Who are we?
4Secure Limited, (Registered Address 80 Main Road, Northampton, Northants, NN6 0HJ Company Number 04647685) have created this Privacy Notice to offer transparency and clarity about what personal data we process and how we use your personal data when you are a client (or potential client) of ours or browsing our website.
We are registered with the ICO (Registration No ZA542745). We have a Cyber Essentials certification as well as ISO 9001.
When we process personal data, we do so in accordance with the UK GDPR, PECR, Data Protection Act 2018 and compliance with all applicable laws governing MOD Security standards.
If you have any questions about this Privacy Notice, you can contact [email protected].
We are a data controller when we deal with our own clients, potential client, or website users’ data or, however in some circumstances we are a data processor when we are engaged to assist our clients with their cybersecurity needs. When we act as a data processor, please refer to the privacy notice of our data controller client for more information.
Our website is not intended, and we do not knowingly collect data relating to children.
What are your rights?
You have several rights which you can access free of charge. In certain circumstances we reserve the right to charge a reasonable fee if your requests are unfounded or excessive.
You have the right:
- Right of access: You can request access to a copy of the personal data which we hold about you as well as details about why and how we use your data.
- Right to rectification: You can ask us to change or complete any personal data we hold about you which is inaccurate or incomplete.
- Right to be forgotten/erasure: You have a right, under certain circumstances to ask us to delete any personal data we hold out you. Please note that there may be situations where we must retain your personal data after a request for erasure where we have a lawful basis for doing so.
- Right of restriction: You can ask us to restrict (i.e.: prevent) the processing of your personal data where you have objected to our use of it, and we have no lawful basis to continue processing your personal data.
- Right to data portability: In certain circumstances, you can ask us to transfer the data we hold about you to another. This would be sent in a structed, commonly used, electronic form.
- Right to object: You can object to us using your personal data for particular purposes; and
- Automated decision making: You have a right not to be subjected to automated decision making and profiling in certain circumstances.
For more information about these rights and when you can request them, please visit the Information Commissioners Guide to Data Subject Rights.
If you wish to exercise any of these rights, please contact us by email at [email protected]. We will respond to you within one month. If your request is complex and we require more time, we will contact you and let you know within the first month.
How can you submit a query or a complaint?
We are always happy to answer your queries regarding privacy. Please contact us by email at [email protected].
If you have a complaint, please get in touch with us so that we can resolve any concerns. You also have a right to lodge a complaint with the Information Commissioners Office if you believe your personal data has been processed in a way which does not comply with Data Protection Legislation. You can call the ICO helpline on 0303 123 1113 or visit their website here.
More information about our organisation and this privacy notice.
If 4Secure Limited, is sold or transfers its assets to another party, your personal data could be one of the transferred assets. If your personal data is transferred it will remain subject to this Privacy Notice. Your personal data will be passed onto a successor in the event of a liquidation or administration. We will contact you in advance to let you know about any changes.
We keep this Privacy Notice under regular review. The most recent update is March 2025.
How do we process your personal data?
So that we can provide a service to you need to process some of your personal data. We make sure that we only collect what we need and have outlined below the various ways in which we process your personal data. Please select the section which best describes your relationship with our organisation to find out more.
Security and Compliance
Our data processing activities align with DEFCON 532, 658, 659, and DEFSTAN 05-138 standards where applicable. We implement:
- Strict access controls to prevent unauthorised data access.
- Data minimisation to collect only necessary information.
- Encryption and secure storage for sensitive data.
- Auditing and compliance checks to ensure regulatory adherence.
If you have any concerns regarding compliance with these standards, please contact us.
Please select the most appropriate section for you to find out more details:
I am a visitor to your website:
We use cookies on our website which collect various types of personal data. This will include details about your visits to our website; page views, downloads, navigation, and exit; IP address; geographical location; browser type and version; operating system; referral source; length of your visit.
Some of these cookies are necessary to ensure that the website works correctly, and other cookies require your consent. You can find out more about our cookies and how you can manage your consent in our cookie policy here.
Our website may contain links to other external websites. We aren’t responsible for the practices, policies or content of such websites and suggest that you check their privacy policies to ensure that you are happy to continue browsing.
