PRIVACY POLICY AND COOKIE NOTICE
OmniCyber Security Limited (‘Omni’) is registered in England and Wales under company number 09571699, and its registered office address is;
Grosvenor House,
St Paul’s Square,
Birmingham,
West Midlands,
B3 1RB,
United Kingdom
Omni (the Company) provides offensive security testing, managed security, and compliance services.
This privacy policy describes how Omni protects and uses the information you give the Company when you use this website. If you are asked to provide information when using this website, it will only be used in the ways described in this privacy policy.
GDPR Principles
The following principles are complied with when processing personal data;
Lawful Basis of Processing Data
The lawful basis for processing data will always be determined before any data is processed. Omni processes personal data under one, or more, of the following Lawful Bases, per GDPR:
Type of Personal Data collected
The type of personal data collected may include;
How Personal Data is collected
Personal data is obtained from one or more of the following:
Why Personal Data is collected
Personal data is collected to provide legitimate business services which include:
However, where indicated, some of the information is optional and you can choose not to complete it.
How Personal Data is used
Personal data may be used to:
Where Personal Data is Stored
Information collected is stored on the Company’s CRM system.
As part of any services offered by Omni, information provided may be transferred to countries outside the European Economic Area (‘EEA’) i.e. our servers, or third-party servers that are used to provide Omni services located in a country outside the EEA. By submitting your data, you consent to the transfer, storage and/or processing of your data wherever it is stored. However, if your data is transferred outside the EEA, steps will be taken to ensure appropriate security measures are in place to ensure your privacy rights continue to be protected as outlined in this Policy.
How long Personal Data is stored?
We review our retention periods for personal data regularly. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold personal data on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
Who has access to Personal Data?
Only Omni employees and managed third parties are granted access to customer data. This is ensured by the use of strict operational processes and procedures.
Staff and third parties are trained on security systems and relevant processes and procedures which are reviewed regularly for ongoing effectiveness and suitability for purpose. All employees are kept up to date on the Omni security and privacy practices. Employees are notified and/or reminded about the importance we place on privacy, and what they can do to ensure that customer information is protected.
Personal data provided via the Company’s portals is secured using TLS 1.2/1.3 and is encrypted before being transmitted. Secure pages have a lock icon or key on the bottom of web browsers such as Microsoft Edge, information supplied by you on these web pages is securely stored and can only be accessed for the purposes for which it was provided.
All IT systems are kept in a secure environment with appropriate access control. We are audited regularly by various independent security and compliance companies.
Non-sensitive details (your email address and other requested information) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. We will never sell or rent your information to third parties.
Third-party service Providers working on our behalf:
We may pass your information to our third-party service providers, agents, subcontractors, and other associated organisations to complete tasks and provide services to you on our behalf. However, when we use third-party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure.
Third-party product providers we work in association with:
We work closely with various third-party product providers to bring you a range of quality and reliable products and services designed to meet your needs. When you enquire about or purchase one or more of these products, the relevant third-party product provider will use your details to provide you with information and carry out their obligations arising from any contracts you have entered into with them. In some cases, they will be acting as a data controller of your information and therefore we advise you to read their Privacy Policy. These third-party product providers will share your information with us which we will use per this Privacy Policy.
We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party including for a merger, acquisition, divestiture, or similar transaction or as part of any business restructuring or reorganisation.
We may also further transfer data if we are under a duty to disclose or share your personal data to comply with any legal obligation or to law enforcement. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
Individuals’ Rights
Different rules apply depending on the type of Lawful Processing being undertaken, however many of the following individuals’ rights apply whatever the basis of processing:
The accuracy of personal data is imperative. We aim to keep it updated at all times. The personal data we hold about you is available upon request by contacting GDPR@omnicybersecurity.com.
You can request that your data be updated and/or deleted at any time unless Omni can justify that it is retained for legitimate business or legal purposes. When updating your personal data, you may be asked to verify your identity before your request can be actioned.
You can change your marketing preferences at any time by;
Links to other websites / from other websites
Omni websites may contain links to other websites run by other organisations. The Omni Privacy Policy only applies to Omni’s websites, and you are encouraged to read the Privacy Statements on the third-party websites that you visit such as Google. Omni is not responsible for the Privacy Policies and practices of other websites even if they were accessed via an Omni website. Equally, if you link to an Omni website from a third-party site, Omni is not responsible for the Privacy Policies and practices of that third-party site.
16 or Under
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.
COOKIES
What are cookies?
A cookie is a text file containing small amounts of information which a server downloads to your personal computer (PC) or mobile device when you visit a website. The server then sends a cookie back to the originating website each time you subsequently visit it, or if you visit another website which recognises that cookie.
Why do websites use cookies?
Web pages have no memory. If you are surfing from page to page within a website, you will not be recognised as the same user across pages. Cookies enable your browser to be recognised by the website. Cookies are mainly used to remember the choices you have made – such as the language you prefer and the currency you use. They will also make sure you are recognised when you return to a website.
Do all cookies do the same thing?
No, there are different types of cookies and different ways of using them. Cookies can be categorised according to their function, their lifespan and according to who places them on a website.
How does Omni use cookies?
Our website uses the following types of cookies;
How long do Omni cookies stay active?
The cookies we use have varying lifespans. The maximum lifespan is 13 months from your last visit to our website. You can erase all cookies from your browser any time you wish.
How can you recognise Omni cookies?
You can find our cookies in your browser settings.
Does Omni use third-party cookies?
Yes, Omni uses the services of trusted and recognised online advertising and marketing companies. Omni may also use third-party providers for analytical purposes. To enable their services, these companies need to place cookies.
The providers we use are committed to building consumer awareness and establishing responsible business and data management practices and standards.
To control the collection of data for analytical purposes by Google Analytics, you may want to visit the following link: https://tools.google.com/dlpage/gaoptout
Who has access to Omni cookie data?
Only Omni staff have access to Omni cookies. Cookies placed by third parties can be accessed by these third parties.
How can you manage your cookie preferences?
Using your browser settings in, for example, Microsoft Edge, Safari, Firefox, or Chrome, you can set which cookies to accept and which to reject. Where you find these settings depends on which browser you use. Use the “Help” function in your browser to locate the settings you need.
If you choose not to accept certain cookies, you may not be able to use some functions on our website. Opting out of an online advertising network does not mean that you will no longer receive or be subject to online advertising or marketing analysis. It means that the network from which you opted out will no longer deliver ads tailored to your web preferences and browsing patterns.
Does Omni use web beacons?
As well as using cookies, Omni sometimes uses web beacons. A web beacon is a tiny graphic image of just one pixel that’s delivered to your computer either as part of a web page request or in an HTML email message. Either directly or through service providers, we use these pixels as part of our online advertisements either on our website or on third-party websites to learn whether a user who is being shown an online advertisement also makes a reservation; to track conversion with partner websites and to analyse the traffic patterns of users to optimise the services we bring to you.
Questions, Complaints, and Subject Access Requests (SARs)
Any questions or Subject Access Requests (SARs) should be sent to: GDPR@omnicybersecurity.com
You have a right to lodge a complaint if you believe that Omni has not upheld the rights, obligations, and responsibilities set out in this Privacy Policy.
Please send any complaints to: GDPR@omnicybersecurity.com
Review of this Policy
This Policy is regularly reviewed. The latest version is published on this webpage.