Privacy Policy

Last Updated: 15th December 2025

1. Introduction

Welcome to Crestline Cybersecurity ("we", "our", or "us"). We are committed to protecting the privacy and security of your personal information. As a cybersecurity consultancy dedicated to defending the UK’s small businesses, charities, and faith-based organisations, we take the responsibility of handling your data as seriously as we take defending your digital infrastructure.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website crestlinecybersecurity.com or engage with our services.

2. Who We Are (Data Controller)

For the purposes of the UK General Data Protection Regulation (UK GDPR), the Data Controller is:

Crestline Cybersecurity Registered Address: Bryntirion House, Bridgend, CF31 4DX
Company Registration Number: 16865892
Email: privacy@crestlinecybersecurity.com

3. The Data We Collect

We may collect and process the following categories of data about you:

A. Information You Give Us

This is information you consent to give us by filling in forms on our website or by corresponding with us by phone, email, or otherwise. It includes:

  • Identity Data: Names, titles.

  • Contact Data: Email addresses, telephone numbers.

  • Organisational Data: The name of the business, charity, or faith-based organisation you represent.

  • Inquiry Data: Details about your specific cybersecurity needs or frustrations provided in message fields.

B. Information We Collect Automatically

When you visit our website, we may automatically collect:

  • Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting, operating system, and platform.

  • Usage Data: Information about how you use our website, pages viewed, and page response times.

4. How We Use Your Data

We will only use your personal data when the law allows us to. Most commonly, we use your personal data in the following circumstances:

  1. Performance of a Contract: To process a quote or deliver the cybersecurity services you have requested.

  2. Legitimate Interests: To manage our relationship with you, improve our website, and ensure the security of our own network.

  3. Legal Obligation: To comply with legal or regulatory requirements (e.g., tax and accounting).

5. specific Use Cases

  • To provide services: Assessing your cybersecurity needs and delivering consulting.

  • To communicate: Responding to your inquiries via our contact forms.

  • To improve: Analysing website traffic to understand which content serves our community best.

6. Data Sharing and Disclosure

We are aspiring to be a B Corp and believe in ethical transparency. We do not sell your data. We may share your data with:

  • Service Providers: Third-party companies who provide IT and system administration services (e.g., our website hosting provider or CRM system).

  • Professional Advisers: Lawyers, bankers, auditors, and insurers.

  • Legal Authorities: If required by law or to protect the rights and safety of Crestline Cybersecurity or others.

7. Data Security

As cybersecurity experts, we implement robust security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. We limit access to your personal data to those employees and partners who have a business need to know.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

9. Your Legal Rights

Under the UK GDPR, you have rights regarding your personal data, including:

  • Request access: Get a copy of the data we hold about you.

  • Request correction: Fix incomplete or inaccurate data.

  • Request erasure: Ask us to delete your data (the "Right to be Forgotten").

  • Object to processing: Challenge how we use your data.

  • Request restriction: Ask us to suspend processing.

  • Request transfer: Move your data to another party.

To exercise any of these rights, please contact us at privacy@crestlinecybersecurity.com.

10. Third-Party Links

Our website may include links to third-party websites, plug-ins, and applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Crestline Cybersecurity; Bryntirion House, Bridgend, CF31 4DX
Email: info@crestlinecybersecurity.com