We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
This notice was last updated on Monday August 2nd, 2021, and complies to the UK GDPR, underpinned by the UK law the Data Protection Act (2018), and regulated by the UK ICO (Information Commissioners Office).
Our scope is all data subjects, whose personal data is collected, in line with the requirements of the UK GDPR.
The Data Protection Officer (DPO) is responsible for ensuring that this notice is made available to data subjects prior to Sophistec Limited collecting and/or processing their personal data.
All associates and employees of Sophistec Limited who interact with data subjects are responsible for ensuring that this privacy notice is drawn to the data subject’s attention and their consent to the processing of their personal data is secured.
Sophistec Limited provides Information Security Consultancy by understanding the business mission, goals, strategies, and objectives communicated by senior Management then review the alignment with current information security controls, ecosystem, policies, procedures, and standards to identify gaps, consider risks, undertake tests, analyse results, and provide recommendations to improve Information Security for greater alignment.
Sophistec Limited, is registered in England and Wales, under company registration number 07405541.
Sophistec Limited collects and processes certain personal information about you.
When we do so we are regulated under the UK General Data Protection Regulation, which is underpinned by the Data Protection Act (2018)
We are responsible as the data controller & data processor (UK GDPR Articles 24-30) for all personal information collected for the purposes of those laws. The Data Protection Officer (DPO) is Mark Evans of Sophistec Limited, Bristol & Bath Science Park, Emerson’s Green, Bristol, England, BS16 7FR.
Sophistec Limited can be contacted via email dpo @ sophistec.co.uk or by phone on 0845 2668 430.
Lawful bases for processing of personal data:
The lawful bases for processing are set out in Article 6 of the UK GDPR. At least one of these must apply whenever Sophistec Limited processes your personal data:
You can find more about the UK GDPR lawful bases here or by visiting www.ico.org.uk
How we use your personal information
Sophistec Limited uses your personal information:
The personal data you have provided, we have collected from you, or we have received from third parties includes but is not limited to:
Who we share your personal information with?
Where relevant, given the nature of the Information Security Consultancy services provided to you by Sophistec Limited, we may also share your personal data with the following categories of third parties:
We would always inform you ahead of acting on any instructions to proceed with any of our services, should this be the case.
This data sharing enables Sophistec Limited to supply the above Information Security Consultancy services to you in a professional and timely manner, whilst undertaking quality control & regulatory compliance procedures. Furthermore, it ensures compliance with all necessary UK GDPR & Data Protection Act (2018) lawful requirements.
Sophistec Limited will share personal information with law enforcement or other authorities if required by applicable law.
The provision of certain personal data including (but not limited to) contact name, registered address, email address & telephone number is required from you. This enables Sophistec Limited to provide our Information Security Consultancy services to you.
We will inform you at the point of collecting information from you, whether you are required to provide this and any other additional information to us.
Under the UK GDPR, Data Protection Act (2018) and ICO guidance you have several important rights free of charge. At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the Information Commissioner’s Office (ICO) on individuals rights under the UK General Data Protection Regulation.
If you would like to exercise any of those rights, please:
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator (e.g., ICO) of a suspected data security breach where we are legally required to do so.
If you want detailed information from, Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses, and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
Sophistec Limited only use non-personal data essential cookies on this website to track the performance of the website via Google Analytics. This non personal data helps us to understand how to improve the website content for the benefit of all users. If you want to block cookies, then you can do this through your browser via the help function. You can also visit www.aboutcookies.org for further guidance.
We hope that we can resolve any query or concern you raise about our use of your personal data.
The UK General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioners Office (ICO) who may be contacted here or by telephone on 0303 123 1113.
This privacy notice was last reviewed and published on Monday August 2nd, 2021.
Sophistec Limited is a UK based limited company, registered in England & Wales, under company registration number 07405541. We only provide our Information Security Consultancy services to UK based data subjects.
We may change this privacy notice from time to time, when we do, we will inform you via email and/or our company website.
Please contact us if you have any questions about this privacy notice or the information, we hold about you.
The Data Protection Officer (DPO) is Mark Evans.
If you wish to contact us, please send an email to dpo @ sophistec.co.uk or write to Mark Evans of Sophistec Limited, Bristol & Bath Science Park, Emerson’s Green, Bristol, England, BS16 7FR or call 0845 2668 430.