Document Info
Jump to sections˅
Looking for website usage terms? View Terms of Use.
Document Info
Contents
Looking for website usage terms instead? View the Terms of Use.
Who We Are˅
AFIsec Cybersecurity Consulting ("AFIsec", "we", "us", or "our") is a UK-based cybersecurity consultancy. This Privacy Policy explains how we collect, use, and protect personal information when you visit this website or contact us.
AFIsec is the data controller for personal information processed through this website unless stated otherwise.
Information We Collect˅
We collect information you choose to provide directly, and limited technical information generated when you use the site.
- Contact and enquiry details such as name, work email address, company name, role, and the message you submit
- Enquiry preferences such as inquiry type or service/training interest selections
- Technical usage information such as device/browser details, IP address, and basic logs generated by hosting or security tools
- Any information you include voluntarily in communications with AFIsec
How We Use Your Information˅
- Respond to enquiries and communicate with you about requested services or training
- Assess your request and recommend practical next steps
- Operate, secure, and improve the website and contact process
- Maintain business records and comply with legal, regulatory, or contractual obligations
- Protect against misuse, fraud, and security incidents
Lawful Bases (UK GDPR)˅
Where UK GDPR applies, AFIsec typically relies on one or more of the following lawful bases depending on the context.
- Legitimate interests (for responding to business enquiries, operating the website, and improving services)
- Contract (where processing is necessary to take steps at your request before entering into an agreement, or to deliver contracted services)
- Consent (where you provide consent for a specific purpose)
- Legal obligation (where we must process data to comply with applicable law)
Retention˅
We retain personal information only for as long as reasonably necessary for the purpose it was collected, including to respond to enquiries, manage client relationships, maintain records, and meet legal or regulatory obligations.
Retention periods vary depending on the nature of the enquiry, any resulting engagement, and legal requirements.
International Transfers˅
Some service providers may process information outside the UK. Where this happens, AFIsec will take reasonable steps to ensure appropriate safeguards are used, such as contractual protections or other lawful transfer mechanisms.
Your Rights˅
Subject to applicable law, you may have rights to access, correct, erase, restrict, or object to certain processing of your personal information, and to request portability in some circumstances.
You may also have the right to withdraw consent where processing is based on consent.
Contact and Complaints˅
If you have questions about this Privacy Policy or how AFIsec handles personal information, contact us using the details on the Contact page or by email at hello@afisec.co.uk.
If you are not satisfied with our response, you may have the right to raise a complaint with the UK Information Commissioner's Office (ICO).
Changes to This Policy˅
AFIsec may update this Privacy Policy from time to time to reflect changes to the website, services, or legal obligations. The latest version will always be published on this page with the date shown above.
Important Note
These website legal pages are general website terms and privacy notices. AFIsec-specific contractual terms for consulting or training engagements should be agreed separately in a written engagement.
For enquiries, visit the Contact page.