Legal  ◆  Privacy Policy

Privacy Policy.

How BOOM Infrastructure Intelligence collects, uses, and protects your personal data — in plain English.

Last updated: March 2026

Who we are

BOOM Infrastructure Intelligence is a managed IT infrastructure and cyber compliance service provider registered in England and Wales. Our registered address is:

New Gallery, Haringey Park, Crouch End, London N8 9HY

We are the data controller for the personal data we collect through this website and in the course of providing our services. If you have any questions about how we handle your data, please contact us at [email protected] or on 020 8342 5010.

What data we collect

We collect personal data in the following ways:

  • Contact and enquiry data — when you submit an audit request or contact form, we collect your name, company name, email address, phone number, sector, and any message you provide.
  • Communication data — emails, calls, or other correspondence you have with us.
  • Website usage data — standard server logs including IP address, browser type, pages visited, and time of visit. This data is anonymised and used only for website performance and security monitoring.
  • Client data — where we provide managed services, we may process data about your systems, users, and IT environment as part of our service delivery. This is governed by a separate Data Processing Agreement.

We do not collect sensitive personal data (such as health data or financial account information) through this website.

How we use your data

We use your personal data only for the following purposes:

  • To respond to your enquiry — processing your audit request or contact form submission (legal basis: legitimate interests / contract).
  • To provide our services — delivering infrastructure audits, managed security, and compliance support to clients (legal basis: contract).
  • To send relevant communications — where you have engaged with us, we may send updates about changes that affect your compliance posture (legal basis: legitimate interests). You can opt out at any time.
  • To comply with legal obligations — we retain certain records as required by law (legal basis: legal obligation).
  • To improve our website — analysing anonymised usage data to ensure the site functions correctly (legal basis: legitimate interests).

We do not use your data for automated decision-making or profiling.

Who we share your data with

We do not sell, rent, or trade your personal data. We may share it with:

  • Our technology partners — including Microsoft, N-able, SentinelOne, and Cove Data Protection, where necessary to deliver our services. All partners are contractually bound to process data only as instructed and in accordance with UK GDPR.
  • Professional advisors — such as legal or accounting professionals, under duties of confidentiality.
  • Regulatory or law enforcement bodies — where we are required to do so by law.

Where data is transferred outside the UK, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements.

How long we keep your data

  • Enquiry and contact data — retained for 24 months from last contact, then securely deleted unless a client relationship has been established.
  • Client service records — retained for 6 years from the end of the engagement, in line with standard UK commercial practice and legal requirements.
  • Website usage logs — retained for 90 days for security monitoring purposes, then deleted.

Your rights under UK GDPR

You have the following rights in relation to your personal data:

  • Right of access — to request a copy of the personal data we hold about you.
  • Right to rectification — to request correction of inaccurate or incomplete data.
  • Right to erasure — to request deletion of your data where we have no legitimate reason to continue holding it.
  • Right to restrict processing — to ask us to pause processing your data in certain circumstances.
  • Right to data portability — to receive your data in a structured, commonly used format.
  • Right to object — to object to processing based on legitimate interests, including direct communications.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Cookies

This website uses only essential cookies required for the site to function correctly. We do not use tracking cookies, advertising cookies, or third-party analytics platforms that identify individual users.

Standard server logs are retained for 90 days for security and performance monitoring. No cookie consent banner is required as we do not use non-essential cookies.

How we protect your data

As an infrastructure security company, data protection is central to how we operate. All data we hold is subject to the same technical controls we implement for our clients:

  • Encrypted storage and transmission (TLS 1.2 minimum)
  • Multi-factor authentication on all systems handling personal data
  • Access restricted to authorised personnel only
  • Regular patching and endpoint protection in line with Cyber Essentials requirements
  • Immutable off-site backups with tested recovery procedures

Changes to this policy

We may update this Privacy Policy from time to time. The date at the top of this page reflects the most recent revision. We will notify active clients of any material changes by email.

Contact us

If you have any questions about this policy or how we handle your data:

BOOM Infrastructure Intelligence

New Gallery, Haringey Park, Crouch End, London N8 9HY

Email: [email protected]

Phone: 020 8342 5010