top of page

Privacy Notice – Woodstock Advisory Limited

1. Who we are

Woodstock Advisory Limited is a cyber security and technology risk consultancy based in Woodstock, Oxfordshire, UK.
We help organisations understand and reduce their cyber risk.

If you have any questions about this notice or how we use your data, you can contact us at:

 

Email: stephen.oke@woodstockadvisory.co.uk

2. What data we collect

When you visit our website, technical information such as your IP address, browser type and pages viewed may be collected automatically by our website platform and service providers for security, performance monitoring and usage statistics.

When you contact us or request a review, we may collect:

  • First name and last name

  • Email address

  • Phone number

  • Company name

  • Company size

  • Website URL

  • Topic of concern

  • Any free‑text information you choose to share about your cyber security concerns

Our website includes optional self-assessment tools that allow you to enter information about your organisation’s cyber security arrangements. Some assessment answers are processed locally in your web browser to generate an indicative result and are not transmitted to us, stored by us, or shared with third parties unless you choose to submit the results or contact us.

3. How we use your data

We use your data to:

  • Review your enquiry or request

  • Contact you to arrange calls, meetings or reviews

  • Provide advice and follow‑up information

  • Keep basic records of our interactions

  • Improve our services and understand what types of organisations we are helping

If you agree, we may also use your contact details to:

  • Send you occasional updates about cyber security topics

  • Let you know about Woodstock Advisory services, events or resources

We do not sell your data to third parties.

4. Our legal bases for using your data

We rely on:

  • Legitimate interests – to respond to your enquiry, provide our services and run our business in a secure and professional way.

  • Consent – where you choose to receive marketing updates from us. You can withdraw this at any time.

5. Who we share your data with

We may share your data with:

  • Trusted service providers who help us run our business (for example, email, calendar, website and booking tools)

  • Professional advisers (for example, legal or insurance advisers) where needed

These providers only use your data to provide their services to us and must keep it secure.

We may also share data if required by law or to protect our legal rights.

6. Where your data is stored

Our systems and service providers may store data in the UK, the European Economic Area (EEA) or other countries.
Where data is transferred outside the UK/EEA, we aim to ensure appropriate safeguards are in place (for example, standard contractual clauses).

7. How long we keep your data

We keep your data only for as long as needed to:

  • Respond to your enquiry and provide services

  • Meet legal, regulatory and insurance requirements

  • Keep basic business records

We review our records regularly and delete or anonymise data that is no longer needed.

8. Your rights

Under UK data protection law, you have rights over your personal data, including:

  • Access – to ask for a copy of your personal data

  • Correction – to ask us to correct inaccurate or incomplete data

  • Deletion – to ask us to delete your data in some circumstances

  • Restriction – to ask us to limit how we use your data

  • Objection – to object to certain types of use, including direct marketing

  • Data portability – to ask for your data in a usable format in some cases

You can exercise these rights by emailing: stephen.oke@woodstockadvisory.co.uk

You also have the right to complain to the UK Information Commissioner’s Office (ICO) if you are unhappy with how we handle your data.
Website: https://ico.org.uk

9. Security

As a cyber security consultancy, we take the security of your data seriously.
We use technical and organisational measures to protect your data against loss, misuse and unauthorised access, and we review these measures regularly.

10. Updates to this notice

We may update this Privacy Notice from time to time.
We will post the latest version on this page and update the “last updated” date below.

Last updated: 26 May 2026

Privacy Notice

bottom of page