Privacy & Data Protection

Privacy Policy

This Privacy Policy explains how CIKEY LTD (SIC Code 70229), a UK-based management consultancy, collects, uses, discloses, and protects personal data when you interact with our corporate website and related services.

Our Approach to Your Privacy

Last updated: 5 June 2026

1. Introduction

CIKEY LTD ("CIKEY", "we", "our", or "us") is committed to protecting the privacy and personal data of all individuals who visit our website at https://cikey.site/, engage with our content, or interact with our advisory and consultancy services. This Privacy Policy outlines how we handle personal data in a manner that is lawful, fair, transparent, and aligned with applicable data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our website or providing personal information to us, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described here, you should discontinue use of our website and services.

2. Scope of this Policy

This Privacy Policy applies to personal data processed by CIKEY LTD in connection with:

  • Use of our corporate website and its sections, including About, Expertise, Solutions, Insights, Team, Clients, Media, and Contact Us pages.
  • Enquiries, proposals, and ongoing client relationships relating to our management consultancy services.
  • Subscriptions to newsletters, insights, or other thought-leadership communications.
  • Registrations for events, briefings, or webinars promoted through our website.

It explains what information we collect, how and why we use it, the legal bases we rely on, the parties with whom we may share it, and the rights you have in relation to your personal data.

3. Information We Collect

We collect and process different categories of personal data depending on how you interact with us. This includes information that you provide directly and data that is collected automatically when you use our website.

3.1 Information you provide to us

When you choose to interact with CIKEY LTD, you may voluntarily provide personal information such as:

  • Contact details – including your name, job title, company name, professional email address, telephone number, and postal address.
  • Enquiry details – details of your enquiry or message submitted via the Contact Us page or other communication channels, including information about your organisation, role, and areas of interest.
  • Subscription information – your preferences for receiving newsletters, insights, media updates, or event invitations, as well as records of your opt-in and opt-out decisions.
  • Recruitment information – if you apply for a role with us via our Team or related pages, we may collect CVs, cover letters, professional history, qualifications, and references.
  • Client relationship data – information shared in connection with proposals, advisory engagements, workshops, or consultancy projects, which may include personal contact details of relevant stakeholders.

3.2 Information collected automatically

When you visit our website, we automatically collect certain technical and usage information to help us understand how visitors engage with our content and to maintain the security and performance of our services. This may include:

  • Device and browser information – such as IP address, device type, operating system, browser type, language settings, and approximate geographic location.
  • Usage data – including pages visited (for example, Expertise, Solutions, or Insights), time and date of visits, time spent on pages, referring URLs, and interactions with on-page elements.
  • Cookie and tracking data – collected through cookies, pixels, and similar technologies as described in the Cookies and Tracking Technologies section below.

We generally collect this information in an aggregated or pseudonymised format; however, it may sometimes be associated with your IP address or other identifiers that could be considered personal data under applicable law.

4. How We Use Your Information

We process personal data only where we have a valid legal basis to do so, such as your consent, our legitimate interests in operating and improving our consultancy business, the performance of a contract, or compliance with legal obligations. In particular, we use personal information to:

  • Provide and manage our services – to respond to enquiries, develop proposals, deliver advisory and strategic planning engagements, and manage ongoing client relationships.
  • Communicate with you – to send administrative information, respond to messages submitted via the Contact Us page, provide requested materials such as reports or case studies, and keep you informed of updates related to our services.
  • Share insights and thought leadership – to send newsletters, industry insights, event invitations, and other communications via the Insights and Media channels, where you have opted in or where we are otherwise permitted by law.
  • Improve our website and user experience – to analyse aggregated usage data, understand how visitors engage with key sections such as About, Clients, and Solutions, and to enhance content relevance, navigation, and performance.
  • Support recruitment and careers – to assess applications, manage recruitment processes, and communicate with candidates engaging with us through the Team and related pages.
  • Maintain security and compliance – to protect our website, assets, and users from fraud, misuse, and security incidents, and to comply with applicable legal, regulatory, and reporting requirements.

Where required by law, we will obtain your consent before sending marketing communications and you can withdraw this consent at any time by following the unsubscribe instructions in our emails or by contacting us using the details in the Contact and Updates to this Policy section.

5. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to provide a more tailored and efficient browsing experience, to understand how our digital content is used, and to support the ongoing improvement of our corporate website.

5.1 What are cookies?

Cookies are small text files that are stored on your device when you visit a website. They help the site recognise your device, remember your preferences, and track certain information about your interactions with the site.

5.2 Types of cookies we may use

  • Strictly necessary cookies – required for the basic operation and security of our website, such as enabling page navigation, access to secure areas, and load balancing.
  • Performance and analytics cookies – used to gather aggregated data on how visitors interact with our site (for example, which pages are visited most frequently, such as Expertise or Insights) so we can improve content and usability.
  • Functional cookies – help remember your preferences (such as language settings) and support enhanced features, where implemented.

5.3 Managing cookies

When you first visit our website, you may be presented with a cookie banner that explains our use of cookies and provides options to manage your preferences, where applicable. You can also manage cookies through your browser settings by blocking, restricting, or deleting cookies. Please note that disabling certain cookies may affect the performance or availability of some features of our website.

