Privacy Policy

Last updated: 8 June 2026

1. Who we are

The Cyber Trust Council ("we", "us", "our") is the data controller for personal data processed through this website. You can contact us at hello@cybertrustcouncil.org.

2. What data we collect

  • Identity and contact data (name, email, organisation) you provide when you join, contact us, or subscribe.
  • Account and usage data when you interact with member resources.
  • Technical data (IP address, browser, device) collected automatically through cookies and analytics.

3. How we use your data

  • To deliver membership, resources and the Cyber Trust badge.
  • To send transactional and onboarding emails.
  • To improve our website, products, and services.
  • To meet legal and regulatory obligations.

4. Legal bases

We process personal data under one or more of: your consent, performance of a contract, legitimate interests, and legal obligation, as set out in UK GDPR and EU GDPR.

5. Sharing

We share data only with trusted processors (hosting, email delivery, analytics) under appropriate contractual safeguards. We do not sell personal data.

6. Retention

We retain personal data only as long as necessary for the purposes described, or as required by law.

7. Your rights

You have the right to access, rectify, erase, restrict, port, and object to processing of your personal data, and to withdraw consent at any time. To exercise these rights, email us at hello@cybertrustcouncil.org.

8. Cookies

We use cookies and similar technologies. You can manage your preferences via the cookie banner at any time.

9. Changes

We may update this policy. Material changes will be highlighted on this page.