Last updated: 26 May 2026

Who we are

This website is operated by IT Consultancy Services Limited (“we”, “our”, “us”). For the purposes of the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR), we are the data controller in respect of any personal data we collect through this website.

The website address is https://www.itconsultancy.eu.com/.

What personal data we collect and why

Contact form

When you submit our contact form we collect the name, email address, telephone number (if provided), subject line and message you supply. We use this information for the sole purpose of responding to your enquiry. The lawful basis for this processing is your consent (UK/EU GDPR Article 6(1)(a)), which you provide by submitting the form.

Form submissions are emailed to our staff via Microsoft 365 (see “Third-party processors” below). We retain contact-form correspondence for as long as is necessary to handle your enquiry and any resulting business relationship, and for up to six years thereafter to meet our legal record-keeping obligations.

Cookies

We use a small number of cookies that are strictly necessary for the site to function. We do not use cookies for advertising, profiling, or non-essential analytics, and therefore do not require a cookie consent banner under the UK PECR / EU ePrivacy Directive.

CookieSet byPurposeLifetime
wordpress_logged_in_*WordPressKeeps an administrator signed in (only set if you log in to the admin area)Session / 14 days
wordpress_sec_*WordPressSecure authentication cookie (admin only)14 days
wp-settings-*WordPressPersists admin UI preferences (admin only)1 year
__cf_bm, cf_clearanceCloudflareBot management and security challenge token. Strictly necessary to protect the site from automated abuse.Up to 30 minutes / 1 year

You can clear or block cookies through your browser settings at any time; doing so will not affect your ability to read the public pages of this site.

Server logs

Our hosting provider and Cloudflare automatically collect standard web-server logs each time the site is accessed. These logs contain the requesting IP address, user-agent string, requested URL, response status and timestamp. Logs are processed on the basis of our legitimate interests in maintaining the security and stability of the website (UK/EU GDPR Article 6(1)(f)) and are retained for no longer than 30 days.

Third-party processors

We use the following sub-processors. Each is bound by a data-processing agreement that includes the standard safeguards required by Articles 28 and (where relevant) 46 of the UK/EU GDPR.

ProcessorRoleData handledLocation / safeguards
Cloudflare, Inc.Content Delivery Network, Web Application Firewall and bot mitigation that sits in front of this website to improve performance and security.Visitor IP addresses, request metadata, security challenge tokens.Global edge network. Cloudflare publishes its Data Processing Addendum and EU Standard Contractual Clauses; UK transfers rely on the UK IDTA.
Microsoft Ireland Operations Limited (Microsoft 365)Hosted email, calendar and document storage for staff. Receives contact-form submissions and any correspondence you initiate by emailing us.Your name, email address, telephone number, subject and message content.EU data residency under Microsoft’s EU Data Boundary. Covered by the Microsoft Products and Services DPA and EU SCCs.

We do not use Google Analytics, Facebook Pixel, advertising trackers, or any other third-party profiling services on this site.

International transfers

Where personal data is transferred outside the UK / European Economic Area (for example, when Cloudflare’s edge servers handle requests outside the EU), we rely on UK / EU Standard Contractual Clauses (and, for UK transfers, the UK International Data Transfer Addendum) to ensure an essentially equivalent level of protection.

How long we keep your data

  • Contact-form submissions: for the duration of the related enquiry / customer relationship plus six years to meet legal and tax record-keeping requirements.
  • Server logs: 30 days.
  • Cookies: as set out in the cookie table above.

Your rights

Under the UK / EU GDPR you have the right to:

  • request access to the personal data we hold about you (right of access);
  • request correction of inaccurate or incomplete data (right to rectification);
  • request that we delete your data where it is no longer necessary for the purposes for which it was collected (right to erasure / “right to be forgotten”);
  • request that we restrict processing (right to restriction);
  • object to processing carried out on the basis of our legitimate interests (right to object);
  • receive your data in a portable format (right to data portability);
  • withdraw consent at any time where processing is based on consent — this does not affect the lawfulness of processing carried out before you withdrew consent.

You also have the right to lodge a complaint with a supervisory authority. In the UK this is the Information Commissioner’s Office (ico.org.uk); in Ireland it is the Data Protection Commission (dataprotection.ie).

How to contact us

To exercise any of the rights above, or for any privacy-related question, please contact us at:

IT Consultancy Services Limited
Email: [email protected]

We will respond to verified data-subject requests within one month, as required by Article 12(3) of the UK / EU GDPR.

Changes to this policy

We may update this policy from time to time. The “Last updated” date at the top of this page tells you when it was most recently revised. Material changes will be communicated where required by law.

Cookie Settings