QuantumSabre Privacy Notice

Effective Date: 11-04-2025

QuantumSabre (“we,” “us,” “our”) respects your privacy and is committed to protecting your personal data. This Privacy Notice explains how we collect, use, share, and safeguard your personal information in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), and relevant guidance from the National Cyber Security Centre (NCSC).

1. Who We Are

QuantumSabre is a UK-based cybersecurity firm specialising in advanced security services to protect organisations from digital threats. As a Data Controller, we ensure that personal data is processed lawfully, fairly, and securely.

Contact Information:
Data Protection Officer (DPO): Joseph Matthew Hajczinger
📧 Email: quantumsabre@protonmail.com
📍 Address: 27 Gloucester Street, London, United Kingdom, WC1N 3AX

2. Data We Collect

We may collect and process the following categories of personal data:

A. Personal Identification Information

  • Name, Address, Email, Phone number, Job title

B. Sensitive Personal Data (Special Category Data)

  • Health-related information (e.g., sickness or disability status)
  • Biometric data (e.g., facial recognition)
  • Race or ethnicity, religion or philosophical beliefs, trade union membership

C. Criminal Offence Data

  • Disclosure and Barring Service (DBS) checks
  • Criminal conviction records (where legally required)

D. Technical and Usage Data

  • IP address, device specifications, log files, browsing behaviour (via cookies)

E. Business Data

  • Details of services requested or provided, communication records

3. How We Use Your Data

Your data is processed for the following purposes:

  • Service Delivery: To provide, manage, and improve our cybersecurity services
  • Compliance: To meet legal requirements and regulatory obligations
  • Communication: To respond to inquiries and provide updates
  • Security and Prevention: To detect and mitigate security threats
  • Training and Awareness: To deliver cybersecurity training to clients and staff
  • Marketing: To share service updates (only with your explicit consent)

4. Legal Basis for Processing

We process personal data under the following lawful bases:

  • Contractual Obligation: For service agreements or pre-contract enquiries
  • Legal Obligation: To meet statutory or regulatory requirements
  • Legitimate Interests: To maintain operations and security readiness
  • Consent: For marketing and certain voluntary data sharing

5. How We Protect Your Data

We implement robust security measures aligned with NCSC guidance:

  • Technical Controls: Encryption, secure configurations, firewalls
  • Access Management: Role-based access and multi-factor authentication
  • Incident Response: Breach detection and response protocols
  • Staff Training: Cybersecurity and data protection training
  • Compliance Audits: Periodic checks to ensure adherence

6. Data Retention

We retain data only as long as necessary for the stated purposes or as required by law. Our retention schedule outlines:

  • Data types and retention timelines
  • Legal and operational justification for storage
  • Secure deletion methods (physical and electronic)

7. Sharing Your Data

We may share data with:

  • Service Providers: Cloud, storage, or payment providers
  • Regulatory Bodies: When required by law
  • Business Partners: For joint services (with your consent)
  • Professional Advisors: Legal, accounting, or IT specialists

8. International Data Transfers

Where applicable, data transfers outside the UK/EEA follow:

  • UK-approved Standard Contractual Clauses (SCCs)
  • Transfer Impact Assessments (TIAs)
  • Compliance with UK adequacy decisions

9. Your Rights

Under the UK GDPR, you have rights to:

  • Access your personal data
  • Rectify inaccuracies
  • Erase data under certain conditions
  • Restrict or object to processing
  • Port data to another provider
  • Withdraw consent (for consent-based processing)

To exercise these rights, contact us at quantumsabre@protonmail.com.

10. Cookies and Tracking Technologies

We use cookies for functionality and analytics. You can manage preferences via our [Cookies Policy].

11. Data Breaches

In the event of a breach:

  • We assess and mitigate the impact promptly
  • Notify affected individuals if there is a high risk
  • Report to the ICO within 72 hours when required

12. Updates to This Notice

We may update this notice periodically to reflect legal or operational changes. The current version is always available on our website.

13. Contact

For questions or concerns:

Data Protection Officer
📧 Email: quantumsabre@protonmail.com
📍 Address: 27 Gloucester Street, London, United Kingdom, WC1N 3AX

If you believe your rights have been violated, you may contact the Information Commissioner’s Office (ICO).

QuantumSabre – Your Trusted Partner in Cybersecurity