Last updated: July 2022
Name: i3Secure Ltd
Registration No. SC655454
Registered Office 33 Kittoch Street, East Kilbride, Glasgow, G74 4JW
Phone Number: 0330 133 2617
We are committed to protecting your personal information and you can be assured that it will only be used in accordance with this Privacy Notice. This Privacy Notice relates to our use of your personal information when we contact you or you make contact with us, in relation to our services.
In order to provide you with the full range of services, we sometimes need to collect information about you. This Privacy Notice explains the following:
We are committed to safeguarding your personal information. We are legally obliged to use your information in line with all applicable laws concerning the protection of personal information, these laws are referred to collectively in this Privacy Notice as “data protection laws”.
i3Secure is a UK-based Cyber Security, Information Security and Data Protection consultancy, focused on providing best-in-class, trusted services to a wide range of public sector and private sector customers. When we refer to ‘’we’’ or ‘’our”, we are referring to i3Secure Limited. Registered with the UK Information Commissioner’s Officer Registration Reference: ZB13145.
In order to provide you with services and communications suited to your needs, we require information about you. Typically, we collect this information directly from you as you use our website or other communication platforms. For the purposes mentioned in our Privacy Notice, we collect the following groups of information of you:
This may include your name, company, address, telephone number, email address, IP Address, location, Microsoft teams meetings & chat and other information that you provide to us. i.e., Applying for a role within i3Secure, CV, photographs, job history and qualifications, charitable involvement, live chat bot and HubSpot.
This may include information about your previous purchases of our services, your billing information, information about i3Secure events you have participated in, and feedback you have given us. Case References, studies, testimonials, newsletters, and videos.
Occasionally we may process personal information that has not been collected directly from you. All personal information is obtained from verified sources and will only be processed if a suitable legal basis has been established i.e., Quality Control. We use the following sources:
e.g., LinkedIn, Twitter etc.
We use your information in a manner which is consistent with the original purpose of collection. For instance, we may send information about our services to existing customers whose contact information we have obtained over the course of our customer relationship with them. We may also send marketing campaign emails to persons who have expressed an interest in our services, or whom we believe to otherwise be directly interested in our products or services in line with the Privacy and Electronic Communications Regulations 2003.
We collect and use your personal information for our legitimate business purposes of communicating with you, to help with your enquiries, fulfilling your requests for services and/or for fulfilling contract purposes. We have completed a comprehensive assessment and implemented measures to ensure our interests do not affect your right to privacy.
Applying for a job you may provide us with information about reasonable adjustments you require under the Equality Act 2010 the lawful basis we rely on for processing this information is article 6(1)(c) of the UK GDPR to comply with our legal obligations under the Act. Any business opportunity, documentation or agreeing to consent to participate in literature relating to or the Company’s actual or anticipated business opportunities belongs to the Company.
We will hold your personal information on our systems for as long as is necessary to maintain our relationship. Unless you choose to withdraw your personal details before this time, your personal data will be held in accordance with our data retention policy, unless required to be retained by law. A periodic review will be carried out to ensure all information held remains relevant, accurate and up to date.
We will keep your information within i3Secure and will only share it where you have requested it, required by law, or given your consent. We use data processors who are third parties that provide elements of services for us. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct. We may also share your information across the i3 Group and its commercial subsidiaries, where this is necessary to provide you with a service you have requested:
Information relating to your basic identification, contact details and information about your customer relationship with us may be shared for the purposes of Sales and Marketing.
Our data is processed using Microsoft Office and SharePoint Online, SharePoint onPrem, TEAMS, Outlook, and OneDrive. i3Secure stores data in the cloud, within UK based Data Centres.
The UK now controls our own data protection legislation and regulations (since Brexit). We ensure our data protection regime is as good as it can be in line with the governments Ten Tech Priorities. We fully support a world-leading digital economy and society whilst underpinning the trustworthy use of data.
We may transfer personal information to countries outside of the United Kingdom (“UK”), which may not have the same data protection laws as those of the UK. Where we transfer personal information to countries outside of the UK, we will take appropriate steps to ensure the personal information is afforded the same level of protection as described in our Privacy Notice(s). We rely on adequacy decisions or any adequate data transfer mechanisms adopted by the European Commission or a supervisory authority for transfers outside of the UK in line with Section 109 of the Data Protection Act 2018.
Under the UK General Data Protection Regulation (UK GDPR), the lawful basis we rely on for processing this information are:
(a) Your consent. You are able to remove your consent at any time. You can do this by contacting DPOaaS@i3Secure.co.uk
(b) We have a contractual obligation.
(c) We have a legal obligation.
(d) We have a vital interest.
(e) We need it to perform a public task.
