Privacy Policy

Last updated: January 2024

1. Information We Collect

When you engage our penetration testing services, we may collect:

  • Contact Information: Name, email address, phone number, company details
  • Technical Information: Network details, system configurations, vulnerability data (only as required for testing)
  • Communication Records: Correspondence related to our services
  • Website Usage: Analytics data from website visits (anonymized)

2. How We Use Your Information

We use collected information solely for:

  • Providing professional penetration testing services
  • Generating security assessment reports
  • Communicating about project progress and findings
  • Maintaining records for professional compliance
  • Improving our service quality

3. Data Security & Confidentiality

As cybersecurity professionals, we implement industry-leading security measures:

  • Encryption: All client data encrypted in transit and at rest
  • Access Controls: Strict role-based access to client information
  • Secure Storage: Data stored on hardened, monitored systems
  • Data Minimization: We collect only what's necessary for testing
  • Secure Disposal: Secure deletion of test data post-engagement

4. Data Sharing & Disclosure

We do not sell, trade, or share your personal information except:

  • With your explicit written consent
  • As required by law or legal process
  • To protect against fraud or security threats
  • With trusted subcontractors under strict confidentiality agreements

5. Data Retention

We retain client data only as long as necessary:

  • Project Data: Securely deleted within 90 days of project completion
  • Business Records: Maintained for 7 years for compliance purposes
  • Marketing Data: Until you opt-out or request deletion

6. Your Rights

Under GDPR and UK data protection laws, you have the right to:

  • Access your personal data
  • Correct inaccurate information
  • Request deletion of your data
  • Object to processing
  • Data portability
  • Withdraw consent

7. Cookies & Tracking

Our website uses minimal, essential cookies for:

  • Basic website functionality
  • Anonymous analytics (Google Analytics)
  • Security monitoring

We do not use tracking cookies for advertising or third-party marketing.

8. International Transfers

Your data is processed within the UK. Any international transfers are protected by:

  • Adequacy decisions
  • Standard Contractual Clauses
  • Binding Corporate Rules

9. Contact Information

For any privacy-related questions or to exercise your rights:

Email: privacy@espiar.co.uk

Data Protection Officer: security@espiar.co.uk

Address: Manchester, United Kingdom

10. Updates to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify you of significant changes via email or website notice.

Back to Home