top of page
Homepage
Security
Awareness
Solutions
Free Consultation

Privacy Policy

Last updated: 13/02/2026

Security Awareness Solutions Ltd (we, us, our) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, share and protect personal data when you visit our website, contact us, or use our services.

 

Who we are

Controller: Security Awareness Solutions Ltd
Company number: 16434342
Registered address: 11 Brookside Place, Sheepy Magna, CV9 3RD
Email:  privacy@securityawarenesssolutions.co.uk
Website: https://www.securityawarenesssolutions.co.uk 

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us using the details above.

Personal data we collect

We may collect and process the following categories of personal data:

Information you provide to us

  • Contact details such as name, job title, company name, email address and telephone number

  • Enquiry details, including the content of messages you send via forms, email or phone

  • Meeting and consultation details, including notes and agreed actions

  • Billing and contractual information if you become a client

 

Information we collect automatically

When you use our website, we may collect:

  • IP address and device information (for example browser type and operating system)

  • Usage information (pages visited, links clicked, time on site)

  • Approximate location (derived from IP address)

 

This data is typically collected via cookies and similar technologies. See the Cookies section below.

 

Special category data

We do not intentionally collect special category data (for example health, religion, political opinions). Please do not submit this type of information to us via the website.

How we use your personal data

We use personal data for the following purposes:

  • To respond to enquiries and provide information you request

  • To arrange and deliver consultations, services, and ongoing support

  • To manage our relationship with you, including communications, proposals, and contracts

  • To improve our website, content, and service delivery

  • To comply with legal obligations, including accounting and tax rules

  • To protect our business and users, including preventing fraud and misuse

 

Lawful bases for processing

Under UK GDPR, we must have a lawful basis to process your personal data. We rely on one or more of the following:

  • Consent: where you have given clear consent, for example opting in to marketing emails (you can withdraw consent at any time)

  • Contract: where processing is necessary to perform a contract with you or take steps at your request before entering into a contract

  • Legal obligation: where we must process data to comply with the law

  • Legitimate interests: where processing is necessary for our legitimate interests, such as responding to business enquiries, improving our services, and protecting our operations, provided your rights do not override those interests

 

Marketing

We may send you marketing communications if:

  • you have opted in, or

  • you are an existing business contact and the communication relates to similar services, and you have not opted out.

 

You can opt out at any time by using the unsubscribe link in an email or by contacting us.

 

Cookies and analytics

Our website may use cookies and similar technologies to:

  • enable core site functionality

  • understand how visitors use our website

  • measure marketing effectiveness (if applicable)

 

You can control cookies through your browser settings and, where used, our cookie banner or preference tool.

 

Analytics providers: We may use analytics tools (for example Google Analytics or similar). These tools may set cookies and collect usage data. We configure these tools where possible to reduce data collection and avoid unnecessary identifiers.

Sharing your personal data

We do not sell your personal data.

We may share personal data with trusted third parties where necessary, such as:

  • website hosting and support providers

  • form and customer relationship tools (for example email or CRM systems)

  • analytics providers

  • professional advisers (for example accountants, legal advisers) when required

  • service delivery partners or subcontractors where needed to deliver services (only with appropriate controls)

 

We require service providers to protect personal data and use it only for the services they provide to us.

 

International transfers

Some of our service providers may process data outside the UK. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, such as:

  • UK International Data Transfer Agreement (IDTA) or UK Addendum to EU Standard Contractual Clauses, where applicable

  • vendor security and privacy assessments

  • technical and organisational controls

 

Data security

We take appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures may include access controls, encryption where appropriate, secure configuration, and staff awareness.

No method of transmission over the internet is completely secure. If you suspect any misuse or unauthorised access, please contact us.

 

Data retention

We keep personal data only as long as necessary for the purposes described in this policy, including legal, accounting, or reporting requirements.

 

Typical retention periods may include:

  • enquiries: up to [12–24] months after last contact

  • client records and contracts: up to [6] years after the end of the engagement (to meet legal and accounting requirements)

  • marketing preferences: until you opt out or we stop using the list

You can ask for more detail about retention periods by contacting us.

 

Your rights

Under UK GDPR, you have rights in relation to your personal data, including:

  • the right to access your personal data

  • the right to correct inaccurate data

  • the right to request deletion of your data (in certain circumstances)

  • the right to restrict processing (in certain circumstances)

  • the right to object to processing based on legitimate interests

  • the right to data portability (in certain circumstances)

  • the right to withdraw consent at any time, where processing is based on consent

 

To exercise your rights, contact us using the details in the “Who we are” section. We may ask for information to verify your identity.

 

Complaints

If you have concerns about how we handle your personal data, please contact us first and we will try to resolve the issue.

You also have the right to complain to the Information Commissioner’s Office (ICO):
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

 

Third party links

Our website may include links to third party websites. We are not responsible for their privacy practices. Please review their privacy policies before providing personal data.

Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be published on our website with the “Last updated” date.

If you tell me what you use for forms and tracking (eg HubSpot forms, Google Analytics, Google Ads, Microsoft Clarity, Mailchimp), I’ll tighten this policy so it is specific and accurate to your setup.

bottom of page