Privacy Policy

Request a quote Talk to us
0203 744 9070

    Privacy Policy


    This website only uses cookies necessary for it to function. These are not tracking cookies and this website does not collect any personally identifiable information. Third party cookies are also used to enable certain features.

    Cookie consent: ‘ISRcookiesOK’ – This cookie lets us know you’ve clicked to accept cookies, so you don’t see the cookie message box every time you load a page.

    Your device: ‘thisACTDevice’ – We use the data your device provides so that we can tailor the content you see. This helps you navigate our site on smaller screens.

    PHP session: ‘PHPSESSID’ – This cookie is necessary for the normal operation of PHP (the programming language used on this website). The cookie is automatically deleted.

    Third party cookies: Google will place cookies on your device to enable Google Maps on the contact page of this website. Vimeo will place cookies on your device to enable video functionality on the news page.


    You can use your web browser settings to block or delete these cookies. Or you can use your browser’s private or incognito mode, which allows cookies to be used but deleted when you close the browser.


    This website is published by Incognito Security Limited
    Registered in England No: 04361397. Registered Office: ISL House, 3 Willow Road, Berkshire, SL3 0BS


    Data privacy legislation

    The General Data Protection Regulation (GDPR) is the new legal framework effective as of May 25, 2018 in the European Union. Building on current data protection laws, GDPR gives every business a new set of obligations and every consumer strengthened rights regarding use of their personal information.

    In line with the new GDPR legislation we have updated our Privacy Policy.


    Data security and privacy

    Maintaining the security of your data and your right to privacy is a priority to Incognito Security Ltd. We will handle your personal data legally and fairly at all times and we will be transparent about what data we collect about you and how we use it.

    This policy provides you with details about:

    • What personal data we collect.
    • How we use your personal data.
    • How we ensure your privacy is maintained.
    • Your legal rights about your personal data.

    Personal data we collect

    In the course of our business, Incognito Security Ltd may collect the following information about you:

    • Your name, age/date of birth and gender;
    • Your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address;
    • Purchases and orders made by you;
    • Your log-in data when using a client-portal
    • Your password(s) where applicable;
    • When you make a purchase or place an order with us, your payment card details;
    • your communication and marketing preferences;
    • Your interests, preferences, feedback and survey responses;
    • Your location;
    • Your correspondence and communications with us; and
    • Other publicly available personal data, including any which you have shared via a public platform (such as a Twitter feed or public Facebook page).

    Our business practices and website are not intended for children and we do not knowingly collect data relating to children.
    This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this Policy. Some of the above personal data is collected directly, for example when you apply for a training course or send an email to our customer services team. Other personal data may be collected indirectly from third parties who have your consent to pass your details to us, or from publicly available sources.

    How we use your data

    Incognito Security Ltd (and trusted partners acting on our behalf) uses your personal data:

    • To provide goods and services to you;
    • To manage any registered account(s) that you hold with us;
    • To make a client portal available to you;
    • To verify your identity;
    • For crime and fraud prevention, detection and related purposes;
    • With your agreement, to contact you electronically about promotional offers and products and services which we think may interest you;
    • For market research purposes – to better understand your needs;
    • To enable us to manage customer service interactions with you; and
    • Where we have a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute).

    Other Marketing

    Promotional communications
    Incognito Security Ltd may use your personal data for electronic marketing purposes (with your consent) and may send you postal mail to update you on the latest Incognito Security Ltd offers.
    Incognito Security Ltd aims to update you about products & services which are of interest and relevance to you as an individual.
    You have the right to opt out of receiving promotional communications at any time, by contacting Incognito Security Ltd via the contact channels set out in this Policy.

    Sharing data with third parties

    Our service providers and suppliers
    In order to make certain services available to you, we may need to share your personal data with some of our service partners. These include IT, delivery and marketing service providers, accountants.
    Incognito Security Ltd only allows its service providers to handle your personal data when we have confirmed that they apply appropriate data protection and security controls and are GDPR compliant as data processors. We also impose contractual obligations on service providers relating to data protection and security, which mean they can only use your data to provide services to Incognito Security Ltd and to you, and for no other purposes.

    Other third parties

    Aside from our service providers, Incognito Security Ltd will not disclose your personal data to any third party, except as set out below. We will never sell or rent our customer data to other organisations for marketing purposes.
    International data transfer.

    To deliver products and services to you, Incognito Security Ltd may use third party suppliers who transfer data outside of the European Economic Area. This will typically occur when these service providers or their data servers are located outside the EEA. An example of this is Microsoft or Google services, who are US companies and who’s data servers are located in the US. These transfers are subject to special rules under data protection laws. We ensure that the third-party services we use are compliant with GDPR and other relevant data protection law.

    How long do we keep your data?

    We will not retain your data for longer than necessary for the purposes set out in this Policy. Different retention periods apply for different types of data, however the longest we will normally hold any personal data is 7 years.

    How we protect your data

    Incognito Security Ltd is committed to keeping your personal data safe and secure.

    Our security measures include:

    • Encryption of data;
    • Regular cyber security assessments of all service providers who may handle your personal data;
    • Regular scenario planning and crisis management exercises to ensure we are ready to respond to cyber security attacks and data security incidents;
    • Regular penetration testing of systems;
    • Security controls which protect our entire IT infrastructure from external attack and unauthorised access; and
    • Internal policies setting out our data security approach and training for employees.

    Legal basis for using your data

    Incognito Security Ltd collects and uses personal data because is it necessary for:

    • The pursuit of our legitimate interests.
    • The purposes of complying with our duties and exercising our rights under a contract for the sale of goods or services to a customer; or
    • Complying with our legal obligations.

    In general, we only rely on consent as a legal basis for processing in relation to sending direct marketing communications to customers.

    Customers have the right to withdraw consent at any time. Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.

    Your personal data rights

    You have the following personal data rights:

    • The right to ask what personal data we hold about you at any time;
    • The right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you free of charge; and
    • The right to opt out of any marketing communications that we may send you.

    To find out more about your personal data rights please visit:

    Contact us

    If you have any questions about how Incognito Security Ltd uses your personal data that are not answered here, or if you want to exercise your personal data rights, please contact us by emailing