CyberShelter will operate as a Data Controller regarding any Personal Identifiable Information (PII) we gather from you.



This policy sets out the following;


  • The type of Data we collect

  • How we use your Personal Data

  • When, and How we share that Data

  • How we protect your Personal Data

  • Your rights and choices regarding your Data



Types of Data


In order to carry out work on your behalf we may need the following information;


  • Your Business Name and Address

  • Information regarding your business

  • Financial and Banking and related Information in order to create a credit reference



Data Usage


We use this data in order to;


  • Carry out contracted work set out in our letters of engagement

  • Prepare documentation for the relevant authorities as and when required by UK Law



Sharing Your Data


In order to carry out contracted work we may host some of your data with online services used by us in order to carry out our day to day business. Although your Data may be hosted with one or more of these services no Data Processing is carried out by them at any time. For instance we may use an online (encrypted) backup service or an online accounting package in order to prepare invoices and government required taxation information.



All our supplied services services have been checked for GDPR compliance and relevant GDPR compliance certificates are stored at CyberShelter




We may also share your Data if;


  • The Law or a public authority says we must share that data

  • If we need to share data in order to establish or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk)

  • to any other successors in title to our business



How we protect your Data


We use computer safeguards such as firewalls and data encryption and we enforce physical access controls to our building and files to keep this data safe. We only authorise access to your data for employees who need it in order to carry out their job responsibilities


  • We protect your data in transit by using Secure Sockets Layer (SSL) or other encryption technologies unless specifically asked by you, the client, to do otherwise.

  • We enforce physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your information. We may, on occasion, ask for proof of identity before sharing your data with you


Whilst we take appropriate technical and procedural measures to safeguard your data please be aware that we cannot guarantee the security of any data that you transfer over the internet to us


Your Data will never be transferred to or stored at a  destination outside the European Economic Area (EEA).


Your Rights and Choices


You have the right to see the personal data we hold about you, under the GDPR this is called a subject access request. If you wish to see this data then please inform us in writing via our email address,


Please inform us if you believe any of the data we hold regarding you is inaccurate and we will update that data accordingly.


You also have the right to ask us to delete all personal data we hold about you. Again please submit this request via email.