Privacy Notice

Sentrium Security Ltd (“Sentrium”) processes personal data via this website (www.sentrium.co.uk). This privacy notice is written to inform you about the types of data we process, how we use it, and your rights in relation to this data.

Sentrium are a cyber security company based in the United Kingdom. We are committed to protecting the personal data of our website users and customers, and comply fully with the requirements of the UK General Data Protection Regulations (UK GDPR), the Data Protection Act 2018 (DPA), and the Privacy and Electronic Communications Regulations (PECR).

As a cyber security company, Sentrium has implemented appropriate technical and organisational measures to protect personal data, including access controls, encryption, and certification to ISO27001.

What is personal data?

The Information Commissioners Office (ICO) define personal data as:

any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

What personal data do Sentrium process?

We may collect and process the following types of personal data in relation to the use of our website:

Name and contact details (e.g. personal and business email addresses, telephone number)
Marketing preferences
Usage data (including information about how you interact with and use our website, products and services)
Website user journey information
IP addresses, device identifiers, browser information and cookie IDs
Any other personal information you share with us via free-text forms and fields

Where do we obtain personal data from?

We may obtain personal information from the following sources:

Directly from you
Publicly available sources
Referees provided by you (for recruitment purposes)
Suppliers and service providers

Clients and other third-parties may provide us with personal information from time to time in the delivery of our products and services, and they must do so in compliance with UK data protection regulations.

How long do we store your information?

Sentrium stores and processes personal information only as long as is necessary to fulfil the purpose we have obtained it for, taking into account any legal, contractual and regulatory obligations (such as in the case of recruitment), as well as any legitimate interests of the business.

Personal information obtained through the website for marketing and sales purposes shall be stored and processed for no more than 5 years from the time our active relationship with you ends, for example when you unsubscribe from our communications or otherwise request us to cease contact with you. We shall always respect your rights under the General Data Protection Regulation (GDPR).

We maintain a Data Retention Schedule to ensure that all of the personal data we store and process is kept in accordance with data protection regulations.

Why do we store your personal data?

When you submit a business enquiry through our website, we collect this information to get in contact with you about our products and services, or to otherwise answer your query. If you become a customer, we may use your personal data in other ways, for example in performance of our contract, or for dealing with feedback or claims.

When you get in contact with us about recruitment, we store and process your personal information to evaluate your application, and to contact you about your application. If we employ you, we shall process your personal information for other reasons, which shall be communicated to you separately.

When you access our website, we request your permission to track your usage with Cookies to understand how our users interact with our website. This is important so that we can make improvements. If you have shared your details with us, such as by using a contact form, this may also enable us to learn your interests so that we can inform you about our products, services, promotions or events.

If you are located in the UK, we will only send you marketing communications and updates about our products and services with your prior consent, or based on our legitimate interests if you are a corporate subscriber. All of our marketing operations are compliant with the Privacy and Electronic Communications Regulations (PECR).
If you are located outside the UK, we will only contact you in accordance with local e-privacy and marketing laws, and you may opt out of marketing at any time.
You can manage your communications from us by using the Unsubscribe link at the bottom of all of our marketing emails, or by getting in touch.

Providing personal data through our website is generally voluntary. However, if you choose not to provide certain information, we may be unable to respond to your request or certain functionality may not work as expected.

Sentrium are committed to cyber security and the protection of your personal data. We will never sell your data to third parties to be used for marketing or sales purposes.

To help process your personal data for the purposes described in our Privacy Notice, we may entrust third party processors to support our operational and technical needs. We have contractual agreements in place with all of our third parties to ensure your personal data is only used for its intended purpose. These third parties include our CRM platform, email automation tools, website hosting, and analytics services.

We may be required by law to store or process personal data with law enforcement or regulators. Where we are requested to do so, we take care to verify the legitimacy of requests to share personal data.

International transfers

Some of our service providers are located outside the UK. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, such as the UK–US Data Bridge, Standard Contractual Clauses, and/or other legally recognised transfer mechanisms.

Lawful basis for processing personal data

Under UK data protection law, we must have a “lawful basis” for collecting and using your personal information. There is a list of possible lawful bases in the UK GDPR. You can find out more about lawful bases on the ICO’s website.

We record the appropriate lawful basis for processing personal data within our Record of Processing Activities (ROPA). Sentrium use the following lawful basis for processing personal data:

Consent – we have permission from you after we gave you all the relevant information. All of your data protection rights may apply, except the right to object. To be clear, you do have the right to withdraw your consent at any time.
Contract – we have to collect or use the information so we can enter into or carry out a contract with you. All of your data protection rights may apply except the right to object.
Legal obligation – we have to collect or use your information so we can comply with the law. All of your data protection rights may apply, except the right to erasure, the right to object and the right to data portability.
Legitimate interests – using the personal data is in the interest of Sentrium, or a third-party, and may include commercial interests. Where we rely on this lawful basis, we conduct a Legitimate Interests Assessment (LIA) to ensure the collection and processing is justified.

Your data protection rights

At any time whilst we are in possession of your personal data, you have the following rights under the UK GDPR:

Right of access – You have the right to ask us for copies of your personal information. You can request other information such as details about where we get personal information from and who we share personal information with. There are some exemptions which means you may not receive all the information you ask for.
Right to rectification – You have the right to ask us to correct or delete personal information you think is inaccurate or incomplete.
Right to be forgotten – You have the right to ask us to delete your personal information.
Right to restriction of processing – You have the right to ask us to limit how we can use your personal information.
Right to object to processing – You have the right to object to the processing of your personal data.
Right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you.
Right to withdraw consent – When we use consent as our lawful basis you have the right to withdraw your consent at any time.

Automated decision making

Sentrium does not solely rely upon automated decision making that may have a legal effect or similarly significant effect on a data subject, including for recruitment purposes. Solely automated decisions are decisions about individuals made without any human influence on the outcome.

Links to other websites

Sentrium are not responsible for the privacy practices of any third party website or digital service, including any sites which we provide hyperlinks to in our webpages. When you follow a link on our website which navigates you to a different website, we encourage you to review the privacy notices published by the operator.

Contact us

If you have any concerns about our use of your personal data, you can make a complaint to us by sending an email to [email protected].

You may also write to us at the following address:

FAO Data Controller
Sentrium Security Ltd
Harley House
29 Cambray Place
Cheltenham
GL50 1JN

Data protection complaints

If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.

Helpline number: 0303 123 1113
Website: https://www.ico.org.uk/make-a-complaint
Registration reference: ZA921259

Privacy notice updates

We may update this notice from time to time, to reflect changes in our processing of personal data or for other operational, technical, legal or regulatory purposes.

Last updated: 17^th December 2025