We are Nine Consulting Limited, trading as ‘9ine’. We provide consultancy services and cloud-based products to client organisations to assist with their risk management in the areas of technology, data protection, cyber security and safeguarding. We are registered in England and Wales under company number 06829839. Our registered offices are at 20 Goodwood Way, Cepen Park South, Chippenham, SN14 0SY and we are based at 63 Wingate Square, Clapham Old Town, London, SW4 0AF.
The term ‘personal data’ refers to any information which identifies you or can be used to identify you when used in conjunction with other information. The personal data most commonly used by us will be your name, your job title and your email address.
The term ‘data subject’ describes the person about whom the personal data is about.
We will usually collect and process:-
We may also collect and use anonymous or aggregated data relating to your use of our products and services in order to improve them, refine them and develop our business.
Much of the personal data we process about you will be provided directly by you. We will collect your personal information to contact you when:-
We use your personal data for the purposes you provide the information for, including communicating with you to maintain and expand our relationship with you.
We may also use your personal data: -
We are registered as a Controller with the Information Commissioner’s Office under number Z2290134.
We are also a Processor of information for other organisations.
In every case, when we are collecting or using personal data, we will comply with the requirements of data protection legislation, including the General Data Protection Regulation (Regulation (EU) 2016/679) (the GDPR) and the Data Protection Act 2018.
Under the GDPR, we are required to have a legal basis to process your personal data.
Where we are acting as a Controller, our lawful basis may be based upon:-
Where we are acting as a Processor, our legal basis will mirror that of our Controller. We will only process personal data in accordance with our Controllers instructions and in compliance with our contractual obligations.
We may share your personal data with selected external service providers acting on our behalf, under contract, to complement the services we are providing for you. These service providers may be based outside of the EEA.
We may also be required to share your personal data with other organisations for legal or statutory purposes, or where we have your consent to do so.
You may ask us for information about the personal data we hold about you and what we are using it for.
You may also ask us to:
If you have any questions or concerns about how we are using your personal data or if you would like to exercise any of your information rights, please contact us at firstname.lastname@example.org
If you consider your personal data is not being used appropriately and you have not received a satisfactory response from us, then you are entitled to lodge a complaint with the Information Commissioner's Office.
All personal data is securely stored and is deleted when it is no longer required.
We have procedures and technologies in place to maintain the security of all personal data from the point of collection to destruction.
We use industry-standard security measures to protect your personal data against unlawful or unauthorised processing, and against accidental loss, destruction or damage.
We hold Cyber Essentials+ and ISO 9001 certifications. We undertake regular WebApp cyber security assessments, auditing our code on a regular basis and following best practice in Cyber Security-by-design methodologies.
We will only use data processors who have provided us with sufficient guarantees that they have implemented appropriate technical and organisational measures to comply with the data protection legislation.