North Signal

Privacy Policy

This site uses cookies to improve your experience. By continuing, you accept our use of cookies. Learn more.

Last updated: 1 August 2025

1. Who We Are

North Signal (“we”, “our”, or “us”) is a UK-based IT consultancy providing services including IT strategy, compliance, cybersecurity, and fractional CTO leadership.

Our registered domain is: northsignal.co.uk

2. What This Policy Covers

This Privacy Policy explains:

  • What personal data we collect
  • Why and how we collect it
  • How we store and protect it
  • Your rights under data protection law

We are committed to handling your data lawfully, fairly, and transparently.

3. Personal Data We Collect

We may collect the following information:

a) Information you provide to us:

  • Name, email address, phone number
  • Company name, job title
  • Project or service enquiries
  • Any details you provide via our contact forms, email, or phone

b) Automatically collected data:

  • IP address and browser information
  • Pages visited and interactions on our website
  • Cookies and tracking technologies (see Section 9)

4. How We Use Your Information

We process your data to:

  • Respond to your enquiries or service requests
  • Provide and manage contracted services
  • Send service-related communications
  • Meet our legal and regulatory obligations
  • Improve our website and services

We do not sell your data or share it with third parties for marketing.

5. Legal Bases for Processing

Under UK GDPR, we rely on the following legal bases:

  • Consent – when you voluntarily submit your data via forms or emails
  • Contract – to fulfil service agreements or proposals
  • Legal obligation – for tax, audit, or regulatory reasons
  • Legitimate interest – for business operations such as communication or IT security, where your rights do not override our interests

6. Data Sharing and Transfers

We may share your data with trusted third parties who help us deliver our services (e.g. cloud hosting, analytics, or email platforms), under strict confidentiality and data processing agreements.

Your data may be stored or processed outside the UK or EEA, but we ensure all transfers meet UK adequacy and safeguarding requirements.

7. Data Retention

We retain personal data only as long as necessary for the purpose collected. This generally means:

  • Enquiries: up to 12 months
  • Clients: up to 6 years for contract/accounting purposes
  • Mailing lists: until you unsubscribe or withdraw consent

8. Your Rights

You have the following rights under UK GDPR:

  • Access your data
  • Correct inaccurate or incomplete data
  • Request erasure (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability
  • Withdraw consent (where applicable)
  • Lodge a complaint with the Information Commissioner’s Office (ICO)

To exercise any of your rights, contact us

9. Cookies & Tracking

Our website uses cookies.

For more information please see our dedicated Cookie Policy Page

You can adjust cookie settings in your browser. For more information see: https://allaboutcookies.org/how-to-manage-cookies

10. Data Security

We apply appropriate technical and organisational measures to keep your data safe, including:

  • Secure servers and encrypted communications
  • Access control and password protection

11. Changes to This Policy

We may update this Privacy Policy periodically. The latest version will always be available on our website. We encourage you to review it regularly.