Privacy Policy

Version 1.0 · Last updated 18 April 2026

This notice explains how Techzura Ltd (“Techzura” “we” “us” “our”) collects and uses personal data when you visit this website, enquire about our services, or receive services from us. It is written to meet our obligations under the UK GDPR, the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

Quick summary. We only collect what we need to reply to enquiries, deliver contracted services, and run the business. We don’t sell personal data. Client data we hold on behalf of your organisation is processed under your instructions. You have rights under UK GDPR, email privacy@techzura.com to exercise them.

1. Who we are

Techzura Ltd is a company registered in England & Wales (company number 15567049). Our registered office is 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ. Our trading address is Oxford House, 12–20 Oxford Street, Newbury, RG14 1JB.

For personal data we collect through this website or in the course of our dealings with you, Techzura Ltd is the data controller.

2. What personal data we collect

Category	Examples
Identity & contact	Name, work email, phone number, company, job title.
Enquiry content	Messages you send us, information you share during a discovery call, meeting notes.
Account & billing	For clients: signatories, billing contacts, purchase orders, invoices, service commitments.
Service delivery	Support tickets, device identifiers, usernames, access logs, configuration and incident records.
Technical / website	IP address, device/browser details, pages viewed, referrer, session duration. See “Cookies” below.
Correspondence	Emails, calendar invites, call recordings (only where explicitly stated and consented).

We do not knowingly collect special-category personal data through this website. If we need to process it to deliver contracted services to a client, we will do so only under a signed Data Processing Addendum.

3. Why we process it & lawful basis

Purpose	Lawful basis (UK GDPR Art. 6)
Responding to enquiries you send us.	Legitimate interests (Art. 6(1)(f)), replying to people who contact us.
Providing and administering contracted services.	Performance of a contract (Art. 6(1)(b)).
Complying with tax, accounting, and professional obligations.	Legal obligation (Art. 6(1)(c)).
Running, securing and improving our own business and website.	Legitimate interests (Art. 6(1)(f)).
Sending marketing communications to business contacts.	Legitimate interests (B2B) and PECR, with an easy opt-out on every email.
Responding to rights requests & cooperating with regulators.	Legal obligation (Art. 6(1)(c)).

4. Where the data comes from

Directly from you, forms, emails, calls, meetings.
From your employer, if you are a contact at one of our client organisations.
From publicly available sources, Companies House, LinkedIn, company websites, to verify who we’re dealing with.
Automatically, our website and service tools record limited technical data to operate and secure the service.

5. Who we share it with

We share personal data only where necessary, and under written contracts that require appropriate safeguards. Our key categories of processor are:

Business platform: Microsoft 365 (email, files, Teams), UK/EEA data regions.
Service delivery platform: HaloPSA / ConnectWise-class PSA and RMM systems for ticketing and device management.
Security tooling: endpoint, identity and email security vendors we use to protect clients (e.g. SentinelOne, Huntress, Mimecast-class, Cisco Umbrella-class).
Professional advisers: accountants, auditors, solicitors and insurers, under duties of confidentiality.
Regulators, courts and law enforcement, where we are legally required to disclose.

We do not sell personal data and we do not share it for cross-context behavioural advertising.

6. International transfers

Most of our data stays within the UK and EEA. Where a processor transfers data outside the UK, we rely on the UK’s adequacy regulations, the UK International Data Transfer Agreement, or the UK Addendum to the EU Standard Contractual Clauses, together with any additional safeguards the transfer warrants.

7. How long we keep it

Type	Retention
Enquiry / pre-contract correspondence (no contract results)	Up to 24 months from last contact.
Contract, invoicing & tax records	7 years after end of engagement (HMRC).
Service-delivery records (tickets, logs, incident notes)	Duration of engagement + 24 months, unless a longer period is required for professional liability or regulatory reasons.
Website analytics	Aggregated at source; raw request logs held up to 90 days.
Marketing contacts	Until opt-out or 24 months of no engagement, whichever is sooner.

8. How we protect it

We practise what we sell. Our own environment uses multi-factor authentication on every account, managed endpoints, encrypted storage, least-privilege access, vendor risk review, and 24/7 security monitoring aligned to Cyber Essentials. Staff receive annual security and data-protection training. Incidents affecting personal data are logged, investigated, and where necessary reported to the ICO within 72 hours.

9. Your rights

Under UK GDPR you have the right to:

Ask for a copy of the personal data we hold about you (subject access);
Have inaccurate data corrected;
Ask us to delete data we no longer need (erasure);
Restrict or object to certain processing;
Port data you provided us to another provider;
Withdraw consent, where consent was our basis for processing;
Not be subject to solely automated decisions with legal or similarly significant effects, we do not make such decisions about you.

Email privacy@techzura.com to exercise any of these. We’ll respond within one calendar month. We may need to verify your identity first.

10. Cookies & analytics

This site uses only strictly necessary cookies by default. We do not deploy third-party advertising trackers and we do not sell analytics data.

Cookie	Purpose	Duration
`tz_theme`	Remembers your light/dark theme preference.	12 months
`tz_consent`	Remembers your cookie/analytics choice, if one is offered.	12 months

We may add first-party, privacy-respecting analytics (such as Plausible or a self-hosted equivalent) to understand how pages are used. If we do, this table will be updated and the cookies noted accordingly.

11. Marketing

If you ask us for a proposal, sign up for an update, or are a business contact within the same industry, we may send occasional, relevant updates about our services. Every email includes an unsubscribe link. You can also opt out at any time by emailing privacy@techzura.com.

12. Where we process data on a client’s behalf

When we deliver Managed IT or Managed Security services to your organisation, we handle your employees’ and customers’ personal data as a processor, acting on your documented instructions under a signed Master Services Agreement and Data Processing Addendum. That agreement, not this notice, governs the specifics of that processing. This notice describes only data we handle as a controller.

13. Children

Our services are sold to businesses. This website is not directed at children under 13, and we do not knowingly collect personal data from them.

14. Changes to this policy

We’ll update this page when the policy changes and note the version and date at the top. Material changes will be announced in a prominent banner on the site for at least 30 days.

15. Contact & complaints

Data-protection contact: privacy@techzura.com

Post: Data Protection, Techzura Ltd, Oxford House, 12–20 Oxford Street, Newbury, RG14 1JB.

If you’re unhappy with how we’ve handled your data, please tell us first so we can try to put it right. You can also complain to the Information Commissioner’s Office at ico.org.uk or on 0303 123 1113.