Privacy Policy
Last updated: June 2026
Who we are
Blue Cipher Ltd is a digital resilience and security consultancy based in Cambridge, UK.
- Company name: Blue Cipher Ltd
- Company number: 17183812
- Trading as: Blue Cipher Advisory
- Contact: admin@bluecipher.co.uk
- Website: bluecipher.co.uk/
We are the data controller for personal data collected through this website.
What data we collect and why
Contact form submissions
When you complete our contact form, we collect your name, email address, and the content of your message. We use this information solely to respond to your enquiry. The legal basis for processing this data is legitimate interest (responding to a direct request from you).
Website analytics
We use Google Analytics 4 (GA4) to understand how visitors use our website — for example, which pages are visited and how long people spend on them. This data is aggregated and anonymised; it does not identify you personally. The legal basis is legitimate interest in improving our website.
CRM (HubSpot)
When you submit a contact form, your details are stored in our CRM system, HubSpot, so we can manage and respond to enquiries. The legal basis is legitimate interest. We do not use this data for unsolicited marketing without your consent.
Cookies
We use cookies on this website. See our Cookie Policy for full details of which cookies are set and how to control them.
Who we share your data with
We do not sell your personal data. We share data only with the third-party services necessary to operate this website:
| Service | Purpose | Privacy policy |
|---|---|---|
| Google Analytics | Website analytics | policies.google.com/privacy |
| HubSpot | CRM / enquiry management | legal.hubspot.com/privacy-policy |
Both services may process data outside the UK. Google and HubSpot participate in data transfer frameworks that provide equivalent protections.
How long we keep your data
- Contact form enquiries — retained for up to 3 years from the date of last contact, then deleted.
- Analytics data — retained by Google Analytics for 14 months (our configured retention period).
- CRM records — retained for up to 3 years from last interaction, unless you ask us to delete them sooner.
Your rights under UK GDPR
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Request deletion of your data (the “right to be forgotten”)
- Object to processing based on legitimate interest
- Restrict processing in certain circumstances
- Data portability — receive your data in a machine-readable format
To exercise any of these rights, email us at admin@bluecipher.co.uk. We will respond within 30 days.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk if you believe your data has been handled unlawfully.
Changes to this policy
We may update this policy from time to time. The “last updated” date at the top of this page will reflect any changes. Continued use of our website after changes constitutes acceptance of the updated policy.
Contact
For any data protection queries: admin@bluecipher.co.uk
