Privacy Notice

1.1 Computer Network Defence (CND) Ltd are a cyber security consultancy and UK recruitment agency. CND complies with both the UK and Isle of Man Data Protection Legislations. This privacy notice tells you what to expect when CND Ltd collects personal information to allow us to undertake our business. It applies to personal information we collect about:

1.1.1 Prospective and live client contacts

2.1 We only collect and use personal data where we have a lawful reason to do so. Under Data Protection legislation, organisations must identify a valid legal basis before processing any personal information. CND Ltd relies on the following legal basis:

3.1 As an organisation, CND is committed to protecting personal data and ensuring transparency in how it is managed.
3.2 You may withdraw your consent at any time by:

• Clicking “unsubscribe” in marketing emails
• Adjusting cookie preferences via our website banner
• Contacting us at This email address is being protected from spambots. You need JavaScript enabled to view it.

3.3 Withdrawal does not affect the lawfulness of prior processing. Once withdrawn, we will cease processing your data for the relevant purpose unless another lawful basis applies.
3.4 The table below describes what data we collect, where it is obtained, why we collect it and how long we keep it for:

4.1 We may be required to disclose or share your personal data in order to comply with any legal obligation, or to enforce or apply our terms of use, Master Framework Agreements, Supply of Services Agreements and other agreements; or to protect the rights, property, or safety of Computer Network Defence, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
4.2 The specific types of recipients, purposes of disclosure, legal bases, and privacy considerations are outlined in the table below for transparency and ease of reference:

5.1 The data that we collect from you will be transferred to and stored in the European Economic Area. It may also be transferred to third parties outside of the EEA for the purposes of Google Analytics and our financial and recruitment services. By submitting your personal data, you agree to this transfer, storing or processing.

• UK Adequacy Regulations for countries deemed to offer adequate protection.
• Standard Contractual Clauses (SCCs) for transfers to countries without adequacy decisions.
• Vendor-specific frameworks, such as the EU-U.S. Data Privacy Framework, UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF, which Google LLC and its subsidiaries adhere to for services like Google Analytics and AdSense.

5.3 Transfers to the United States (e.g. for Google cookies and analytics) are covered by these frameworks, and Google is certified under the DPF principles.

5.4 CND will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice. We (and our third-party service providers) use a variety of industry standard security measures to prevent unauthorised access, use, or disclosure of your Personal Data. These security measures consist of, but are not limited to, data encryption and physical security controls.

5.5 All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology.

5.6 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

7.1 We will retain your Personal Data for the period necessary to fulfil the purposes outlined in this Privacy Notice or until you request its deletion, unless a longer retention period is required by applicable legal obligations.

7.2 The table below explains how we manage, review, and securely remove personal information:

7.1 You have certain rights relating to your Personal Data, subject to local data protection legislation. Depending on the applicable laws and if you are located in the EEA or other applicable location, these rights may include:

8.1 What Are Cookies - As is common practice with almost all professional websites, this site uses cookies, which are tiny files that are downloaded to your computer, to improve your experience. The table below describes what information they gather, how we use it and why we sometimes need to store these cookies. We will also share how you can prevent these cookies from being stored; however, this may downgrade or ‘break’ certain elements of the site’s functionality.

8.2 Disabling Cookies - You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies usually results in also disabling certain functionality and features of this and many other websites that you visit. Therefore, it is recommended that you leave on all cookies if you are not sure whether you need them or not, in case they are used to provide a service that you use.

8.3 Cookie Management - Has been implemented so that visitors are given granular control over non-essential cookies. This is achieved by a cookie banner/pop-up that blocks all non-essential cookies until the user grants explicit consent.

9.1 Computer Network Defence tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage you to bring it to our attention if you think that our collection or use of information is unfair, misleading, or inappropriate. We would also welcome any suggestions for improving our procedures.

9.2 This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive details of all aspects of our collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to us via the contact details in section 14.

9.3 You can make a complaint to a supervisory body which in the United Kingdom is the Information Commissioner’s Office (ICO). The ICO can be contacted by visiting www.ico.org.uk.

9.4 We also operate on the Isle of Man, which has its own ICO, contactable by visiting www.inforights.im.

10.1 Our website is not intended for persons under the age of 16. Thus, we do not intentionally gather Personal Data from visitors who are under the age of 16.

10.2 If you are under the age of 16, please do not submit your Personal Data via our submission forms and please ensure you do not accept our Cookies, otherwise your personal data will be tracked by our website.

11.1 This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
11.2 CND is not responsible for third party privacy practices.

12.1 We do not send out notifications when changes are made to this privacy notice, but we do keep it under regular review and place any updates on this web page. This privacy notice was last reviewed on 22nd October 2025.

13.1 If you want to request more information on our privacy policy or personal details of yours that we may hold, you can contact us via:
This email address is being protected from spambots. You need JavaScript enabled to view it.
FAO: Data Protection Officer
Computer Network Defence Ltd
The Stables
Digital Mansion
Pickwick Road
Corsham
SN13 9BL