Privacy Policy
FaultLine Cyber & Security Ltd
Effective date: 01 June 2026
FaultLine Cyber & Security Ltd (“FaultLine-CS”, “we”, “our”, or “us”) is committed to protecting your privacy and handling personal information responsibly, securely, and transparently.
This Privacy Policy explains how FaultLine Cyber & Security Ltd collects, uses, stores, shares, and protects personal information when you visit our website, contact us, or engage with our services.
1. Who We Are
FaultLine Cyber & Security Ltd
Company registration number: NI739951
Registered office: 12-16 Castle Lane, Belfast, Northern Ireland BT1 5DA
Registered in Northern Ireland
Email: [email protected]
Website: https://faultline-cs.com
For the purposes of applicable data protection law, FaultLine Cyber & Security Ltd is the data controller for personal data collected through this website, business enquiries, and general business communications.
Where we provide services to clients, our role may vary depending on the nature of the engagement. In some circumstances we may act as an independent controller, and in others we may process information on behalf of a client. Where relevant, this will be addressed within the applicable proposal, Statement of Work, contract, or data processing terms.
2. Information We Collect
We may collect and process the following categories of information.
Information You Provide Directly
When you contact us through our website, email, forms, or other communication channels, we may collect:
- name;
- company name;
- email address;
- telephone number;
- job title; and
- information included within your enquiry or message.
Technical & Website Usage Information
When you visit our website, certain technical information may be collected automatically, including:
- IP address;
- browser type and version;
- device type;
- operating system;
- referring website;
- pages visited;
- date and time of access;
- approximate geographic location where available;
- cookie preferences; and
- website security and performance information.
Client Service Information
Where we provide services to a client, we may also receive information necessary to deliver the agreed services, including:
- business contact details;
- employee information;
- supplier information;
- device or asset information;
- security-related information;
- evidence, documentation, or records provided by the client; and
- information contained within questionnaires, assessments, or project materials.
Please do not send sensitive personal information unless specifically requested and genuinely required for the relevant engagement.
3. How We Use Your Information
We may use your information to:
- respond to enquiries and requests;
- provide consultancy or related services;
- communicate regarding projects or services;
- prepare proposals, Statements of Work, contracts, or related documents;
- manage client relationships;
- improve website performance and usability;
- monitor and protect website security;
- comply with legal and regulatory obligations;
- maintain internal business, accounting, tax, insurance, and legal records;
- send relevant business communications where permitted by law; and
- protect our business, clients, systems, and legal rights.
We do not sell personal information to third parties.
4. Legal Basis for Processing
Under the UK General Data Protection Regulation (“UK GDPR”) and applicable data protection legislation, we only process personal data where we have a lawful basis to do so.
| Purpose | Lawful Basis |
| Responding to enquiries | Legitimate interests or taking steps before entering into a contract |
| Preparing proposals, Statements of Work, or contracts | Taking steps before entering into a contract |
| Delivering agreed services | Contract, legitimate interests, or client instructions where applicable |
| Managing client relationships | Legitimate interests |
| Website security and performance | Legitimate interests |
| Legal, accounting, tax, and regulatory records | Legal obligation |
| Business development and relevant service communications | Legitimate interests or consent, depending on the communication |
| Non-essential cookies, analytics, or marketing technologies | Consent, where required |
Where we rely on legitimate interests, these interests include operating our business, responding to business enquiries, delivering cyber and security consultancy services, protecting our website and systems, maintaining client relationships, improving our services, and maintaining appropriate business records.
Where we rely on consent, you may withdraw consent at any time.
5. Cookies and Similar Technologies
Our website may use cookies and similar technologies to improve functionality, performance, analytics, security, and user experience.
Cookies may be used to:
- remember user preferences;
- analyse website traffic;
- support website security and performance; and
- improve usability.
Essential cookies may be used where necessary for the website to function properly.
We will not use non-essential cookies, such as analytics or marketing cookies, unless consent has been provided where required by law.
You can manage cookie preferences through your browser settings or through any cookie banner or preference tool available on our website. Disabling certain cookies may affect website functionality.
Consent for non-essential cookies requires a clear affirmative action and cannot be assumed through continued use of the website alone.
6. Analytics and Tracking Technologies
We may use analytics services such as Google Analytics or similar technologies to understand website traffic and usage patterns.
These services may collect anonymised or aggregated information, including:
- device information;
- browser type;
- pages visited;
- session duration; and
- interaction behaviour.
Analytics and tracking technologies will only be used where permitted by law and, where required, after appropriate consent has been obtained.
