Privacy Notice

This notice was last updated on: 18/03/21 and is version 2.0.

Welcome, our privacy notice is here to help you understand how we manage and protect your information as you use our website.

P.S. If you are interested in getting a refreshingly different privacy notice just like this, please contact us and we’d love to help!


As a visitor to our website, this notice applies to you. We may also refer to you as a User.

Shout Cyber act as the ‘data controller’, and are responsible for determining the purposes and manner in which your Data is collected.

This notice does not apply to websites outside of our website domain ( and it’s subdomains ( This includes any websites we provide links to.

Further information

About Us Shout Cyber is registered with the UK Information Commissioner as a data controller, our registration number is ZA494741.

Links and Social Media This notice does not apply to websites outside of our website domain ( and its subdomains ( This includes any websites we provide links to social media networks. Please refer to the relevant privacy policy for that website for details about how they process your personal information.

Other Relevant Policies This privacy policy should be read alongside, and in addition to the following additional terms, which also apply to your use of our site:

Definitions We use the following definitions in our privacy notice:

Data aka personal dataAny information you submit to our Website will be considered as Data.  This includes where applicable Personal Data, as defined by relevant Data Protection Laws.
CookiesAre small text files placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website can be found within our Cookie Policy
Data Protection LawsCovers any applicable law relating to the processing of Personal Data, including the Data Protection Act 2018, the General Data Protection Regulation (EU) 2016/679, Directive 96/46/EC (Data Protection Directive), and any national implementing laws, regulations and secondary legislation, for as long as the GDPR is effective in the UK;
Shout Cyber, we or usShout Cyber, a sole trader (Triston Hellard-Smith) operating in Corsham, Wiltshire.
User or youAny visitor that comes to see our Website, except for anyone who is either employed by us or is engaged in providing business services to us when accessing this website.
Websitethe website that you are currently visiting, and any sub-domains of this site unless expressly excluded by their own terms of use.


You may not transfer any of your rights under this policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected

If any court or competent authority finds that any provisions of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.

Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that or any other, right or remedy.

This agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.

Data we collect and how we collect it

Contact Details such as your name, email address & telephone number.

When you enter details into our contact us form or contact us directly via our contact details.


Technical Data collected as you use the website, including your IP address, browser type, version, device details.

Automatically from the use of our website.

Further information

Sensitive or special category data Just to let you know, we don’t use our website to collect anything categorised as special category information. For example racial or ethnic origin, political opinions, health data etc.

Children’s data Our website and services are provided to businesses and are intended for use by those 18 or older. We do not knowingly collect personal data from anyone under 16 years old.

Cookies We will collect your Data automatically via cookies, in line with your decision according to our Cookies Policy. For more information please see our Cookies Policy.

How we use Data collected and why

Under applicable data protection law, we will process personal data where we have defined a legitimate purpose and a lawful basis for doing so.


Getting in contact with you If you show interest in our products and services, for example by completing our contact us form, we’ll reach out and get in contact with you.


Providing our services to you If you are a customer using our services we will use the information collected to help provide these services to you.


Improving our services and website Information we collect about how you use our website and services will be used to help us provide a better service and experience for you.


Tell you about our services and products (Marketing) Depending on your choices about how we contact you, or if we have a legitimate interest, we may get in contact with you to tell you more about our services.


You’re in control

You may change your mind about how we get in contact with you, including opting-out (or into) receiving marketing material from us.
You can contact us via


Internal record keeping While operating our business and services we may need to use the information we have captured to evidence our legal compliance with applicable data protection law.

Lawful Basis for processing

Performance of a contract – this means processing your data where it is necessary for the performance of a contract, which you are a party to or take steps at your request before entering into a contract.

Legitimate Interest – where the processing of data is deemed necessary for the legitimate interests of our business, provided those interests are not outweighed by your rights and interests. If you object to our use of data collected you have the right to object in certain circumstances.  Please see the section “Your Rights” below

Comply with a legal or regulatory obligation – this means processing your data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.

Consent – where you have given clear consent for us to process your personal data for a specific purpose.

Our third-parties

We use a number of suppliers and third parties to help us provide our services and this may involve processing Data we capture. We’ve outlined our third-parties below with some links for further information.

