Privacy and Cookies Policy

DSECUK Ltd (t/a KEEP Information Security Services) – Privacy Policy

Last updated: January 2024 
Version: 1.2

DSECUK Ltd (t/a KEEP Information Security Services) is committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read this policy carefully to understand our practices regarding how we will treat your personal data.

By visiting www.wearekeep.co.uk (“Website”), you accept and consent to the practices described in this policy. If you do not accept the terms of this policy, please refrain from using the Website. This policy is in direct response to the requirements of the General Data Protection Regulation 2016/679 (GDPR).

Unless prohibited by law or other applicable regulatory requirements we may share your personal information with any affiliate company within our group.

Our Data Protection Officer (DPO) can be contacted using the following email address: [email protected]

This privacy notice describes how we might use your information if you:

• Visit our website at https://www.wearekeep.co.uk
• Engage with us in other related ways ― including any sales, marketing, or events

In this privacy notice, if we refer to:

• “Website,” we are referring to any website of ours that references or links to this policy
• “Services,” we are referring to our Website, and other related services, including any sales, marketing, or events

The purpose of this privacy notice is to explain to you in the clearest way possible what information we collect, how we use it, and what rights you have in relation to it. If there are any terms in this privacy notice that you do not agree with, please discontinue use of our Services immediately.

Information we may collect and hold about you

We may collect and process: information you’ve provided to us, such as your name, email address, mailing address, and contact details.

You provide us with information about yourself by:

• filling in forms on the Website;
• contacting us by phone, email or physical mail;
• asking us to contact you in relation to services we provide;
• subscribing to our mailing lists, newsletters or bulletins;
• completing a survey we send you;
• booking a seminar or event run by us;
• ordering products or services from us;
• interacting with us on social media platforms (such as LinkedIn); or
• reporting a problem with our Website.

When you visit our Website, we may also collect information about you, including, but not limited to, your IP address, approximate location (town / city level), time of access, the browser you use, your operating system, the pages you visit and what website you came from.

Data Processing Details | Purpose of Processing and Lawful Basis

DSECUK Ltd may use your personal data for a variety of purposes. Below is a list of the processing activities that occur on a regular or frequent basis. The brackets indicate the most applicable UK-GDPR Article 6 lawful basis that DSECUK Ltd relies on for this processing activity.

• Emergency Contacts (Vital Interests) – The storage of emergency contacts for employees and contractors
• Invoicing (Contract) – The issuing of invoices, in particular invoicing clients and contractors
• Incident Logs (Legal Obligation) – Records of security incidents, following the incident management standard, collection of evidence, and related investigations.
• Sales Prospect Management (Legitimate Interests) – Storage of contact information for sales prospects alongside records of meetings, conversations and calls.
• Email Marketing (Consent) – Management of email marketing campaigns.
• Website Cookies (Consent) – The use of website cookies and related data on the KEEP Information Security Services website.

Retention of your information

If we are providing services to you, we will retain your personal information for the duration of the services and for six years thereafter, unless otherwise agreed.

When you visit our Website, you will be asked whether you consent to the use of Cookies. If you consent, we will retain the information collected about you in accordance with the retention periods outlined in our Cookie Policy.

GDPR | Your rights

With the UK GDPR, you have rights that you may exercise at any time. Whilst you may exercise these rights at any time, DSECUK Ltd is not always obliged to comply with your requests. Each right has requirements and exemptions that are associated with them. For further information on these requirements and exemptions, please visit the Information Commissioner’s Office (ICO) website:

https://ico.org.uk

• The Right to be Informed – You have the right to be informed about how DSECUK Ltd uses your personal data. We are required to provide you with details of our data processing activities (where they involve your personal data).
• The Right of Access – You have the right to request a copy of the personal data that DSECUK Ltd holds about you.
• The Right to Rectification – If DSECUK Ltd holds personal data about you that is inaccurate or outdated, you have the right to request that this information is changed.
• The Right to Erasure – You have the right to request that DSECUK Ltd deletes personal data that relates to you.
• The Right to Restrict Processing – You have the right to request that DSECUK Ltd restricts or suppresses the further processing of your personal data.
• The Right to Data Portability – You have the right to request that DSECUK Ltd provide a copy of your personal data to you in a commonly used digital format.
• The Right to Object – You have the right to object to specific processing activities that DSECUK Ltd undertakes. Specifically, you may object if DSECUK Ltd is using your data form marketing purposes, for a task carried out in the public interest, for an exercise of official authority, or where we have relied on legitimate interests as a lawful basis.
• Rights in Relation to Automated Decision-Making Including Profiling – Where DSECUK Ltd uses IT systems to make decisions about you (with no human involvement or oversight), you have UK GDPR rights in relation to this. These rights include the ability to request for human intervention to challenge a computer made decision, or to request a check that an automated system is working as intended. Currently, DSECUK Ltd does not carry out any automated decision making or profiling.

GDPR | The Right to Withdraw Consent

Where DSECUK Ltd has relied on consent as a UK GDPR Article 6 lawful basis or an Article 9 exemption, you have the right to withdraw this consent at any time. When you withdraw your consent for data processing, we will make reasonable efforts to stop the associated processing activity as soon as possible.

GDPR | Right to lodge a complaint

You have the right to complain to the Information Commissioners Office (ICO) if you are concerned about the way we have processed your personal information. They can be contacted via:

Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Telephone: 0303 123 1113

DSECUK Ltd | Data Protection Officer

DSECUK Ltd has appointed a Data Protection Officer. They can be contacted here:

Email: [email protected]

Contact | DSECUK Ltd t/a KEEP Information Security Services

If you have any questions or comments regarding the content of this Privacy Notice, please contact:

Email: [email protected]

GDPR | Changes to our Privacy Notice

This Privacy Notice may be updated from time to time so you may wish to check it each time you submit personal information to us. The date of the most recent revisions will appear on this page.

GDPR | Links

Our website may contain links to our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check their policies before you submit any personal data to them.

DSECUK Ltd (t/a KEEP Information Security Services) – Cookie Policy

Last updated: January 2024 
Version: 1.2

Cookies are small text files that are placed on your computer by the websites that you visit. They help a website distinguish you from other users.

Some cookies are Essential, as they are needed for certain features or to allow the website to load promptly.  Some cookies aren’t Essential but are useful; for example they may provide information on how people are using the website so the website can be improved , such as Analytics cookies.

EU Privacy laws require us to seek your consent if we wish to place any non-essential cookies on your computer.  The table below explains the cookies used on this website and what we use them for, so you can make an informed choice on whether to consent to them.

If you have consented to Analytics cookies (using our cookies preference tool), this cookie stores a Google Analytics ID which is created when you agree to cookies.

The ID consists of the version of the cookie, what page you first visited (i.e. when the cookie was created), a random number generated by Google and a timestamp of when the cookie was created.

These cookies are used to collect statistics on how and when visitors use our website. We use this information to compile reports which help us improve the website, and to help us to measure the success of advertising and marketing campaigns.

The cookie collects information in a way that does not directly identify anyone.  Read Google’s overview of privacy and safeguarding data here; https://support.google.com/analytics/answer/6004245