Sciris Logo

Privacy Policy

< Back to home

SCIRIS GROUP LIMITED (12544070)

Website Privacy Policy

This website is operated by SCIRIS GROUP LIMITED (12544070). The privacy of our users is extremely important to us, and we encourage all users to read this policy carefully, as it explains:

  • who we are;
  • how and why we collect, store, use and share personal information;
  • your rights in relation to your personal information; and
  • how to contact us and supervisory authorities if you have a complaint.

Who we are

SCIRIS GROUP LIMITED (12544070) ("we", "us" or "our") collects, uses and is responsible for certain personal information about you.

When we do so, we are regulated under the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and applicable amendments including the Data (Use and Access) Act 2025. We are the data controller for the personal information processed through this website.

Data Protection Principles

We process personal data in accordance with UK data protection law. This means personal data is handled lawfully, fairly and transparently, collected for specific purposes, limited to what is necessary, kept accurate and up to date, retained only for as long as required, and protected using appropriate security measures.

Personal Data Breaches

All suspected personal data breaches are reported and investigated promptly. Where required by law, we will notify the Information Commissioner’s Office (ICO) and affected individuals if a breach is likely to result in a risk to their rights and freedoms.

Personal Data we Collect

Personal data means any information that can identify a living individual, either directly or indirectly.

Through this website, we may collect the following types of personal data:

  • Name
  • Email address
  • Telephone or mobile number
  • Information you provide when contacting us or submitting enquiries
  • Technical information such as IP address, browser type, device information, and website usage data (including analytics and cookies)

Collection of Personal Data

We collect personal data in the following ways:

  • Directly from you when you complete website forms, contact us, or subscribe to communications
  • Automatically when you use our website, including through cookies and analytics tools

We only collect personal data that is relevant, necessary, and proportionate for the purpose for which it is used.

How we use your personal data

We use personal data collected through this website for the following purposes:

  • Responding to enquiries and requests
  • Managing communications with clients, suppliers, and other stakeholders
  • Providing information about our services where requested
  • Operating, maintaining, and improving our website
  • Maintaining website security and preventing misuse
  • Complying with legal, regulatory, and audit obligations

We do not use personal data for purposes that are incompatible with the original reason it was collected.

Lawful Bases for Processing

Under UK GDPR, we rely on the following lawful bases to process your personal data:

  • Consent – where you have chosen to provide information or subscribe to communications
  • Legitimate interests – where processing is necessary to operate our website, respond to enquiries, improve services, and ensure security, and where those interests are not overridden by your rights
  • Legal obligations – where processing is required to comply with applicable laws or regulations

Sharing of Personal Data

We may share your personal data:

  • With authorised personnel within SCIRIS where necessary to respond to enquiries or manage services
  • With trusted third-party service providers (such as website hosting, IT support, analytics, or communications providers) who act on our instructions and under appropriate contractual safeguards
  • With regulators, law enforcement, or other authorities where required by law

We do not sell your personal data to third parties.

International Transfers

Some of our third-party service providers, including IT support and managed service providers, may access or process personal data from outside the United Kingdom, including from the European Union and the United States.

Where personal data is transferred or accessed internationally, we ensure appropriate safeguards are in place in accordance with UK data protection law, such as adequacy regulations or approved contractual protections.

Data Security

We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, alteration, or disclosure. These measures include:

  • Role-based access controls
  • Encryption of sensitive information
  • Network and system monitoring
  • Staff training and awareness activities

While we take reasonable steps to protect your personal data, no internet transmission is completely secure.

Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including:

  • Website enquiries and contact data: up to 24 months after last interaction
  • Marketing communications: until you withdraw consent or unsubscribe
  • Records required for legal or regulatory purposes: retained in line with statutory requirements

Personal data is securely deleted or anonymised when no longer required.

Individual Rights

Under UK GDPR, you have rights in relation to your personal data, including the right to:

  • Access your personal data
  • Request correction of inaccurate or incomplete data
  • Request deletion of your personal data in certain circumstances
  • Object to processing, including for direct marketing
  • Request restriction of processing in certain circumstances
  • Receive a copy of your data in a portable format

We may request reasonable proof of identity where necessary to process your request securely.

Automated Decision Making

We do not make decisions about individuals based solely on automated processing that produces legal or similarly significant effects.

Complaints

We hope to resolve any questions or concerns you raise about our use of your personal data.

If you have a complaint, please contact us using the details below. You also have the right to complain to the UK supervisory authority, the Information Commissioner’s Office (ICO):

https://ico.org.uk/concerns/

Telephone: 0303 123 1113

Changes to this Privacy Policy

This privacy policy was last updated on 21/01/2026. We may update this policy from time to time. The most recent version will always be published on our website.

Contact us

If you have any questions about this privacy policy or how we handle your personal data, please contact:

SCIRIS Group Data Protection Officer

Dan Doe, Head of Data Strategy Operations

Email: dan.doe@sciris.com

175 High Holborn
London
WC1V 7AA
UK