Privacy policy

CMS InfoSec Ltd (“we”, “us”), trading as Cyber Made Simple, operates this website and service. We collect only what we need, protect personal data with appropriate measures, and give you clear choices under UK law.

This policy explains what we process, why, how long we keep it, and your rights. For our broader security posture, see Security & privacy compliance.

Contact. Privacy: support@cybermadesimple.co.uk. General: hello@cybermadesimple.co.uk.

What we collect

• Account & profile — name, email, authentication identifiers via our auth provider (we do not store plaintext passwords).
• Usage & security — audit logs, device/session metadata, rate-limit counters to keep the service safe.
• Billing — subscription status and Stripe customer references (card details stay with Stripe).
• Support — messages you send us and related correspondence.

Lawful bases

We rely on contract (to provide the service), legitimate interests (security, product improvement), consent (marketing where required), and legal obligation where applicable.

Your rights

Under UK GDPR you may access, rectify, erase, restrict, object, and port data where applicable. Contact support@cybermadesimple.co.uk. You may complain to the ICO.

Retention

We keep data only as long as needed for the purposes above, then delete or anonymise it.