top of page

Privacy Policy

Untitled design_edited.jpg

Effective Date:  6 Dec 2025


Last Updated: 6 Dec 2025

1. Introduction

At Insider Threat Limited® (“we”, “us”, or “our”), we are committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, share, and protect your information when you visit our website (“Site”), contact us through our forms, or subscribe to our blog and marketing updates. By accessing or using our Site, you agree to this Privacy Policy. If you do not agree, please refrain from using the Site.

2. What Information Do We Collect?

We collect the following information directly from you when you interact with our Site.

Contact Form Information

When you submit an enquiry through our contact form, we may collect:

  • First name, surname, company name, business email, services of interest, and the details of your enquiry or message.

Blog and Marketing Signup Information
When you choose to receive updates from us, we collect:

  • First name, surname, email address, and your consent to the statement: “I agree to receive monthly blog updates, intelligence insights, and occasional marketing communications from Insider Threat Limited®”.

Automatically Collected Information

When you visit our website, we may collect:

  • IP address, browser type, device type, operating system, pages visited, time spent on our Site, referring URLs, and general interaction data.


This is collected through cookies and similar tracking technologies.

Hosting and Platform Information

All website data is hosted securely on Wix servers. Wix may also collect and process certain data in accordance with its own GDPR compliance framework.

3. How Do We Process Your Information?

We use the information we collect for the following purposes:

  • To respond to your enquiries. Information submitted through our contact form enables us to respond to your queries, provide relevant service information, and manage potential client relationships.

  • For blog and marketing updates. Blog and marketing signup details are used to send monthly blog updates, intelligence insights, and occasional marketing communications. You can opt out at any time using the unsubscribe option in our communications or by contacting us through the Site.

  • To improve our website. Automatically collected data helps us monitor performance, enhance security, and improve usability and content.

  • We do not use your data for automated decision making or profiling.

  • Where appropriate, personal data submitted through our website may be securely transferred to our internal systems for legitimate business purposes, including enquiry management, service delivery, and compliance documentation.

  • We maintain enterprise level security controls to protect data integrity and confidentiality throughout all processing activities.

Our Security Framework Includes:

 

  • Access controls with multi factor authentication for authorised personnel.

  • TLS encryption for data in transit and AES 256 encryption for data at rest.

  • Compliance with UK GDPR and the Data Protection Act 2018.

4. When and With Whom Do We Share Your Information?

We do not sell, lease, or share your personal information for third party marketing purposes.

We may share information with service providers such as Wix, who host and process data solely to operate and secure our Site, and with legal authorities where disclosure is required by law or necessary to protect our business, users, or rights.

All third party processors operate under strict data protection arrangements consistent with UK GDPR.

5. How Long Do We Keep Your Information?

We retain personal information only for as long as necessary to fulfil the purposes outlined in this Privacy Policy or as required by law.

Contact form submissions are retained for up to 12 months.


Blog and marketing subscription information is retained until you unsubscribe or request deletion.

Data is securely erased or anonymised once it is no longer required for these purposes.

6. How Do We Protect Your Information?

We employ layered, enterprise level security controls to protect all personal data processed through our website and internal systems.

Key measures include TLS and HTTPS encryption, AES 256 encryption for data stored at rest, DDoS protection and monitoring through Wix cloud infrastructure, and internal alignment with Cyber Essentials and ISO 27001 practices.

7. What Are Your Privacy Rights?

Under UK GDPR, you have the right to access your personal data, rectify inaccurate or incomplete data, request deletion of your data where legally permitted, restrict or object to certain processing, and request data portability.

To exercise any of these rights, please contact us through our website contact form and select “Other” from the drop down menu, clearly stating that your request relates to data protection or privacy.

8. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in law, regulation, or our practices. Any updates will be posted on this page with a revised “Last Updated” date.

9. Contacting Us About This Notice

If you have questions, concerns, or would like to exercise your privacy rights, please contact us through our website enquiry form and select “Other” from the options available. All data protection requests will be handled securely and in accordance with UK GDPR.

10. Cookies and Tracking Technologies

Our Site uses cookies to support usability, essential functionality, and website analytics. For more details on how we use cookies and how you can manage them, please see our Cookie Policy and adjust your preferences through the cookie banner displayed on our Site.

bottom of page