Privacy Policy

  • Last updated February 24, 2026

Last updated: 23 February 2026

Business Name: Pracsys

Legal Entity: Pracsys Security Consulting Ltd.

1. Introduction

Pracsys is committed to protecting your personal data and respecting your privacy.

This Privacy Policy explains how we collect, use, store, and protect your personal information when you:

  • Visit our website
  • Contact us
  • Use our services
  • Subscribe to communications
  • Engage with us as a client or supplier

We process personal data in accordance with:

  • The UK General Data Protection Regulation (UK GDPR)
  • The Data Protection Act 2018
  • The Privacy and Electronic Communications Regulations (PECR)

2. Who We Are (Data Controller)

For the purposes of data protection law, Pracsys is the data controller of the personal data you provide.

Contact details:

  • Email: contact@pracsys.co.uk
  • Registered Address: 1 Park Road, Hampton Wick, Kingston Upon Thames, KT1 4AS, United Kingdom

3. What Personal Data We Collect

Depending on how you interact with us, we may collect:

Contact Information

  • Name
  • Email address
  • Telephone number
  • Company name

Business Information

  • Job title
  • Business sector
  • Security-related requirements you share with us

Technical Information

  • IP address
  • Browser type
  • Device type
  • Website usage data (via cookies or analytics tools)

Contractual & Service Data

  • Invoices and billing details
  • Communications related to service delivery
  • Risk assessments or business information shared during consultancy engagements

We do not intentionally collect special category data unless required as part of a contracted engagement.

4. How We Use Your Data

We use your data to:

  • Respond to enquiries
  • Provide contracted services
  • Send proposals or quotations
  • Manage client relationships
  • Issue invoices and manage payments
  • Improve our website and services
  • Comply with legal or regulatory obligations

We do not sell personal data.

5. Lawful Basis for Processing

Under UK GDPR, we rely on the following lawful bases:

  • Contract – to provide agreed services
  • Legitimate Interests – to respond to enquiries and improve our services
  • Legal Obligation – for accounting and regulatory compliance
  • Consent – where required (e.g., marketing communications or certain cookies)

6. Marketing Communications

We will only send marketing communications if:

  • You have requested information from us
  • You are an existing client (and we offer relevant services)
  • You have given consent

You can unsubscribe at any time.

7. Data Sharing

We may share data with:

  • Professional advisers (accountants, legal advisers)
  • IT service providers (hosting, email, cloud storage)
  • Payment processors

All third parties are required to protect your data appropriately.

We do not transfer personal data outside the UK unless appropriate safeguards are in place.

8. International Transfers

If personal data is transferred outside the UK, we ensure:

  • Adequacy regulations apply; or
  • Standard contractual clauses are in place; or
  • Equivalent legal safeguards are implemented.

9. Data Retention

We retain personal data only for as long as necessary:

  • Enquiry data: up to 12 months
  • Client contractual data: typically 6 years (for accounting/legal purposes)
  • Marketing consent records: until withdrawn

We securely delete or anonymise data when no longer required.

10. Data Security

We implement appropriate technical and organisational measures, including:

  • Access controls
  • Encryption where appropriate
  • Secure hosting environments
  • Regular security reviews

As a cyber security consultancy, data protection is integral to how we operate.

11. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion (where applicable)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent (where applicable)

To exercise your rights, contact: contact@pracsys.co.uk

12. Cookies

Our website may use cookies to:

  • Improve performance
  • Understand visitor behaviour
  • Ensure basic functionality

You can manage cookies through your browser settings.

If required under PECR, we will provide a cookie banner for consent.

13. Complaints

If you are unhappy with how we handle your data, you may contact:

Information Commissioner’s Office (ICO)
https://www.ico.org.uk
Telephone: 0303 123 1113

14. Changes to This Policy

We may update this Privacy Policy periodically. The latest version will always be published on our website.