Privacy Policy

Last updated:

1. Who We Are

Cognify Cloud Services ("we", "us", "our") is a UK-based managed IT service provider operating at cognify.org.uk. We provide managed IT support, cloud hosting, remote monitoring, helpdesk services, and cybersecurity solutions for UK businesses.

For the purposes of UK GDPR and the Data Protection Act 2018, Cognify Cloud Services is the data controller for personal data collected through this website and in the course of providing our services. To contact us about data protection matters, please email hello@cognify.org.uk.

2. Data We Collect

We may collect and process the following categories of personal data:

  • Contact information — name, email address, telephone number, company name, when you contact us or use our services.
  • Service data — information necessary to provision and support the IT services we provide, including device identifiers, network addresses, and system logs.
  • Communications — records of correspondence, support tickets, and emails where you contact us.
  • Website usage — standard server access logs (IP address, browser type, pages visited, timestamp). We do not use analytics cookies or third-party tracking.

3. How We Use Your Data

We use personal data only for the following purposes:

  • To respond to enquiries and provide the services you request.
  • To manage our business relationship with you, including invoicing and service delivery.
  • To operate and maintain secure IT infrastructure on your behalf.
  • To comply with legal and regulatory obligations.
  • To protect the security of our systems and prevent fraud or abuse.

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Legal Basis for Processing

We rely on the following legal bases under UK GDPR:

  • Contract — processing necessary to perform a contract with you or to take steps at your request before entering a contract.
  • Legitimate interests — operating our business securely, responding to enquiries, and maintaining service logs, where these are not overridden by your rights.
  • Legal obligation — where we are required to process data to comply with applicable law.
  • Consent — where we have obtained your explicit consent (which you may withdraw at any time).

5. Data Retention

We retain personal data only for as long as necessary for the purposes set out in this policy, or as required by law. Service and communications data is typically retained for up to 7 years for audit and contractual purposes. Server access logs are retained for up to 90 days.

6. Data Storage and Transfers

All personal data we process is stored on servers located in the United Kingdom and/or the European Economic Area. We do not transfer personal data outside the UK/EEA. Our infrastructure is hosted in UK-based data centres.

7. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encrypted communications, access controls, network hardening, and regular security reviews.

8. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Request erasure of your data ("right to be forgotten") where applicable.
  • Restrict or object to processing in certain circumstances.
  • Data portability — receive your data in a structured, machine-readable format.
  • Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us at hello@cognify.org.uk. We will respond within one calendar month. If you are unhappy with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).

9. Cookies

This website does not use analytics cookies, advertising cookies, or any third-party tracking technologies. We use only technically necessary session behaviour (e.g. server-side request logging) required to operate the site securely. No consent banner is required as we do not deploy non-essential cookies.

10. Third Parties

We do not load any third-party scripts, fonts, or resources on this website. All assets are served directly from our own infrastructure. Any sub-processors engaged in delivering our managed IT services are contractually bound to comply with UK GDPR requirements and appropriate data processing agreements are in place.

11. Changes to This Policy

We may update this privacy policy from time to time. The "last updated" date at the top of this page will reflect any changes. Continued use of our website or services after a change constitutes acceptance of the updated policy.

12. Contact Us

For any questions about this privacy policy or how we handle your personal data, please contact us at: hello@cognify.org.uk