Legal

Privacy Policy

How Prospera Security Consultancy collects, uses, and protects your personal data.

Last updated: 19 March 2026

1. Who We Are

Prospera Security Consultancy is a trading name of Prospera Consultancy Ltd, a private limited company registered in England and Wales.

  • Company number: 15178181
  • Registered address: 34 Boulevard, Weston-Super-Mare, North Somerset, BS23 1NF
  • Website: prosperasecurityconsultancy.com
  • Contact: via our contact page
  • ICO registration number: [ICO REGISTRATION NUMBER]

We are the data controller for personal data collected through this website and our services.

2. What Data We Collect

Enquiry and contact data

When you submit an enquiry through our contact form or contact us directly, we collect:

  • Your name
  • Email address
  • Telephone number (if provided)
  • The content of your message
  • Any additional information you choose to share

Technical data

We may collect technical information when you visit our website, including your IP address, browser type, device type, pages visited, and the date and time of your visit. This data is collected via analytics tools and is used in aggregate form only.

Data you provide directly

If you engage Prospera Security Consultancy for services, we will collect further information relevant to delivering those services. This will be covered in a separate data processing agreement or engagement letter.

3. How We Use Your Data

We use the data we collect to:

  • Respond to your enquiries and provide the services you have requested
  • Communicate with you about your engagement with us
  • Comply with legal and regulatory obligations
  • Improve the performance and usability of our website
  • Protect the security and integrity of our operations

We do not use your personal data for automated decision-making or profiling.

4. Legal Basis for Processing

We process your personal data under the following lawful bases as set out in UK GDPR:

  • Legitimate interests — responding to enquiries and operating our business
  • Contractual necessity — processing data necessary to deliver services you have engaged us for
  • Legal obligation — where we are required by law to process your data
  • Consent — where you have explicitly agreed, such as opting in to receive communications

5. How We Share Your Data

We do not sell, rent, or trade your personal data. We may share your data only in the following limited circumstances:

  • With trusted third-party service providers who support our operations (such as email hosting, analytics, or website infrastructure), under strict data processing agreements
  • Where required by law, court order, or regulatory authority
  • In connection with the protection of our legal rights

Any third parties with whom we share data are required to handle it in accordance with UK GDPR and applicable data protection law.

6. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law.

  • Enquiry data: retained for up to 24 months from the date of last contact, unless an ongoing engagement requires longer retention
  • Client engagement data: retained in accordance with our legal and contractual obligations, typically up to 7 years
  • Website analytics data: retained as per the settings of the relevant analytics platform (see our Cookies Policy)

7. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access — you may request a copy of the personal data we hold about you
  • Right to rectification — you may ask us to correct inaccurate data
  • Right to erasure — you may request deletion of your data in certain circumstances
  • Right to restrict processing — you may ask us to limit how we use your data
  • Right to data portability — you may request your data in a structured, machine-readable format
  • Right to object — you may object to processing based on legitimate interests
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, please contact us via our contact page. We will respond within one calendar month.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe your data has been handled unlawfully.

8. Data Security

We take the security of your personal data seriously. We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, destruction, or disclosure. Access to personal data within our organisation is restricted on a need-to-know basis.

While we take all reasonable steps to protect your data, no transmission over the internet can be guaranteed to be completely secure.

9. Cookies

Our website uses cookies. For full details of the cookies we use and how to manage them, please see our Cookies Policy.

10. International Transfers

We aim to keep your data within the UK and the European Economic Area (EEA). Where we use third-party services that may transfer data outside these areas, we ensure appropriate safeguards are in place in accordance with UK GDPR, such as standard contractual clauses or adequacy decisions.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The current version will always be available on this page, with the date of last update shown at the top. We recommend reviewing this page periodically.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us via our contact page or write to us at:

Prospera Consultancy Ltd
34 Boulevard
Weston-Super-Mare
North Somerset
BS23 1NF