top of page

Privacy Policy

Untitled design_edited.jpg

Effective Date:  10 Oct 2025
Last Updated: 10 Oct 2025

1. Introduction

At Insider Threat Limited® (“we”, “us”, or “our”), we are committed to protecting the privacy and security of your personal information.

This Privacy Policy explains how we collect, use, share, and protect your information when you visit our website (“Site”), contact us through our forms, or subscribe to our newsletter.

By accessing or using our Site, you agree to this Privacy Policy. If you do not agree, please refrain from using the Site.

2. What Information Do We Collect?

We collect the following information directly from you when you interact with our Site:

Contact Form Information:
First name, surname, company name, business email, business contact number, services of interest, and your enquiry.

Newsletter Signup Information: 

Name and email address.

Automatically Collected Information: 

When you visit our website, we may collect your IP address, browser type, device type, pages visited, time spent on our Site, and referring URLs through cookies and similar tracking technologies.

Hosting and Platform Information:


All website data is hosted securely on Wix servers. Wix may also collect and process certain data in accordance with its own GDPR compliance framework. For more information, visit Wix GDPR Compliance.

3. How Do We Process Your Information?

We use the information we collect for the following purposes:

  • To respond to your enquiries: Information submitted through our contact form enables us to respond to your queries and provide relevant service information.

  • For marketing and updates: Newsletter signup details are used to send updates, insights, and marketing communications. You can opt out at any time.

  • To improve our website: Automatically collected data helps us monitor and improve performance and usability.

We do not use your data for automated decision-making or profiling.

Where appropriate, personal data submitted through our website may be securely transferred to our internal systems for legitimate business purposes, including client enquiry management, service delivery, and compliance documentation.

We maintain enterprise-grade security controls to protect data integrity and confidentiality throughout all processing activities.

Our Security Framework Includes:

  • Access Controls: Data access is limited to authorised personnel and protected with multi-factor authentication (MFA).

  • Encryption: TLS encryption for data in transit and AES-256 encryption for data at rest.

  • Governance: Adherence to Cyber Essentials, ISO 27001, and NIST 800-53 Rev 5 standards.

  • Regulatory Compliance: All data handling aligns with the UK GDPR and the Data Protection Act 2018.

These measures ensure the confidentiality, integrity, and availability of all collected data.

4. When and With Whom Do We Share Your Information?

We do not sell, lease, or share your personal information for marketing purposes.

We may share information with:

  • Service Providers: Wix or equivalent partners who host and process data solely to operate our Site.

  • Legal Authorities: Where disclosure is required by law or necessary to protect our business, users, or rights.

All third-party processors operate under strict data protection agreements.

5. How Long Do We Keep Your Information?

We retain personal information only for as long as necessary to fulfil the purposes outlined in this Privacy Policy or as required by law.

  • Contact form submissions: Retained for up to 12 months.

  • Newsletter information: Retained until you unsubscribe or request deletion.

Data is securely erased once no longer required.

6. How Do We Protect Your Information?

We employ layered, enterprise-level security controls to protect all personal data processed through our website and internal systems.

Key Measures Include:

  • TLS and HTTPS encryption for all web traffic.

  • AES-256 encryption for data stored at rest.

  • DDoS protection and ongoing monitoring via Wix’s cloud infrastructure.

  • Cyber Essentials and ISO 27001 alignment for internal data handling and management practices.

For more details on Wix’s data protection measures, see the Wix Security Overview.

7. What Are Your Privacy Rights?

Under UK GDPR, you have the right to:

  • Access your personal data.

  • Rectify inaccurate or incomplete data.

  • Erase personal data where legally permitted.

  • Restrict or object to processing.

  • Request data portability in a structured, machine-readable format.

To exercise any of these rights, please use our website contact form, selecting “Data Protection and Privacy Enquiry” from the drop-down menu.

8. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in law, regulation, or our practices.
Any updates will be posted on this page with a revised “Last Updated” date.

9. Contacting Us About This Notice

If you have questions, concerns, or would like to exercise your privacy rights, please contact us through our website enquiry form, selecting “Other” from the options available.

All data protection requests will be handled securely and in accordance with the UK GDPR.

10. Cookies and Tracking Technologies

Our Site uses cookies to enhance usability and gather website analytics.


For more details on how we use cookies and how you can manage them, please see our Cookie Policy.

bottom of page