Legal

Privacy Policy

cyberchecker.co.uk · Last updated: June 2026 · Incommsec Ltd

1. Who we are

Incommsec Ltd is the data controller for information collected through this tool. We are registered in England and Wales (company number 06837160). Our registered office is at 19-21 Swan Street, West Malling, ME19 6JU.

We are registered with the Information Commissioner's Office (ICO). If you have questions about how we handle your data, contact us at: sales@incommsec.com

2. What data we collect

When you complete the assessment and request your results, we collect:

your full name
your work email address
your company name
your company domain (used to run the external vulnerability scan)
your questionnaire responses
technical data generated during the domain scan (for example, email security configuration, SSL certificate details, open ports, HTTP security headers)

We do not collect payment information, personal financial data, or special category personal data.

3. How we use your data

We use the data you provide to:

generate and deliver your personalised cyber security assessment and scan results
contact you with your results and any follow-up information relevant to your assessment
send you relevant cyber security updates and information from Incommsec, where you have indicated you are happy to receive these
improve the tool and our services

We will not use your data to make automated decisions that have a legal or similarly significant effect on you.

4. Legal basis for processing

Legitimate interests — to provide the assessment results you have requested and to follow up with relevant information.

Consent — where you have ticked the box to receive marketing communications from us.

5. How long we keep your data

We retain assessment data for up to 24 months from the date of your submission. After that period, your data is securely deleted unless we are required by law to retain it for longer.

You can request deletion of your data at any time by contacting us at sales@incommsec.com.

6. Sharing your data

We do not sell or share your personal data with third parties for their own marketing purposes.

We may share your data with:

trusted technology partners who assist in operating this tool, under strict data processing agreements
professional advisers and regulators where required by law

All data is processed and stored within the UK or EEA.

7. Domain scanning

The domain you submit is used to run an automated, external, non-intrusive security scan. The results of that scan are included in your report. The domain and scan results are stored as part of your assessment record in line with the retention period above.

8. Your rights

Under UK GDPR, you have the right to:

Access the personal data we hold about you

Correct any inaccurate data

Request deletion of your data

Object to or restrict our processing

Withdraw consent for marketing at any time

Lodge a complaint with the ICO (ico.org.uk)

To exercise any of these rights, contact us at sales@incommsec.com. We will respond within one month.

9. Cookies

This tool may use functional cookies to support the operation of the assessment. These are strictly necessary for the tool to work and do not track you across other websites. No advertising or analytics cookies are used without your consent.

10. Changes to this policy

We may update this Privacy Policy from time to time. The current version will always be published at cyberchecker.co.uk. We will notify you of material changes where we hold your contact details.

11. Contact

Incommsec Ltd
19-21 Swan Street, West Malling, ME19 6JU
sales@incommsec.com
+44 (0)20 3334 9800