6. Sharing and Disclosure of Your Information

We do not sell your personal data. We only share personal information with carefully selected third parties where necessary for legitimate business purposes, service delivery, or compliance with the law. This may include:

  • Service providers – including providers of web hosting, IT support, analytics, email communications, and professional services who process personal data on our behalf and under our instructions.
  • Professional advisers – such as legal, regulatory, or financial advisers where reasonably necessary to obtain specialist advice or to protect our rights.
  • Corporate transactions – in the context of a merger, acquisition, restructuring, or sale of all or part of our business, where personal data may be shared under appropriate confidentiality safeguards.
  • Regulatory and legal authorities – where we are required to do so by law, regulation, or court order, or where disclosure is necessary to establish, exercise, or defend legal claims.

Whenever we share personal data with third parties, we require them to handle the information in accordance with applicable data protection laws and to use it only for the purposes for which it was provided.

7. Data Security

CIKEY LTD takes the security of your personal data seriously. We implement industry-standard technical and organisational measures designed to protect information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

These measures may include access controls, encryption and secure transmission protocols where appropriate, regular monitoring of our systems, and restrictions on access to personal data to those employees, contractors, and service providers who need it for legitimate business purposes and are bound by confidentiality obligations.

While we strive to protect your personal information, no system or transmission of data over the internet can be guaranteed to be completely secure. If you have reason to believe that your interaction with us is no longer secure, please notify us promptly using the contact details in the Contact and Updates to this Policy section.

8. International Transfers

As a UK-based consultancy with a global client base and supplier network, we may, in limited circumstances, transfer personal data to countries outside the United Kingdom or the European Economic Area (EEA). This can occur, for example, where our service providers host or access data from locations outside these jurisdictions.

Where such transfers occur, we take steps to ensure that your personal data remains adequately protected and that appropriate safeguards are in place, such as:

  • Relying on adequacy regulations issued by the UK government or adequacy decisions by the European Commission.
  • Implementing standard contractual clauses or equivalent mechanisms approved by relevant regulators.
  • Carrying out risk assessments and, where needed, implementing additional technical and organisational security measures.

By using our website and providing personal data to us, you acknowledge that such transfers may occur in accordance with this Privacy Policy and applicable data protection law.

9. Your Data Protection Rights

Under applicable data protection laws, including the UK GDPR, you may have a number of rights in relation to the personal data we hold about you. Subject to certain conditions and exemptions, these rights may include:

  • Right of access – to request confirmation as to whether we process your personal data and to obtain a copy of that information, along with details about how we use it.
  • Right to rectification – to request correction of inaccurate or incomplete personal data.
  • Right to erasure – to request deletion of your personal data where there is no compelling reason for us to continue processing it, sometimes referred to as the "right to be forgotten".
  • Right to restriction of processing – to request that we restrict the processing of your personal data in certain circumstances.
  • Right to data portability – to receive personal data you have provided to us in a structured, commonly used, and machine-readable format and to request that we transfer it to another controller where technically feasible.
  • Right to object – to object to the processing of your personal data where we rely on legitimate interests, including profiling, or where we process your data for direct marketing purposes.
  • Right to withdraw consent – where we rely on your consent to process personal data, you may withdraw that consent at any time without affecting the lawfulness of processing prior to withdrawal.
  • Right to lodge a complaint – to raise a concern with your local data protection authority. In the UK, this is the Information Commissioner's Office (ICO).

To exercise any of these rights, please contact us using the details provided in the Contact and Updates to this Policy section. We may need to verify your identity before responding to your request and we will handle all such requests in accordance with applicable legal requirements.

10. Retention of Information

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to provide requested services, manage client relationships, meet contractual obligations, and comply with legal, regulatory, or reporting requirements.

In determining appropriate retention periods, we consider factors such as the nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process the data, and applicable legal limitation periods. For example:

  • Enquiry and contact data may be retained for a period reasonably necessary to address and follow up on your request.
  • Client engagement data may be retained for the duration of the engagement and for a subsequent period as required for record-keeping, compliance, and dispute resolution.
  • Recruitment data may be retained for a defined period following the completion of a recruitment process, in line with our internal policies and legal obligations.

When personal data is no longer required for the purposes for which it was collected, we will securely delete or anonymise it, unless we are required by law to retain it for a longer period.

11. Contact and Updates to this Policy

If you have any questions, concerns, or requests regarding this Privacy Policy or the way CIKEY LTD handles your personal data, please contact us using the details provided on our Contact Us page. We aim to respond to all legitimate requests within a reasonable timeframe and in accordance with our regulatory obligations.

We may update this Privacy Policy from time to time to reflect changes in our services, operational practices, or legal requirements. Any updates will be posted on this page with an amended "Last updated" date. We encourage you to review this Policy periodically to stay informed about how we protect your information.

Your continued use of our website and services following the publication of any changes will constitute your acknowledgement of the updated Policy.

Questions about how we handle your data?

If you would like to discuss this Privacy Policy or exercise your data protection rights, please contact the CIKEY LTD team.

Contact CIKEY LTD