in place, including:
UK-approved International Data Transfer Agreements
Standard Contractual Clauses
Other equivalent safeguards recognised under UK GDPR
We retain personal data only for as long as necessary for the purposes for which it was collected.
Enquiry and contact data: retained for up to 12 months
Security and technical logs: retained for limited periods in line with operational and legal requirements
Data may be retained longer where required by law or for the establishment, exercise, or defence of legal claims.
Under UK GDPR, you have the right to:
Request access to your personal data
Request correction of inaccurate or incomplete data
Request erasure of your personal data
Restrict or object to processing
Withdraw consent where processing is based on consent
Request data portability, where applicable
To exercise your rights, please contact us using the details above.
If you have concerns about how we handle your personal data, we encourage you to contact us first.
You also have the right to lodge a complaint with the UK supervisory authority:
Information Commissioner’s Office (ICO)
Website: https://www.ico.org.uk
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or disclosure.
We may update this Privacy Policy from time to time to reflect changes in legal requirements or our practices. Any updates will be published on this page.
UK-based cyber security specialists helping organisations reduce risk, respond to incidents, and build long-term resilience.
Trusted by UK organisations across critical sectors.
General enquiries and incident support.
© 2025 CyberXpert Ltd. Registered in England and Wales. Company No. 16326196. All rights reserved.