CyberReady
BrokersSign inGet started

Privacy Policy

LegalCyberReady Limited · Last updated 30 April 2026

1. Who We Are

CyberReady Limited is a company registered in England and Wales. We operate the CyberReady platform at cyberready.io. For the purposes of UK GDPR and the Data Protection Act 2018, we are the controller of personal data collected through the Service.

If you have questions about this policy or our data practices, please contact us at privacy@cyberready.io.

2. Data We Collect

  • Account data: name, email address, and password (managed via AWS Cognito).
  • Questionnaire data: your answers to the questionnaire, including information about your business, IT infrastructure, and security posture.
  • Payment data: billing details processed by Stripe. CyberReady does not store card numbers.
  • Usage data: IP address, browser type, pages visited, and timestamps.
  • Communications: emails you send to us and delivery email interactions.

3. Lawful Basis

We rely on the following lawful bases for processing your personal data:

  • Contract: processing necessary to deliver the Service you have purchased.
  • Legitimate interests: fraud prevention, security monitoring, and service improvement.
  • Legal obligation: compliance with applicable laws, including tax and anti-money laundering requirements.
  • Consent: for optional marketing communications (where applicable).

4. How We Use Your Data

  • To create and manage your account.
  • To generate your document package based on your questionnaire answers.
  • To process payment and issue receipts.
  • To send you your delivery package and support communications.
  • To detect and prevent fraud and abuse.
  • To improve the Service.

5. Data Retention

We retain your account and questionnaire data for as long as you have an active account and for a period of up to seven years thereafter, to comply with legal obligations and to support any renewal or dispute. You may request deletion of your data at any time by contacting privacy@cyberready.io. Note that some data may be retained where required by law.

6. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate personal data.
  • Request deletion of your personal data.
  • Object to or restrict processing.
  • Data portability.
  • Lodge a complaint with the Information Commissioner's Office (ICO).

To exercise any of these rights, please contact privacy@cyberready.io.

7. Contact

For all data protection queries: privacy@cyberready.io