SC IT Consulting logo
SC IT Consulting IT consultancy for SMEs

Privacy Policy

Effective date: March 6, 2026

Last updated: March 6, 2026

SC IT Consulting (“we”, “us”, “our”) respects your privacy. This policy explains what personal information we collect, how we use it, and your rights.

1. Information We Collect

  • Contact details you provide (name, email address, and message content).
  • Business information you share during enquiries or onboarding.
  • Technical and security data (for example browser type, IP address, device and log details) used to protect our website and services.
  • Commercial records needed to provide services, such as proposals, statements of work, invoices, and support records.

2. How We Use Information

  • To respond to enquiries and provide requested services.
  • To manage projects, support, and client communication.
  • To improve service quality and protect systems from misuse.
  • To comply with legal and regulatory obligations.

3. Legal Basis (UK GDPR)

  • Performance of a contract or steps prior to contract.
  • Legitimate interests in running and improving our business.
  • Compliance with legal obligations.
  • Consent, where required.

4. Data Sharing

We do not sell personal data. We may share data with trusted providers (for example, hosting, email, and security providers) where needed to deliver services and operate our business.

Where providers process personal data on our behalf, they do so under appropriate contractual and security obligations.

5. International Transfers

Some providers may process data outside the UK. Where this happens, we use lawful transfer mechanisms and reasonable safeguards.

6. Data Retention

We keep personal data only as long as necessary for service delivery, legal, accounting, or security purposes.

  • General enquiry messages: typically up to 24 months.
  • Client project and support records: typically for the active engagement and up to 6 years afterwards.
  • Financial records (for example invoices): typically 6 years plus the current accounting period.
  • Security and access logs: usually 30 to 365 days, depending on operational need.

7. Your Rights

You may have rights to access, correct, erase, restrict, or object to processing of your data.

To exercise your rights, email: [email protected]. We aim to respond within one calendar month.

8. Security

We use reasonable technical and organisational measures to protect personal data. No method of transmission or storage is 100% secure.

Measures may include access controls, authentication requirements, encryption where appropriate, and security monitoring.

9. Cookies and Analytics

Our website is designed to be minimal. We do not intentionally use advertising cookies. If analytics or additional tracking technologies are added in future, this policy will be updated.

10. Complaints

If you have concerns, please contact us first so we can try to resolve them. You may also complain to the UK Information Commissioner's Office (ICO).

11. Changes to This Policy

We may update this policy from time to time. Updates will be posted on this page with the revised effective date.