You may have sent us an enquiry via the contact page on our website. We will collect your name and contact details as it’s in our legitimate interest to do so that we can enter into correspondence with you and answer your enquiry.
Social Media:
We use X (Twitter), Instagram and LinkedIn. If we use paid advertising on these platforms, we will only use custom audiences with your consent.
If you join our marketing list
We will collect your name and contact details so that we can send you Emails regarding the services we offer as well as content marketing we hope you will find useful. We use our legitimate interest to send you marketing messages unless you have opted out. You are welcome to unsubscribe at any time.
How long do we keep your personal data for?
If you have consented to non-essential cookies, we will process your data in line with our Cookie Policy and your choices presented to you when you view our website. You can update your preference on our Cookies Consent Management Platform.
Who do we share your personal data with?
Depending on your cookie choices, we share your personal data with various organisations such as marketing Agencies, analytic providers and advertising networks. Our webhosts assist us in managing the website and they may have access when you fill in our contact form.
We ensure that our systems are robust, and we will only share your data with organisations who have appropriate safeguarding mechanisms in place. We have Data Processing Agreements with our Data Processors and never sell personal data to third parties.
I am a business client.
We will process your name and contact details, as we have a legitimate interest to do so. This is so that we can fulfil our contract to your organisation and answer any enquires you may have.
How do we communicate with you?
Non-Marketing Communications include service messages, invoices, answers to enquiries and other communications to ensure that we deliver the services you have engaged us for.
If you are on our marketing list
If you are signed up for our email marketing service, we will collect your name and contact details so that we can send you information about the services we offer as well as content marketing we hope you will find useful.
We use our legitimate interest to send you marketing messages unless you have opted out. You are welcome to unsubscribe at any time.
How long do we keep your personal data for?
We will keep your personal data for as long as we have a contract with the organisation you work for and then for a further 7 years in accordance with HMRC guidelines. If you remain part of our active marketing list, we will keep your personal data until you opt out. At that point we will use a suppression list to ensure that we don’t contact you in error.
Who do we share your personal data with?
We share your personal data with various organisations so we can fulfil our contract with contract with the organisation you work for to help us run our business and to fulfil our legal obligations.
These include Marketing Agencies, Accountants, Webhosts. We also use Microsoft (365, Teams, Azure), Salesforce CRM, HubSpot CRM and Xero to ensure that we run our business efficiently.
We ensure that our systems are robust, and we will only share your data with organisations who have appropriate safeguarding mechanisms in place such as Standard Contractual Clauses or UK approved certification mechanisms. We have Data Processing Agreements with our data processors and never sell personal data to third parties.
I am a potential business client
If you are considering working with us, we will process your name and contact details, as we have a legitimate interest to do so. This is so that we can get to know you and your organisation’s needs.
How do we communicate with you?
Non-Marketing Communications include answers to enquiries, quotations and other communications to ensure we understand how we can support your organisation.
If you are on our marketing list
We may have contacted you by telephone if we think you would benefit from the services we offer. Your phone number will have been checked against the Corporate Telephone Preference Service (CTPS) before we call, and you are welcome to opt out at any time.
If you are signed up for our email marketing service, we will collect your name and contact details so that we can send you information about the services we offer as well as content marketing we hope you will find useful.
We use our legitimate interest to send you marketing messages unless you have opted out. You are welcome to unsubscribe at any time.
How long do we keep your personal data for?
We will keep your personal data for as up to seven years in accordance with HMRC guidelines. If your organisation becomes one of our clients, you can find more information about what will happen to your personal data here. If you remain part of our active marketing list, we will keep your personal data until you opt out. At that point we will use a suppression list to ensure that we don’t contact you in error.
Who do we share your personal data with?
We share personal data with various organisations so we can meet our responsibilities with the organisation you work for to help us run our business and to fulfil our legal obligations.
These include Marketing Agencies, Accountants, Webhosts. We also use Microsoft (365, Teams, Azure), Salesforce CRM, HubSpot CRM and Xero to ensure that we run our business efficiently.
We ensure that our systems are robust, and we will only share your data with organisations who have appropriate safeguarding mechanisms in place such as Standard Contractual Clauses or UK approved certification mechanisms. We have Data Processing Agreements with our data processors and never sell personal data to third parties.