Privacy Policy

Last updated: April 2026

Who we are

Aegis Risk & Decision Advisory Ltd (Company No. NI736303) is a security advisory practice registered in Northern Ireland. We are the data controller for personal information collected through this website and our advisory services.

ICO Registration: [Your ICO registration number]

Contact: info@aegisrda.co.uk | 07436 165 488

What personal data we collect

We collect personal data in the following ways:

• Enquiries: When you contact us by email, phone or through our website, we collect your name, email address, phone number and the content of your message.
• Event registration: When you register for a briefing or event, we collect your name, job title, organisation and contact details.
• Advisory clients: When you engage our services, we collect the information necessary to deliver the engagement, including names, job titles, organisational details and correspondence.
• Website visitors: We use Google Analytics to collect anonymised data about how visitors use our website, including pages visited, time on site and approximate location. This data cannot identify you personally. See our Cookie Policy for details.

Why we collect it and our legal basis

• To respond to enquiries: Legitimate interest — you have contacted us and would reasonably expect a response.
• To deliver advisory services: Contract — processing is necessary to perform the services you have engaged us to provide.
• To invite you to events: Legitimate interest — where your organisation falls within the scope of Protect Duty legislation and the information is relevant to your role.
• To improve our website: Consent — Google Analytics cookies are only set after you accept cookies via our consent banner.

Who we share your data with

We do not sell, rent or share your personal data with any third party for marketing purposes. Your data may be processed by:

• Google Analytics: Anonymised website usage data (subject to your cookie consent).
• Email provider: Our email hosting provider processes emails sent to and from our business address.

We will disclose personal data if required to do so by law.

How long we keep your data

• Enquiries: 12 months from last contact, then deleted.
• Event attendee details: 12 months after the event, then deleted.
• Client engagement records: 6 years after completion of the engagement, in line with statutory requirements.
• Website analytics: Google Analytics data is retained for 14 months.

How we protect your data

We store personal data securely using password-protected systems and encrypted email where appropriate. Access to personal data is limited to directors of the business who require it to perform their role. We do not store personal data on publicly accessible systems.

Your rights

Under UK GDPR, you have the right to:

• Access the personal data we hold about you.
• Correct any inaccurate or incomplete data.
• Delete your data (in certain circumstances).
• Restrict or object to processing of your data.
• Data portability — receive your data in a structured format.
• Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us at info@aegisrda.co.uk. We will respond within 30 days.

Complaints

If you are unhappy with how we handle your personal data, you have the right to complain to the Information Commissioner’s Office (ICO):

Website: ico.org.uk | Telephone: 0303 123 1113

Changes to this policy

We may update this policy from time to time. The “last updated” date at the top of this page will reflect any changes. We encourage you to review this policy periodically.