Crilly Consulting LTD

Privacy Policy

About Crilly Consulting Limited.

Crilly Consulting Limited (Company registration number 09218646) are specialists in security consulting, with focus on assessments, surveys and design solutions for all business sectors, both domestic and Internationally.

Our registered address is:

c/o Penrose & Co. Suite 1 Excelsior House, 3 – 5 Balfour Road, Ilford, Essex, IG1 4HP

Contact email address:

The Information Commissioners Office have made an amendment to the DPA & GDPR 2018 Rights to access October 2020, this can be found using the following link:

About this notice.

This privacy notice tells you what to expect when we collect personal information about you.

Crilly Consulting Ltd understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

Please read this Privacy Policy carefully and ensure that you understand it. Your acceptance of this Privacy Policy is deemed to occur upon your first use of this website requested, along with any ‘Contact Us’ provided details. If you do not accept and agree with this Privacy Policy, you must stop using this website and not complete any ‘Contact Us’ details.

What is covered by this notice?

We collect the personal data of the following types of people to allow us to undertake our business:

  • Individual clients;
  • Corporate clients;
  • Supplier contacts to support our services;
  • Associate consultants
  • Visitors to our

We collect this information about you in order to carry out our core business and additional activities.

This privacy notice also covers:

  • Security;
  • Retention of your personal information;
  • Your right to withdraw consent to our processing of your information;
  • Your right to access information we hold about

This Privacy Policy applies only to your use of this website. Our website may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them. This will include terms and conditions and privacy notices for any sites that we may partner with from time to time.

The information we collect and how we use it.

The information that we gather includes, but is not limited to:

  • Identity information, including your first name and last name;
  • Your contact information including your personal email address and phone number;
  • Your business or home address if it is relevant to any request for services such as security assessments etc;

We hold and use this information in order to:

  • Seek your feedback on our services;
  • Fulfil our obligations to our clients;
  • Update you on other services that may be relevant to you;

In the event that we gather data about you, this privacy notice will be available upon request by email or by visiting our website where a link can be found on the home page. We welcome contact and enquiries regarding this notice and about how we can protect your data, please use the Contact Us form on our website.

You have the right to amend your communications preferences.

  • You can opt-out from marketing communication by informing us of your wish to do so.

We may share your personal or commercial information with the following:

  • Trusted third parties who provide services on our behalf, such as security service providers that we use as partners. These third parties are required to comply with our actions relating to security and confidentiality;
  • Regulatory or law enforcement agencies, when required by law to do

We do not share your personal information with third parties who wish to use it for marketing purposes.

Legal basis for the processing of personal data.

We will only use your personal data for the purposes for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purposes and need to use your personal data for that purpose. If we do use your personal data in this way and you wish us to explain how the new purpose is compatible with the original, please contact us using the email address provided.

If we need to use your personal data for a purpose that is unrelated to, or incompatible with, the purposes for which it was originally collected, we will inform you and explain the legal basis which allows us to do so.

In some circumstances, where permitted or required by law, we may process your personal data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.

Our legitimate business and commercial interests.

Our legitimate interests in collecting and retaining your personal data is as follows:

  • As a security services provider we are obliged to conduct extensive research on addresses and businesses, primarily to conduct security
  • To maintain, expand and develop our business we need to record the personal data of client and partner
  • When our security services are required then a contract or agreement will be made between Crilly Consulting Ltd and the client to ensure that all proposed services that are to be carried out are discussed. Prior to any agreement a quotation/s will be issued, which may contain personal or commercial information. If the quotation is approved and the work carried out then an invoice/s, also containing personal or commercial information, will be

Visitors to our website.

We use Siteground hosted WordPress as well as Google Analytics and cookies to gather general information about visitors to our website in order to better understand how our website is used.

If we hold an email address for you, we may occasionally use cookies to gather information about your personal use of our website. This is in order to provide you with a tailored service.

You may find further information about our use of cookies here:

Google Analytics

For Google Analytics 4, the gtag.js JavaScript library uses first-party cookies to:

  • Distinguish unique users
  • Distinguish sessions for a user

Cookie name

Default expiration time



2 years

Used to distinguish users.


24 hours

Used to distinguish users.


2 years

Used to persist session state.


The analytics.js JavaScript library or the gtag.js JavaScript library can be used for Universal Analytics. In both cases, the libraries use first-party cookies to:

  • Distinguish unique users
  • Throttle the request rate

Cookie Name

Default expiration time



2 years

Used to distinguish users.


24 hours

Used to distinguish users.


1 minute

Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_.


30 seconds to 1 year

Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.


90 days

Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out. Learn more.

Our website may contain links to external websites operated by other organisations. Those organisations may collect personal information from visitors to their site.

We cannot guarantee the content or privacy practices of any external websites and do not accept responsibility for those websites.


We are committed to protecting the security of your personal information. We use a variety of measures, including but not limited to: firewalls, antivirus on the PC’s that we use and SSL encryption on our website in order to protect your personal information from:

  • Improper use or disclosure;
  • Unauthorised access;
  • Unauthorised modification or alteration;
  • Unlawful destruction or accidental

Where your personal data is processed and stored.

The data that we collect from you may be processed and/or transferred to, and/or stored on Crilly Consulting Ltd company computers and computers belonging to Crilly Consulting Ltd associates, who will require certain data to completed reports and assessments as directed by Crilly Consulting Ltd. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy notice.

Retention of your personal information.

We understand our legal duty to retain accurate data and only retain personal data for as long as we need it for our legitimate business interests and that you are happy for us to do so. Accordingly, we have a data retention policy and run data routines to remove data that we no longer have a legitimate business interest in maintaining.

We do the following to try to ensure our data is accurate:

  • Our website enables you to manage your data and to review whether the details we hold about you are accurate;
  • Prior to making an introduction we check that we have accurate information about you;
  • We keep in touch with you, so you can let us know of changes to your personal

Your rights.

You have the following rights:

  1. The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the email address
  2. The right to access the personal data we hold about
  3. The right to have your personal data rectified if any of your personal data held by us is inaccurate or
  4. The right to be forgotten, i.e., the right to ask us to delete or otherwise dispose of any of your personal data that we
  5. The right to restrict or prevent the processing of your personal
  6. The right to object to us using your personal data for a particular purpose or
  7. The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any
  8. The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many
  9. Rights relating to automated decision-making and profiling. We do not use your personal data in this

The above rights may be exercised by contacting us at

How can you access information we hold about you?

If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.

All subject access requests should be made in writing and sent to the email address shown.

There is not normally any charge for a subject access request. If your request is deemed to be ‘unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.

We will respond to your subject access request within and, in any case, not more than one month of receiving it. Please note that in some cases, particularly if your request is complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.

Changes to our Privacy Notice.

We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

Any changes will be immediately posted on this website and you will be deemed to have accepted the terms of the Privacy Policy on your first use of this website following the alterations. We recommend that you check this page regularly to keep up to date. This Privacy Policy was last updated on 29th March 2021.

Contact us.

You may contact us about any questions you have in respect of this privacy notice by emailing