Provider & Service ProvidedActing As Data Storage LocationProvider Security / Data Processing Agreement
Krystal Hosting – Website HostingData ProcessorUKPrivacy Policy

ISO27001 Certificate:
Calendly – appointment BookingsData ProcessorUSAData Processing Addendum
Hubspot – our CRM systemData ProcessorEU and USAData Processing Addendum

How secure is the data we collect?

We will use technical and organisational measures to safeguard your Data, for example:

  • your use of this website is encrypted using secure HTTPS connections;
  • we store your data on secure servers;
  • we regularly update our website and its components;
  • we secure our site logins and services using multi-factor authentication
  • we will regularly back up our website.

Technical and organisational measures include measures to deal with any suspected data breach.


Suspect something’s wrong?

If you suspect any misuse, loss or unauthorised access to your Data, please let us know immediately by contacting us via

Data Retention

Unless a longer retention period is required or permitted by law, we will only hold your data on our systems for the period necessary to fulfil the purposes outlined in this privacy policy or until you request that the Data be deleted.

Once we delete your Data, it may persist on backup or archival media for legal, tax or regulatory purposes.

Your Rights

You have the following rights in relation to your Data:


Right to access – You can request a copy of the personal data we hold about you at any time. Including supplementary information about our processing activities.

More information

Will I be charged? No, we won’t charge you for providing you with access to your personal data. The only exception where we would consider a charge for this service is if your request is manifestly unfounded or excessive.

How long will it take for me to receive this information? We will work to provide your requested information within 30 days of your request. If your request is complex or you are making multiple requests at the same time, we may extend this timescale by a further 2 months, if necessary.

Can we refuse a request? Typically we will work with you to provide the information requested, however there some exemptions. If we consider that a request is unfounded or excessive, we may refuse the request where we are legally permitted to do so. If we refuse a request we will write to you and explain the reasons why.

Will I need to provide ID? Yes, we may request you provide sufficient identification to verify you are the intended data subject before we disclose any information to you.


Right to correct – You can correct any personal data we may have if this information is incorrect or inaccurate.

Please keep us updated

It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period of time we hold it.


Right to object – the right to object to our use of your personal data, including where we use it for our legitimate interests. For example Direct Marketing activities.


Right to erasure – the right to request that we delete or remove your Data from our systems..

More information

Can I request you delete all my personal data anytime? There are certain circumstances where the right to erasure can be applied and some exemptions as well. For example, where the processing of personal data is no longer required for the purpose it was collected for, or where we are processing your personal data under the lawful basis of Consent or Legitimate interest, you have the right to withdraw and object to the processing of this data, unless we have another overriding legal requirement to continue processing.

What are the exceptions? If we are under a legal obligation to continue processing the personal information we may be required to refuse the request. We will notify you in writing if this is the case.

Where can I find more information? The ICO’s website has guidance relating to the right to erasure and the guidance for organisations and individuals, this can be found at


Right to restrict our use of your Data – You can restrict the way we process your personal information in certain circumstances, such as if you believe the information is inaccurate, or we are not processing the personal data lawfully.


Right to data portability – the right to request that we move, copy or transfer your personal data. We will provide you with this in an open format such as a CSV or PDF file.

Making a complaint

if you have a complaint regarding how we process your Data, please let us know first, so we have a chance to address any complaint you make.

If we fail to address this complaint, you may refer your complaint to the relevant data protection authority. For the UK this is the Information Commissioners Office (ICO).  The ICO’s contact details can be found on their website at .

Changes to business ownership and control

Shout Cyber may expand or reduce our business, including the sale and/or transfer of control of all or part of our business. Data we have collected and are processing as part of our business will be transferred to the new owner or controlling party. The new owner or controlling party under this privacy policy will be permitted to use the Data for the purposes for which it was originally collected by us.

In the event of a change in business ownership, we will take steps with the aim to ensure your privacy is protected during the transfer of ownership.

Updates to this policy

Shout Cyber reserves the right to change this privacy policy as we deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you are deemed to have accepted the terms of the privacy policy on your first use of the Website following the alterations.


Want a refreshingly different privacy notice?

Get in contact with us and we’d be happy to assist in creating a tailored notice for your website.
Contact Us