7. Embedded Content from Third-Party Websites
Pages on this website may include embedded content or integrations from third-party providers, including:
- Google Maps;
- Google Analyticd;
- LinkedIn;
- YouTube;
- TidyCal; and
- other embedded media or services.
Embedded content behaves in the same way as if you visited the third-party website directly. These providers may collect data, use cookies, and monitor interactions according to their own privacy policies.
FaultLine Cyber & Security Ltd is not responsible for the content, privacy practices, or security of third-party websites or services.
8. Media and File Uploads
If you choose to submit files, images, or attachments through our website or communication channels, you should avoid including unnecessary sensitive or confidential metadata where possible.
We recommend removing embedded location data, such as EXIF GPS information, from uploaded images before submission.
9. Who We Share Your Information With
We may share information with trusted third parties where reasonably necessary to operate our business or deliver services, including:
- website hosting providers;
- IT and security providers;
- email and communication platforms;
- analytics providers;
- professional advisers;
- accountants;
- legal advisers;
- insurers;
- subcontractors or delivery partners;
- certification bodies, assessors, or technical specialists where relevant to an agreed service; and
- regulatory, governmental, or legal authorities where required.
We only share information where necessary and where appropriate safeguards are in place.
10. Data Retention
We retain personal information only for as long as reasonably necessary for the purpose for which it was collected, including to satisfy legal, regulatory, tax, accounting, reporting, contractual, insurance, or legitimate business requirements.
Typical retention periods may include:
- enquiry records: up to 24 months;
- proposal and business development records: up to 24 months;
- client and contract records: for the duration of the engagement and up to 7 years afterwards;
- financial and accounting records: up to 7 years;
- marketing preferences: until you unsubscribe or request removal; and
- website analytics information: according to the relevant analytics or cookie settings.
We may retain information for longer where reasonably required for legal obligations, dispute handling, insurance purposes, regulatory matters, or legitimate business needs.
11. Data Security
FaultLine Cyber & Security Ltd takes reasonable technical and organisational measures to protect personal data against:
- unauthorised access;
- loss;
- misuse;
- alteration;
- disclosure; and
- destruction.
These measures may include access controls, secure systems, password protection, multi-factor authentication, appropriate cloud services, and limiting access to authorised individuals who require the information for legitimate business purposes.
While we take appropriate precautions, no method of internet transmission or electronic storage can be guaranteed as completely secure.
12. Your Rights
Under applicable data protection laws, you may have the right to:
- request access to personal information we hold about you;
- request correction of inaccurate or incomplete information;
- request deletion of personal information;
- restrict or object to certain processing activities;
- withdraw consent where processing is based on consent;
- request transfer of your data where applicable;
- object to direct marketing; and
- lodge a complaint with a supervisory authority.
These rights are not absolute and may be subject to legal exemptions or restrictions.
To exercise your rights, contact: [email protected] or [email protected]
You also have the right to complain to the Information Commissioner’s Office (“ICO”) if you are unhappy with how we handle your personal information.
Information Commissioner’s Office: https://www.ico.org.uk
13. International Data Transfers
Some third-party providers used by FaultLine Cyber & Security Ltd may process information outside the United Kingdom or European Economic Area.
Where this occurs, we take reasonable steps to ensure appropriate safeguards are in place in accordance with applicable data protection laws, including approved contractual protections, adequacy arrangements, or other lawful transfer mechanisms where required.
14. Third-Party Links
Our website may contain links to external websites or services.
We are not responsible for the content, security, or privacy practices of third-party websites.
Users should review the privacy policies of any external websites they visit.
15. Marketing Communications
Where permitted by law, we may send relevant business communications relating to our services.
You can opt out of marketing communications at any time by contacting us or using any unsubscribe option provided.
We do not sell personal information to third parties for marketing purposes.
16. Cybersecurity Engagements & Confidential Information
Where FaultLine-CS provides cyber security, governance, risk, compliance, assessment, advisory, or related consultancy services, clients remain responsible for ensuring that any information shared with FaultLine-CS is lawful, appropriately authorised, and necessary for the agreed engagement.
Unless otherwise agreed in writing, clients should avoid sharing unnecessary sensitive personal data through general website enquiries or unsecured communication channels.
Additional confidentiality, security, or data handling obligations may be addressed separately within Statements of Work, contracts, Non-Disclosure Agreements, or related engagement documentation.
17. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in legal requirements, website functionality, or business operations.
Any updates will be published on this page together with a revised effective date.
18. Contact Us
If you have any questions regarding this Privacy Policy or how your information is handled, please contact:
FaultLine Cyber & Security Ltd
12-16 Castle Lane
Belfast, BT1 5DA
BT3 9DT
Northern Ireland
Email: [email protected]
