Privacy Notice

ShieldPath Security Ltd
Website: spsec.co.uk
Email: info@spsec.co.uk
Address: 124 Charles Street, Leicester, LE1 1LB, United Kingdom

1. Introduction

ShieldPath Security Ltd (“ShieldPath”, “we”, “us”, “our”) is committed to protecting and respecting your privacy. This Privacy Notice explains how we collect, use, store, disclose and protect personal data when you:

• Visit our website (spsec.co.uk)
• Contact us via email, telephone or contact forms
• Engage our consultancy or professional services
• Subscribe to communications or marketing material

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws. ShieldPath Security Ltd is the Data Controller in respect of the personal data described in this Notice.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

2.1 Information You Provide to Us

• Full name
• Job title
• Organisation name
• Business email address
• Telephone number
• Correspondence and enquiry details
• Any information provided through contact forms or email communications

2.2 Information Collected Automatically

• IP address
• Browser type and version
• Device information
• Pages visited and duration
• Referring website
• Date and time of access

This information is typically collected through cookies and analytics technologies.

3. Lawful Basis for Processing

• Contractual necessity – where processing is required to perform a contract or take steps prior to entering into a contract.
• Legitimate interests – for operating, improving and securing our website and services, provided such interests are not overridden by your rights.
• Legal obligation – where processing is necessary to comply with legal or regulatory requirements.
• Consent – where you have provided clear consent (e.g. marketing communications).

4. How We Use Your Personal Data

• To respond to enquiries and provide requested information
• To deliver consultancy and professional services
• To manage client relationships
• To administer contracts and invoices
• To improve website performance and security
• To comply with legal and regulatory obligations
• To send relevant marketing communications (where permitted)

We do not sell personal data.

5. Sharing of Personal Data

• Professional advisers (e.g. legal, accounting)
• IT service providers and hosting providers
• Regulatory authorities where required by law
• Certification bodies or auditors where contractually required

All third-party service providers are required to implement appropriate technical and organisational security measures.

6. International Transfers

Where personal data is transferred outside the United Kingdom, we ensure appropriate safeguards are in place, such as:

• UK International Data Transfer Agreements (IDTA)
• Adequacy decisions
• Standard contractual clauses

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

• Duration of contractual engagement
• Statutory retention periods (e.g. tax and accounting records)
• Defence of potential legal claims

When no longer required, data is securely deleted or anonymised.

8. Data Security

• Access controls
• Encryption where appropriate
• Secure hosting environments
• Role-based access restrictions
• Regular review of security measures

9. Your Data Protection Rights

• Request access to your personal data
• Request correction of inaccurate data
• Request erasure of personal data
• Request restriction of processing
• Object to processing
• Request data portability
• Withdraw consent (where processing is based on consent)

Requests may be made by contacting: info@spsec.co.uk. We will respond within one month in accordance with statutory requirements.

10. Cookies

Our website may use cookies to enhance user experience and analyse traffic. You may control cookie preferences via your browser settings. Where required, consent will be obtained before placing non-essential cookies.

11. Complaints

If you are not satisfied with how we process your personal data, you have the right to lodge a complaint with the UK supervisory authority: Information Commissioner’s Office (ICO), Website: ico.org.uk. We encourage you to contact us first so that we may address your concerns.

12. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. The latest version will always be published on our website.