Privacy Policy

This privacy policy tells you how the Cyber Resilience Centre for London (LondonCRC) obtains, holds, uses and discloses personal data. It describes the steps we take to ensure data is protected, and your rights to know, see and challenge how your data is used.

The website and all its constituent components is owned and operated by the Cyber Resilience Centre for London. The extent and type of information we receive from you on our website depends on what you do when visiting our website.



We currently collect and process the following information:

Information you explicitly give us:

We receive and store any information you enter on our Website or give us in any other way through a direct interaction with us which includes:

  • Your email when you subscribe to our newsletter
  • Your name and email when you contact us through our contact forms
  • Your Username/Password when you download our products
  • Your Username/Password when you subscribe to our services
  • The Personal Data you provide us when you send us an email or contact form

Note that we do not collect any payment information when you subscribe to one of our services. 

Information we collect automatically: 

When you use the Services or browse our Website, we may collect information about your visit to our Website, your usage of the Services, and your web browsing. That information may include:

  • Your network routing information (where you come from).
  • Your Internet Protocol (IP) address used to connect your computer to the Internet and may identify your general geographic location or company.
  • Your computer and connection information such as browser type, version, and time zone setting, browser plug-in types and versions, operating system, and platform.

We may collect this information as a part of log files as well as through the use of cookies or other tracking technologies. Our use of cookies and other tracking technologies can be found in the Cookies section.

We use this information to help us find out more about which areas of our site are prone to errors and which parts of the site are popular or unpopular. This helps us to create better content and to fix any problems on the site. All this information is statistical only and is not used to personally identify users.


Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are: 

(a) Your consent. You are able to remove your consent at any time. You can do this by contacting: This email address is being protected from spambots. You need JavaScript enabled to view it.

(b) We have a contractual obligation

(c) We have a legal obligation

(d) We have a legitimate interest


Your data will be stored securely within our website infrastructure and will be stored only as long as you wish to be registered on the site.

We will not transfer your data to other parties unless we are required by law to do so, or if it is necessary in order to fulfil a request from you.

If you sign up to receive a newsletter from us, your details will be transferred to our email service, but this information is still visible only to CRC for London staff and will not be shared with external parties.

Your data will be held for as long as is necessary for the particular purpose or purposes for which it is held, and deleted when it is no longer needed and in line with the Data Protection Act 2018.


To be transparent and provide you with the maximum information about who our third party service providers are, we list below the ones that may keep Personal Data, what information they keep, and how we ensure the GDPR compliance through their contracts.


In our websites, we use Google Analytics and Tag Manager to analyze their use and optimize their performance. Google is a US company the data of which are in Google Cloud Locations. As described in their Privacy Shield certification, they comply with the EU-US and Swiss-US Privacy Shield as set forth by the US Department of Commerce regarding the collection, use and retention of Personal Data from European Union member countries and Switzerland, respectively. Google is fully committed to GDPR compliance as described on their Commitments to GDPR that articulate the commitments with us. For all the previous services, as a commitment to privacy and security, we have signed the following documents: Data Processing Security Terms (Customers) contract, and an EU Model Contract clauses. 


Salesforce is a customer relationship management solution that brings companies and customers together. When you provide us with your details through one of our contact forms Salesforce will safeguard your data with a robust, comprehensive, and transparent privacy and security program.

Please read the Salesforce Privacy Statement carefully to learn how they collect, use, share and otherwise process information relating to individuals ("Personal Data"), and to learn about your rights and choices regarding the processing of your Personal Data.


Softforge host, develop and manage the CRC for London website, including security, backups and analytics. Softforge’s Privacy Policy can be found here


Under data protection law, you have the right to ask for a copy of the information we hold about you and to ascertain where we are holding any information related to you.

Any registration information that you have completed on our website will be visible to you and you will be able to make changes to this information or delete it, if you wish.

Your rights include:

  • Your right of access - You have the right to ask us for copies of your personal information.
  • Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
  • Your right to object to processing - You have the the right to object to the processing of your personal data in certain circumstances.
  • Your right to data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

If you wish to make a request please contact us at: This email address is being protected from spambots. You need JavaScript enabled to view it.


We are committed to protecting the privacy and confidentiality of the personal data relating to or submitted by visitors to our Websites. We will endeavour to ensure that all personal information in our possession is processed in accordance with the principles of the Data Protection Act 1998 (“the Act”) and the new EU General Data Protection Regulation (GDPR).


The CRC for London may need to make changes to this policy from time to time. You should, therefore, check the page whenever you submit new information to us, or if you are unsure of the terms contained herein.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation.
The intention of The Cyber Resilience Centre for London is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.
Articles on the website cannot by their nature be comprehensive and may not reflect the most recent legislation, practice, or application to your circumstances.

Stay Connected

For specific questions please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it..

Twitter: @London_CRC
LinkedIn: Cyber Resilience Centre for London
YouTube: Cyber Resilience Centre for London