Legal

Privacy Policy.

We ask that you read this Privacy Policy carefully as it contains important information on who we are, how and why we collect, store, use and share Personal Data, your rights in relation to your Personal Data and on how to contact us and supervisory authorities if you have a complaint.

Last Updated: April 2026

Who we are and what we do

Who we are

We are LEVERAGE LTD ("LEVERAGE CYBER", "us", "we", "our"). We are a limited company registered in England and Wales under registration number 16957460 and we have our registered office in the United Kingdom. We are registered with the UK supervisory authority, the Information Commissioner's Office ("ICO"), in relation to our processing of Personal Data.

What we do

LEVERAGE CYBER is a specialist cybersecurity consultancy based in the UK. We are committed to protecting the privacy and security of the Personal Data we process about you.

Controller

Unless we notify you otherwise, we are the controller of the Personal Data we process about you. This means that we decide what Personal Data to collect and how to process it.

Who this privacy notice applies to

This privacy notice applies to you if:

  • You visit our website
  • You purchase goods or services from us
  • You enquire about our products and/or services
  • You sign up to receive newsletters and/or other promotional communications from us

What Personal Data is

'Personal Data' means any information from which someone can be identified either directly or indirectly. For example, you can be identified by your name or an online identifier.

Personal Data we collect

The type of Personal Data we collect about you will depend on our relationship with you. For the type of Personal Data we collect see the table below in the section entitled 'Purposes, lawful bases and retention periods'. The personal information we collect about you may include (but is not limited to):

  • your name, business address and contact details including telephone number, job title and email address;
  • details of any feedback you give us by phone, email, post, submission of a form from our website or via social media;
  • information about the services we provide to you; and
  • technical data including Internet Protocol (IP) address details including your public browser type and version.

We use this personal information for various reasons including to:

How we collect your Personal Data

We collect personal information about you when you access our website, contact us, send us feedback, purchase services from us or complete customer surveys. We collect this personal information from you either directly, such as when you contact us or purchase services, or indirectly, such as your browsing activity while on our website (see "Cookies" below).

Purposes, lawful bases and retention periods

We may process your information on the following lawful bases and for the following purposes (including but not limited to):

Sharing your Personal Data

We may share your Personal Data with our carefully selected third parties, for example, we may use a supplier to provide services which support the services which we provide to you. In this case, we remain responsible for your personal data and will ensure we have a written agreement in place with any third party provider. We currently use third-party suppliers:

  • for invoice purposes
  • to set up direct debits and payments
  • for software for internal business purposes
  • for marketing and business development purposes

We may also share your Personal Data with:

International Transfers

Your Personal Data may be processed outside of the UK/EEA. This is because some of the organisations we use to provide our service may be based outside the UK/EEA or their servers and/or support services may be based outside the UK/EEA. We will only transfer your personal information from countries in the UK or EU/EEA to countries outside of the UK or EU/EEA where:

  • the transfer is to a country that the UK government/European Commission has determined ensures an adequate level of protection ("Adequacy");
  • an International Data Transfer Agreement (IDTA) or Standard Contractual Clauses have been put in place;
  • binding corporate rules have been implemented, where applicable; or
  • the transfer is otherwise permitted by law.

If you would like further information, please contact us (see 'How to contact us' below).

Cookies

A cookie is a small text file which is placed onto your device (e.g. computer, smartphone or another electronic device) when you use our website. Our website uses cookies. Please refer to our separate cookies policy to understand how we use cookies and how you can change your consent and preferences.

Your rights and how to complain

You have certain rights in relation to the processing of your Personal Data, including to:

You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk if you are unhappy with how we use your Personal Data. To exercise any of the above rights, please contact us (see 'How to contact us' below). We may need to verify your identity before responding to your request.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How to contact us

Please contact us if you have any questions about this Privacy Policy or the information we hold about you. If you wish to contact us, please write to our Data Protection Manager at: Data Protection Manager, LEVERAGE LTD, United Kingdom, or email hello@leveragecyber.io.