Preloader
Rapid Breach Response

+ 44 (0)20 4591 7000
Rapid Breach Response

+ 44 (0)20 4591 7000

Privacy Policy

Privacy Policy

Last updated: 22 December 2025

CyberXpert Ltd is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website or contact us.

This policy is provided in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are (Data Controller)

CyberXpert Ltd
128 City Road
London
EC1V 2NX
United Kingdom

Website: https://cyberxpert.co.uk
Privacy contact email: [email protected]

For the purposes of data protection law, CyberXpert Ltd is the data controller of any personal data processed via this website.

2. Personal data we collect

We may collect and process the following categories of personal data:

Information you provide directly

  • Name
  • Email address
  • Any information you include when contacting us via email or contact forms

Technical and usage data

  • IP address
  • Browser type and version
  • Operating system
  • Date and time of access
  • Pages visited

This information is collected for security, performance, and operational purposes. It is not used for profiling, advertising, or direct marketing.

Cookies and similar technologies

We use cookies that are strictly necessary for the operation of the website and, where applicable, anonymous statistical cookies.

Full details are provided in our Cookie Policy, which should be read alongside this Privacy Policy.

3. How we use your personal data

We process personal data only where permitted by law and for the following purposes:

  • Responding to enquiries and communications
  • Operating, maintaining, and securing our website
  • Preventing fraud, misuse, and unauthorised access
  • Ensuring website functionality and performance
  • Complying with legal and regulatory obligations

We do not use personal data for:

  • Marketing communications
  • Behavioural profiling
  • Automated decision-making

4. Legal bases for processing

Under UK GDPR, we rely on the following legal bases:

  • Legitimate interests
    To respond to enquiries, operate our website securely, and prevent misuse, provided those interests are not overridden by your rights.
  • Consent
    Where you have actively provided consent, for example through cookie preferences.
  • Legal obligation
    Where processing is required to comply with applicable law.

5. Cookies

Our website uses cookies to ensure proper operation, security, and performance.

Details of:

  • Cookie categories
  • Purposes
  • Retention periods
  • How to manage or withdraw consent

are provided in our Cookie Policy.

You can change or withdraw your cookie preferences at any time using the cookie management controls available on our website.

6. Sharing your data

We do not sell or rent personal data.

We may share limited personal data with trusted service providers who act as data processors on our behalf, strictly for operational purposes, including:

  • Website hosting and infrastructure providers
  • Security and content delivery services
  • Email and communication service providers

All such providers are required to implement appropriate security measures and process data only in accordance with our instructions.

7. International data transfers

Some of our service providers may process data outside the United Kingdom.

Where this occurs, we ensure appropriate safeguards are in place, such as:

  • UK-approved International Data Transfer Agreements
  • Standard Contractual Clauses
  • Equivalent legal protections recognised under UK GDPR

8. Data retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including:

  • Enquiry data: retained for up to 12 months
  • Security and technical logs: retained for limited periods in line with operational and legal requirements

Data may be retained longer where required by law or for the establishment, exercise, or defence of legal claims.

9. Your rights

Under UK GDPR, you have the right to:

  • Request access to your personal data
  • Request correction of inaccurate or incomplete data
  • Request erasure of your personal data
  • Restrict or object to processing
  • Withdraw consent where processing is based on consent
  • Request data portability, where applicable

To exercise your rights, please contact us using the details above.

10. Complaints

If you have concerns about how we handle your personal data, we encourage you to contact us first.

You also have the right to lodge a complaint with the UK supervisory authority:

Information Commissioner’s Office (ICO)
Website: https://www.ico.org.uk

11. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or disclosure.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or our practices. Any updates will be published on this page.

Get In Touch

Get In Touch With Our Cyber Security Experts

Reach out to us today and ensure your business stays protected.

Let's Talk

UK-based cyber security specialists helping organisations reduce risk, respond to incidents, and build long-term resilience.

Trusted by UK organisations across critical sectors.

Services

Contact & Incident Response

General enquiries and incident support.

Resources & Updates

Practical guidance and real-world outcomes.

© 2025 CyberXpert Ltd. All rights reserved.