Home Login Contact

Contact us...

+44 (0) 208 133 0242

Data GRC Privacy Notice and Cookie Notice

How we use personal data

This privacy notice explains how Data GRC Ltd (Registered in UK, number 10892418, 27 Old Gloucester Street, London, WC1N 3AX, UK) uses personal data.

We are Data Controllers (ICO registration number ZA284104) for the following processes:

More detail is provided about each process below.

visitor data privacy notice cookie notice
Employee Privacy Protection Strategy Partnership

If you visit our website

You can use our contact form to initiate business conversations with us. As a legitimate interest to maintain business relations, we retain this data for two years.

We retain anonymised data around your IP address, device settings, pages visited and time stamps to monitor website performance and to prevent and detect cybercrime.

Our website does not use Cookies, so we don't have a Cookie Notice.

People we work with

We're strong advocates of long term business relationships. We retain contact and business data of people we have or may work with, as a legitimate interest. We will delete data if requested by the individual or if the data is no longer relevant.

Employment with Data GRC

When individuals apply to work at Data GRC, as staff or contractors, we will use the information that is provided to assess the applicant. We will obtain consent before reqesting references or other background checks. We will delete data from unsuccessful candidates after 6 months.

For employees, we will maintain employee records for a variety of reasons including legal (e.g. Employment, AML and tax law), contract (e.g. bank details) and legitimate interest (e.g. performance reviews). After their employment, we will delete data that is no longer required after 7 years, and retain high level information that may be required for references or legal reasons.

We fully respect your rights to request that we:

If you wish to raise a privacy request or contact us about any another matter, please contact our Data Protection Office using the form below or by sending a letter to "Data Protection Office, Data GRC Ltd, 27 Old Gloucester Street, London, WC1N 3AX, UK".

When we receive a request, we will verify your identity, then normally complete our response within 1 month. We will retain details of your request as a legitimate interest, for quality assurance purposes and to ensure we continue to comply going forward.

Requests for "all data" will be deemed manifestly unfounded unless a reasonable purpose can be ascertained

You can also complain to the ICO if you are unhappy with how we have used your data. The ICOís address is: Information Commissionerís Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Their helpline number is UK 0303 123 1113 Their website is: https://www.ico.org.uk

Data Protection Policy
Technical GDPR_Assessment Training Change

Other Information

We only process personal data in the UK.

We only share personal data with third parties if they are processing that data on our behalf under written contract, or if required for legal or regulatory reasons. We will not sell or give away personal data.

If our website provides links to other websites, those websites are beyond our control. We encourage you to read the privacy notices on any other website you visit.

This privacy notice was drafted with brevity and clarity in mind. Please let us know if you would like more details.

We reserve the right to update our privacy notice and cookie notice at any time. We will notify affected Data Subjects of major amendments that affect their data.

Contact our Data Protection Office (DPO)

Call us or message us

+44 (0) 208 133 0242