During any Commercial agreement with Layered Defence we will store information about you and your business, this will include the following data types;

• Full name;

• Email address;

• Contact telephone numbers;

• Contact address;

• Billing information;

• Initial source of engagement.

This information is used to respond to emails/phone calls and to provide you with our service offering.  If you do not want to contacted about our services please let us know by dropping us a call or via email.  

Layered Defence does not hold any personal information outside of that which it explicitly needs to provide services to your organisation.

Layered Defence only collects personally identifiable data, such as your name and e-mail address, when it is voluntarily submitted to us via this website or via direct email.

Should Layered Defence make any material changes to our privacy practices that do not affect user information already collected through our site, we will post a prominent notice on our web site notifying users of the change.

 

Data storage

We keep a close watch on our compliance requirements and will move or remove your information where a supplier does not meet the compliance requirements of the UK/EU (if you are a UK or EU citizen).

 

Data stored outside of the organisation is either held in EU-based ISO-27001 certified data centres, or US-based data centres which have signed up to the EU-US Privacy Shield framework. 

 

Data security

All data stored on Layered Defence servers are protected 'at-rest' through the use of encryption.  All backups made of stored data are also encrypted.  Encryption technologies are also used for the transfer of sensitive data 'in-transit'.

 

Data compromise

If our systems are ever compromised, we promise to inform users immediately after an incident, and will self-report to the UK Information Commissioners office.  An incident would include any breach of security leading to the destruction, loss, alteration, unauthorised disclosure of, or access to, your identifiable personal or corporate data.

 

We will notify affected users first, and then publish details of the breach on this site.  We do not use third party advertising companies to provide advertisements or allow third party advertisers to track your browsing.

 

Data disclosure

We only allow access to your contact details when required by law, we do not and will never sell your details.

 

We do not provide services such as Facebook, Twitter, LinkedIn, Snapchat and other social media platforms access to our contacts database.

 

We may contact you using social media channels (LinkedIn, Twitter), however no personal or technical information will be passed via these channels.

 

Data retention

When you become a customer of Layered Defence we will hold data that must be retained to meet our legal and statutory responsibilities.

 

Data removal

If you would like us to delete any information we hold about you, we shall do this unless its part of a condition of using one of our services. You may of course request to have your information deleted once the agreement of a service provided by Layered Defence is deemed nullified.

 

We will respond to your request to access, update or delete your information within 30 business days. Before we are able to provide you with any information, correct any inaccuracies or delete any information, however, we may ask you to verify your identity.

 

In the event of Layered Defence ceasing operations entirely all personal data will be destroyed within 14 days.