Privacy Policy

This Privacy Policy explains how Recal Cyber Ltd ("we", "our", "us") collects, uses, and protects information when you visit recalcyber.com or interact with us through this site.

We are committed to handling personal data lawfully, transparently, and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

Recal Cyber Ltd is a company registered in England and Wales (company number 14728392). Our registered office is at Vicarage Court, 160 Ermin Street, Swindon, England, SN3 4NE.

For the purposes of UK GDPR, Recal Cyber Ltd is the data controller for personal information collected through this website.

2. What information we collect

Information you give us

When you submit our contact form, we collect the information you provide, which may include:

• Your name
• Your email address
• Your company name (if provided)
• The contents of your message and any enquiry details

Information collected automatically

When you visit our website, our hosting provider (Netlify) automatically processes certain technical information from your browser as part of delivering the site to you. This includes:

• Your IP address (used to route traffic and prevent abuse; not retained in identifiable form for analytics purposes)
• The pages you visit and the time of your visit
• The website that referred you to us (if any)
• Your browser type, device type, and operating system
• Approximate geographic location (country-level, derived from your IP address)

3. How we use this information

We use the information we collect for the following purposes:

• To respond to enquiries you submit through the contact form.
• To understand site traffic in aggregate — which pages are popular, where visitors come from, and how the site is performing — so we can improve our content and user experience.
• To ensure the security and stability of the website and protect against abuse.
• To comply with legal obligations where applicable.

4. Legal basis for processing

Under UK GDPR, we rely on the following lawful bases:

• Legitimate interests — for analysing aggregated, non-identifying website traffic to improve our service, and for maintaining the security of our website. We have assessed that this processing is necessary, proportionate, and does not override your rights.
• Consent — when you voluntarily submit information through our contact form, you consent to us processing that information to respond to your enquiry.
• Legal obligation — where we are required by law to retain or disclose information.

5. Cookies and tracking

This website does not use third-party analytics cookies or advertising cookies.

We use Netlify Analytics, which is a server-side analytics service provided by our hosting platform. Unlike traditional analytics tools, Netlify Analytics does not place cookies on your device and does not run any tracking scripts in your browser. It works by analysing the server logs Netlify already generates when delivering the site, in an aggregated and anonymised form.

Our site may use a small number of strictly necessary cookies for core functionality (for example, to handle form submissions or remember interface state). These do not require consent under UK PECR (the Privacy and Electronic Communications Regulations) as they are essential for the site to function.

6. Who we share information with

We do not sell your personal information. We share information only with the following categories of recipients, where necessary to operate our service:

• Netlify, Inc. — our website hosting provider, which processes technical and traffic data on our behalf. Netlify acts as our data processor. See Netlify's Privacy Policy for details.
• Email and communications providers — when you contact us, your message may be delivered through our email service provider.
• Professional advisors and authorities — where required by law, regulation, or in connection with legal proceedings.

7. International transfers

Some of the service providers we use (including Netlify) may store or process data outside the United Kingdom, including in the United States. Where this occurs, we rely on appropriate safeguards recognised under UK GDPR, such as Standard Contractual Clauses or adequacy decisions, to ensure your information remains protected.

8. How long we keep your information

• Contact form submissions: retained for as long as necessary to respond to your enquiry and for a reasonable period afterwards (typically up to 24 months) for business records, after which they are deleted.
• Aggregated analytics data: Netlify retains traffic data for a limited rolling window (typically 30 days) in identifiable form, after which it is aggregated.
• Records required by law (for example, for tax or regulatory purposes) are retained for the period required by law.

9. Your rights

Under UK GDPR, you have the following rights:

• Access — to request a copy of the personal information we hold about you.
• Rectification — to ask us to correct information that is inaccurate or incomplete.
• Erasure — to ask us to delete your personal information in certain circumstances.
• Restriction — to ask us to limit how we use your information.
• Objection — to object to our processing where we rely on legitimate interests.
• Portability — to receive your information in a structured, commonly used format.
• Withdraw consent — where we rely on your consent, you may withdraw it at any time.

To exercise any of these rights, contact us using the details below. We will respond within one month.

10. Data security

We take appropriate technical and organisational measures to protect your information against unauthorised access, alteration, disclosure, or destruction. This includes using a hosting platform (Netlify) that provides encryption in transit (HTTPS), and limiting access to personal data to those who need it to perform their role.

11. Children

This website is intended for business audiences and is not directed at children under 13. We do not knowingly collect personal information from children.

12. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Significant changes will be communicated through a notice on the website.

13. Complaints

If you have a concern about how we handle your personal information, please contact us first so we can try to resolve it. You also have the right to lodge a complaint with the UK's data protection regulator, the Information Commissioner's Office (ICO):

• Website: ico.org.uk
• Helpline: 0303 123 1113