Legal

Privacy notice.

What personal data we collect when you contact us through this website, why we collect it, who we share it with, and the rights you have over it.

Privacy notice

Last updated: 5 June 2026

This notice explains how Bishop Consultancy UK Ltd handles personal data collected through this website — principally when you get in touch using our contact form or by email. We take your privacy seriously and only ask for the information we genuinely need to respond to you and run our business properly.

Who we are

Bishop Consultancy UK Ltd (“we”, “us”, “our”) is the data controller responsible for the personal data described in this notice. We are an independent IT and cyber security consultancy based in Ipswich, UK.

  • Company: Bishop Consultancy UK Ltd, registered in England & Wales, company number 04456435.
  • Registered office: available on request, and on the public register at Companies House under company number 04456435.
  • Email: enquiries@bishop-consultancy.co.uk
  • Phone: 0330 223 5742
  • ICO registration: ZC098683

For any question about this notice or about how we handle your data, the quickest route is to email us at enquiries@bishop-consultancy.co.uk.

The information we collect

We collect personal data directly from you, and a small amount of technical data automatically, in the following ways.

When you use our contact form

The form asks for your name, your email address and your message. You can optionally add your phone number, your business name and the topic of your enquiry. The message field is free text, so it will contain whatever you choose to tell us.

Technical data recorded with each enquiry

When you submit the form, we also record the date and time, the IP address you submitted from, and your browser’s user-agent string (the technical description your browser sends, identifying things like browser type and operating system). We record this to help us prevent spam and abuse of the form and to keep the site secure. For rate-limiting, your IP address is stored only in a one-way hashed form, not in plain text.

When you email or call us

If you email enquiries@bishop-consultancy.co.uk or call us, we will hold the contents of that correspondence and any contact details you provide, so that we can respond and keep a record of our dealings with you.

Website server logs

Like virtually all websites, our web server keeps standard access logs (for example IP addresses, requested pages and timestamps) for security and to diagnose technical problems. These are short-lived operational records.

How and why we use it

Under the UK GDPR we must have a lawful basis for using your personal data. The table below sets out what we do and why.

  • To respond to your enquiry and discuss whether we can help — on the basis of our legitimate interests in dealing with enquiries about our services, and, where you are asking us about working together, in order to take steps at your request before entering into a contract.
  • To keep a record of enquiries and correspondence for our ordinary business administration — on the basis of our legitimate interests in managing the business and keeping accurate records.
  • To keep the website and form secure and to prevent spam and abuse (including the IP and user-agent data and rate-limiting described above) — on the basis of our legitimate interests in protecting our systems and visitors.
  • To meet legal obligations — for example tax, accounting or responding to lawful requests — where the law requires it (legal obligation).

We do not use the information you give us for marketing lists, and we do not sell it to anyone.

Cookies

This site uses only a single, strictly-necessary cookie that supports the contact form — it carries the security token that protects the form against cross-site request forgery and keeps your session working while you fill it in. Because it is essential to a service you have asked for, it does not require consent and there is no cookie banner.

We do not use analytics, advertising or tracking cookies, and we do not embed third-party trackers.

Who we share it with

We do not sell your personal data. We share it only with the service providers that help us run the website and respond to you, and only as far as needed. These act as our processors under contract:

  • Brevo (Brevo SAS, France) — delivers the email generated by the contact form to our inbox. Your details pass through Brevo’s email infrastructure within the EU.
  • Microsoft 365 (Microsoft) — hosts our enquiries@bishop-consultancy.co.uk mailbox, where enquiries are received and stored.
  • Hetzner (Hetzner Online GmbH, Germany) — hosts this website and the server on which form submissions are stored.

We may also disclose information if we are required to by law, or to establish, exercise or defend our legal rights.

Most of this processing takes place within the UK or the European Economic Area. Where a provider (such as Microsoft) may process data outside the UK/EEA, that transfer is protected by appropriate safeguards recognised under UK data protection law, such as the UK’s International Data Transfer Agreement or addendum to the EU Standard Contractual Clauses.

How long we keep it

We keep personal data only for as long as we need it:

  • Website enquiries that do not lead to work — we keep your enquiry and the related correspondence while we are in contact and for up to 2 years after our last contact, then delete it. The copy saved by the contact form on our web server is covered by this same period.
  • If you become a client — we keep service and support records for the duration of our engagement and for up to 6 years afterwards, in case of any dispute.
  • Accounting and tax records — kept for 7 years, as required by UK law.
  • Security and server logs — kept only for a short operational period and then overwritten or deleted.

How we protect it

We take the security of your data seriously — it is, after all, our profession.

  • The website is served over an encrypted HTTPS connection.
  • Form submissions are stored in a non-public area of the server, not accessible from the web.
  • IP addresses used for rate-limiting are stored only as one-way hashes.
  • Access to the server and to our mailbox is restricted and protected.

Bishop Consultancy UK Ltd is itself certified to Cyber Essentials, the UK government-backed security standard.

Your rights

Under UK data protection law you have rights over your personal data. You can ask us to:

  • Access the personal data we hold about you, and receive a copy of it;
  • Correct data that is inaccurate or incomplete;
  • Erase your data where there is no good reason for us to keep it;
  • Restrict or object to our processing in certain circumstances, including where we rely on legitimate interests;
  • Receive a portable copy of data you provided to us, where applicable.

To exercise any of these rights, email us at enquiries@bishop-consultancy.co.uk. We will respond within one month. There is normally no charge.

Complaints

If you have a concern about how we handle your personal data, please contact us first and we will do our best to put it right. You also have the right to complain to the Information Commissioner’s Office (ICO), the UK’s data protection regulator:

  • Website: ico.org.uk/make-a-complaint
  • Helpline: 0303 123 1113
  • Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Changes to this notice

We may update this notice from time to time — for example if our services or our service providers change. When we do, we will revise the “last updated” date at the top of this page. Please check back occasionally.

How to contact us

If you have any questions about this notice or about how we look after your data, please get in touch: