GidiSync Privacy Policy

GidiSync is a cyber security consultancy and services provider based in the United Kingdom. We offer security architecture, risk management, and cloud governance solutions to organisations operating in regulated industries.

If you have questions about this policy or your personal data, you can contact us at:

Data Protection Officer
Email: dpo@gidisync.com
Subject line: "Data Subject Request – [Your Name]"

Identity Data: name, job title, organisation
Contact Data: email address, phone number, business address
Technical Data: IP address, browser type, device type, operating system
Usage Data: pages visited, referral source, time on site
Marketing Data: communication preferences and interaction with campaigns

We do not knowingly collect or process special category data unless legally required and with explicit consent.

• When you complete a form on our website
• When you communicate with us via email or phone
• When you subscribe to communications or download content
• When we enter into a service contract with you or your organisation
• Through cookies and analytics tools used on our website

Consent: when you have clearly agreed to processing
Contract: to perform a contract or take steps at your request
Legal Obligation: to comply with legal or regulatory duties
Legitimate Interests: to operate our business and communicate with clients, where your rights are not overridden

• Respond to your enquiries or requests
• Deliver agreed services to you or your organisation
• Manage client relationships and communications
• Send relevant marketing communications (with opt-out options)
• Analyse website traffic and improve our digital services
• Ensure security, fraud prevention, and regulatory compliance

• Encryption of data in transit and at rest
• Role-based access control and multi-factor authentication
• Regular security monitoring and audit logging
• Secure cloud infrastructure with UK/EEA hosting where possible
• Access to personal data is restricted to authorised personnel only.

We may share your personal data with trusted third parties, including:

• CRM and marketing providers (e.g., Mailchimp, Zoho, HubSpot)
• Cloud infrastructure services (e.g., Microsoft Azure, AWS)
• Subcontractors or freelancers engaged in delivering services
• Legal authorities where required by law

All vendors and partners are subject to data protection agreements.

If personal data is transferred outside the UK or EEA, we ensure safeguards such as:

• Transfers to countries with adequacy decisions
• Standard Contractual Clauses (SCCs) approved by the ICO
• Explicit consent for specific transfers where applicable

• Enquiry and marketing data: up to 24 months
• Client and contract records: duration of engagement plus six years
• Recruitment data: up to 12 months unless otherwise agreed

Data is securely deleted or anonymised when no longer required.

You have the right to:

• Request access to your personal data
• Correct inaccurate or outdated data
• Request deletion ("right to be forgotten")
• Restrict how we process your data
• Object to certain types of processing
• Receive your data in a portable format
• Withdraw consent where previously given
• Lodge a complaint with the ICO

To exercise your rights, email us with the subject line: "Data Subject Request – [Your Name]".

We keep records of consent, including date, method, and purpose. If consent is changed or withdrawn, we update our records and confirm this with the individual. Data processing based solely on consent will stop unless another lawful basis applies.

We do not actively collect children's data. If required in future, we will follow legal requirements including obtaining verifiable parental consent, maintaining secure records, and conducting periodic reviews.

Data subjects can revoke consent via email, online forms, or support channels. Instructions are included in all our privacy communications.

Our website uses cookies to improve performance and gain analytical insights. You can manage your cookie preferences in your browser settings. See our Cookie Policy for more detail.

This policy may be updated periodically. Changes will be posted on our website with the updated date. For significant updates, we will notify users by email or homepage banner.