Legal

Privacy Policy

Last updated: 22 March 2026

Plain language summary: We collect only what we need to respond to your enquiry. We do not use tracking cookies, advertising networks, or analytics platforms that share your data with third parties. We do not sell your data. Ever.

Who we are

Enact Cyber is a cybersecurity compliance consultancy. Our website is enactcyber.com. For any privacy-related questions, contact us at hello@enactcyber.com.

What data we collect and why

Contact form submissions

When you submit our contact form, we collect your name, company name, email address, your selected service of interest, and your message. We use this information solely to respond to your enquiry. We do not add you to any mailing list without your explicit consent.

Legal basis (GDPR): Legitimate interest — responding to a direct enquiry you have initiated.

Website analytics

We use Vercel Analytics to understand how visitors use our site. Vercel Analytics is privacy-preserving by design — it does not use cookies, does not fingerprint individual users, and does not share data with advertising networks. The data collected is aggregated and anonymous.

What we do not collect

  • We do not use advertising cookies or tracking pixels
  • We do not use Google Analytics or Meta Pixel
  • We do not collect payment information on this website
  • We do not collect data from children under 16

Cookies

This website uses only technically necessary cookies required for the site to function. We do not use:

  • Advertising or targeting cookies
  • Social media tracking cookies
  • Analytics cookies that identify individual users

Because we do not use non-essential cookies, no cookie consent banner is required under the UK/EU Cookie Law or GDPR. You will not be asked to accept or decline cookies because we do not set any that require consent.

Who we share data with

We use the following third-party services:

  • Vercel — hosts this website. Your IP address and request metadata are processed by Vercel's servers. See Vercel's privacy policy.
  • Resend — delivers email notifications when you submit our contact form. Your contact details are transmitted to Resend for delivery purposes only. See Resend's privacy policy.

We do not sell, rent, or trade your personal data with any third party.

How long we retain your data

Contact form submissions are retained for as long as necessary to respond to your enquiry and conduct any resulting business relationship. If no engagement follows, we delete contact records after 12 months.

Your rights

Under GDPR and UK GDPR, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Object to processing
  • Data portability

To exercise any of these rights, email us at hello@enactcyber.com. We will respond within 30 days.

Security

This website enforces HTTPS, uses a strict Content Security Policy, and implements security headers in line with industry best practice. Contact form submissions are rate-limited and validated server-side before processing.

Changes to this policy

We will update this policy when our practices change. The date at the top of this page reflects the most recent revision.

Contact

For any privacy-related questions or to exercise your rights: hello@enactcyber.com

Terms of ServiceContact us