Privacy Policy
Last Updated: November 2025
Trust is the currency of our business. This document outlines the technical and administrative protocols governing the collection, storage and processing of data within the Greywell Cyber environment. We do not monetise user data; our primary directive is the provision of secure consultancy services.
1.0 IDENTITY & CONTROL
Greywell Cyber acts as the Data Controller for all personal data processed via this site and our services.
• Registered Office: Upton Grey, United Kingdom
• Data Officer Contact: enquiries@greywellcyber.com
2.0 DATA VECTORS
We collect minimum viable data strictly necessary for operational functionality and service delivery:
• Identity Data: Name, Job Title, Corporate Affiliation.
• Contact Telemetry: Corporate Email and Direct Lines.
• Technical Metadata: IP signatures, browser fingerprinting and OS versioning (collected via automated analytics).
3.0 PURPOSE OF PROCESSING
Data is processed solely for authorised objectives:
• Service Execution: To authenticate client accounts and deliver deployed tools.
• Operational Comms: Security alerts, policy updates, and engagement management.
• System Hardening: Infrastructure troubleshooting, traffic analysis, and platform security.
4.0 COMMUNICATIONS
We use our mailing list to share Threat Alerts and Engineering updates. You receive these strictly on an opt-in basis or via existing client relationships. You may terminate these communications instantly via the unsubscribe link or by contacting our Data Officer.
We prioritise actionable intelligence over volume.
5.0 SECURITY ARCHITECTURE
We deploy defence-in-depth security measures to prevent unauthorised access, exfiltration or modification.
Data is stored on encrypted infrastructure. Access is restricted to personnel with specific security clearance and operational necessity (Need-to-Know basis).