Privacy Policy

Last updated: 10 March 2026

Primelo Cyber Ltd ("we," "us," or "our") is committed to protecting the privacy and security of your personal data. This privacy policy explains how we collect, use, store, and share information when you interact with our website and services, in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller

Primelo Cyber Ltd is the data controller for the personal data collected through this website. Our registered office is located at 3rd Floor Elder House West, Elder Gate, Milton Keynes, MK9 1LR. For any data protection enquiries, please contact us at info@primelocyber.com.

2. Information We Collect

We may collect the following categories of personal data:

• Contact information: name, email address, phone number, and organisation name submitted through our contact form
• Enquiry details: service requirements and descriptions of your security or compliance challenges
• Technical data: IP address, browser type and version, time zone setting, operating system, and platform information collected automatically when you visit our site
• Usage data: information about how you use our website, including pages visited and time spent

3. How We Use Your Data

We process your personal data for the following purposes:

• To respond to your enquiries and provide information about our cybersecurity and compliance services
• To deliver contracted services including ISO 27001, GDPR, PCI-DSS, Cyber Essentials consultancy, and penetration testing
• To send relevant security advisories or service updates where you have opted in to receive them
• To improve our website and services
• To comply with legal obligations

4. Lawful Basis for Processing

We rely on the following legal bases under UK GDPR Article 6:

• Consent: where you have given clear consent for us to process your personal data for a specific purpose, such as receiving marketing communications
• Contractual necessity: where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract
• Legitimate interests: where processing is necessary for our legitimate business interests, such as improving our services, provided these interests do not override your rights

5. Data Sharing

We do not sell your personal data to third parties. We may share your data with:

• Our hosting provider (Netlify) for website delivery and form processing
• Professional advisors such as auditors or legal counsel where necessary
• Regulatory authorities where required by law

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Contact form submissions are retained for up to 24 months. Client engagement records are retained for 7 years in accordance with our legal and regulatory obligations.

7. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

• Right of access: request a copy of the personal data we hold about you
• Right to rectification: request correction of inaccurate or incomplete data
• Right to erasure: request deletion of your personal data in certain circumstances
• Right to restrict processing: request that we limit how we use your data
• Right to data portability: receive your data in a structured, machine-readable format
• Right to object: object to processing based on legitimate interests or for direct marketing

To exercise any of these rights, please contact us at info@primelocyber.com. We will respond to your request within one month.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. As a cybersecurity firm, data protection is core to our operations and culture.

9. Cookies

This website does not use cookies or third-party tracking technologies. We use Google Fonts for typography, which may involve requests to Google's servers. No personal data is shared with Google beyond standard HTTP request headers.

10. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

11. Contact & Complaints

If you have any questions about this privacy policy or wish to make a complaint, please contact us at info@primelocyber.com.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection. Visit ico.org.uk for further information.