This Privacy Policy explains how Kyberbyte Systems Ltd trading as Kyberbyte collects, uses, stores, and shares personal data when you use kyberbyte.co.uk, the Kyberbyte portal, and related services.
| Legal company name | Kyberbyte Systems Ltd |
| Trading name | Kyberbyte |
| Website | kyberbyte.co.uk |
| Privacy queries | help@kyberbyte.co.uk |
This Privacy Policy applies to personal data Kyberbyte processes as Controller in connection with:
It does not replace our Data Processing Addendum, which applies where we process customer personal data on behalf of a customer in delivering the tenant scan and reporting service.
| Category | Examples |
|---|---|
| Account & identity data | Name, work email address, Microsoft account or admin account identifiers, sign-in related information provided through Microsoft authentication, organisation or tenant association where relevant |
| Service & portal data | Account records, workspace membership and access information, tenant connection and consent records, scan request records, report entitlement records, support and service communication history, technical logs needed for security, troubleshooting, and service administration |
| Billing & transaction data | Billing contact details, transaction identifiers, purchase history, invoice or payment status information, and limited payment-related information made available by Stripe. Kyberbyte does not intentionally store full payment card details. |
| Communications data | Emails sent to or from Kyberbyte, support requests, commercial or service-related correspondence, and information you choose to include in those communications |
At launch, Kyberbyte does not intentionally use non-essential analytics, advertising, or tracking technologies. We may use only strictly necessary cookies or similar technologies required for website functionality, security, authentication, or user-requested services.
| Purpose | Lawful basis |
|---|---|
| Provide the website, portal, and services | Performance of a contract, or steps taken at your request before entering into a contract |
| Manage customer and prospect communications | Legitimate interests and, in some cases, performance of a contract |
| Process billing and maintain financial records | Performance of a contract, legitimate interests, and compliance with legal obligations |
| Secure and improve the service | Legitimate interests and, where relevant, compliance with legal obligations |
| Comply with the law | Compliance with legal obligations |
We keep personal data only for as long as necessary for the purpose for which it was collected, taking into account legal, operational, security, and accounting requirements.
| Data type | Retention approach |
|---|---|
| Report and scan data | Up to 90 days, unless a longer period is required for an active customer relationship, dispute handling, legal claim, or agreed service feature |
| Support and service emails | Up to 12 months from last meaningful contact, unless needed longer for an active customer issue, dispute, or legal reason |
| Account and portal records | For as long as the account or customer relationship remains active and for a limited period afterwards where reasonably needed for security, audit, fraud prevention, or record keeping |
| Billing and transaction records | For as long as required by applicable tax, accounting, and financial record-keeping obligations |
| Technical security logs | For a limited period reasonably necessary for security, fraud prevention, troubleshooting, and system integrity |
We may share personal data with trusted service providers where necessary to operate the website and Services. These currently include:
We may also share personal data with professional advisers where necessary, where required by law or lawful authority, or in connection with a business sale, restructuring, merger, or acquisition subject to appropriate confidentiality protections.
We do not sell personal data.
Kyberbyte is UK-focused at launch. However, some service providers may process personal data in the United Kingdom, the European Economic Area, or other countries.
Where personal data is transferred outside the United Kingdom, we will take steps intended to ensure an appropriate level of protection in accordance with applicable data protection law, such as relying on adequacy regulations or approved contractual safeguards where relevant.
We take reasonable technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.
However, no internet-based system can be guaranteed to be completely secure. You should also take care to protect your own credentials and devices.
Depending on the circumstances, you may have rights including the right to:
To exercise your rights, contact help@kyberbyte.co.uk.
Our website or communications may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties.
We may update this Privacy Policy from time to time. The latest version will be published on kyberbyte.co.uk with the revised date shown at the top.
If you have questions about this Privacy Policy or want to exercise your rights, contact us at help@kyberbyte.co.uk.