(f) We have a legitimate interest.
When you interact with our website, we try to make that experience straightforward and meaningful. Cookies are small pieces of information that are issued to your computer or mobile device when you visit a website and that store and sometimes track information about your use of the website.
Some Cookies are strictly necessary to make our website available to you (“Essential Cookies”). For example, to remember your consent and privacy choices. We cannot provide our Services without these Essential Cookies.
A banner is displayed giving a) clear information about the purpose, storage & access to the cookie and b) has given consent in line with Article 4(11) of the UK GDPR, before it captures data.
Further information can be in our cookies policy here.
We keep analytics data for 14 months from a visitor’s last visit.
The General Data Protection Regulations (UK GDPR) provides the following rights to individuals:
The right of obtaining information about your personal data is a fundamental right under data protection law, unless prohibited by law.
If you wish to exercise your rights please contact our DP mailbox DPOaaS@i3Secure.co.uk.
In relation to certain rights, we may ask you for information to confirm your identity, in line with the Information Commissioners Guidelines and, where applicable, to help us to search for your personal information.
The UK GDPR states that we must respond to your request within one month of receiving your verified request unless our assessment of your request concludes to be complex. If that is the case, we will notify you without undue delay. The following section explains how you can access your rights
You have the right to request a copy of the personal information that we hold about you, unless prohibited from release by law. This is known as a Data Subject Access Request (DSAR). If you wish to request a copy of your personal information please address requests to the email address below.
The accuracy of your information is important to us. If you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date, please contact us using the email address below.
You may ask for your personal information to be removed from our systems. Unless there is a reason that the law allows us to use your personal information for longer, we will make reasonable efforts to comply with your request. You may also ask us to restrict processing your personal information in the following situations:
In these situations, we may only store your personal information and not further process whilst the restriction is in place. Unless we have your consent or are legally permitted to do so, for example to protect the rights of another individual or company or in connection with legal proceedings.
This right allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability. The right only applies to information an individual has provided to i3Secure, have the consent of the individual or we have refused under the grounds that we are required to retain the personal data for the performance of a contract. We can transmit personal data in structured, commonly used, and machine-readable formats using secure methods to transmit personal data from one Data Controller to another Data Controller. Portability does not apply where the personal data is required to be retained for a legal obligation or in our public task
If you wish to exercise any of these rights please address your request to i3Secure DPOaaS@i3Secure.co.uk We will endeavour to complete your request as swiftly and diligently as possible and in line with regulatory timescales.
If you are unhappy with the handling of your Data Subject Rights Request you can request a review within 40 working days of receiving your initial response. If you wish to do this, you must do so in writing, identifying the decision that you wish to be reviewed or the aspect of the handling of your request that you are unhappy with. Please address your request for review to:
The Data Protection Officer
Via email: DPOaaS@i3Secure.co.uk
If you are dissatisfied with the outcome of any review carried out by i3Secure in relation to information that we hold about you, you may wish to appeal to the UK Information Commissioner (ICO) who oversees the UK General Data Protection Regulations. If you wish to do this, please write to the Information Commissioner’s Office as soon as possible after receiving the outcome of your review.
The Information Commissioner’s Office can also give you general information and advice about your rights to access information that is about you, and they can be contacted at:
Information Commissioner’s Office
Telephone Number: 0303 123 1113
We have also recently linked up with TechVets and Turn to Starboard. TechVets is a bridge for service leavers, reservists, and their families into Information Technology careers. “Turn To Starboard” is a registered charity that uses sail training to support Armed Forces personnel affected by military operations, but also NHS workers and other Emergency Services too. For more information check out their website: https://www.turntostarboard.co.uk/.
If we wish to use your personal data for a new purpose, not covered by our Privacy Notice(s), we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where necessary, we will seek your prior consent to the new processing.
The use of any of i3Secure Ltd logos on any document or in association with any information signifies that the document or information has been prepared or approved by i3Secure Ltd. Use of any of i3Secure Ltd logos without i3Secure Ltd consent infringes the copyright held in respect of the logos. No permission will be granted for the use of the logos nor will reproduction of the logos in any form be allowed unless i3Secure determines that:
Unless otherwise stated i3Secure owns the copyright in all material on this site.
This Privacy Notice may be updated from time to time so you may wish to check it each time you submit personal information to us. The date of the most recent revisions will appear on this page. If material changes are made to our Privacy Notice(s), for instance affecting how we would like to use your personal information, we will provide a more prominent notice.
If you have any questions or comments regarding the content of this Privacy Notice, please contact DPOaaS@i3Secure.co.uk.
The Data Protection Officer i3Secure Limited
62, Queen Square
Email : DPOaaS@i3Secure.co.uk