Techniquest is temporarily closed.Read more about it


Techniquest is temporarily closed.Read more about it

Projects Privacy PolicyProjects


Cyber Essentials Techniquest is committed to being transparent about how it handles personal information, to protecting the privacy and security of personal information and to meeting its data protection obligations under the General Data Protection Regulation (the GDPR) and the Data Protection Act 2016. The purpose of this privacy notice is to provide awareness of how and why we will collect and use personal information both during and after a working relationship with Techniquest. We are required under the GDPR to notify the information contained in this privacy notice.

Techniquest has appointed a data compliance manager to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact Gareth McTiffin (

Data protection principles

Under the GDPR, there are six data protection principles that Techniquest must comply with.

These provide that the personal information we hold must be:

  1. Processed lawfully, fairly and in a transparent manner.
  2. Collected only for legitimate purposes that have been clearly explained and not further processed in a way that is incompatible with those purposes.
  3. Adequate, relevant and limited to what is necessary in relation to these purposes.
  4. Accurate and, where necessary, kept up to date.
  5. Kept in a format which permits identification for no longer than is necessary for those purposes.
  6. Proceed in a way that ensures appropriate security of the data.

Techniquest is responsible for, and must be able to demonstrate compliance, with these principles. This is called accountability.

Data retention

The Techniquest Projects team will not collect personal data without having legitimate and relevant grounds for doing so. We will ensure transparency during data collection and provide individuals with an appropriate privacy notice when collecting their data which states our identity, provides information on how their data will be used and with whom their information may be shared.

Techniquest will collect your data in line with our GDPR strategy. Your data will be used to ensure you the client are kept informed about the services that we can provide and to contact you where necessary to ask for permission to share information about any projects you have commissioned with us.

You have the right to ask what information we currently hold on you and to have your information removed from our system as long as no active projects are currently commissioned between Techniquest and yourself. In cases where an active project is in process or where there is a legitimate business interest your data will be stored until the 12 month warrantee period for the project has lapsed and there is no longer a legitimate business interest, after which you can request your personal data be erased.

Following the completion of a project your data will be held for a period of 10 years unless a request for removal is made.

Any personal data Techniquest may collect during business enquiries and transactions will be stored online on our secure server, under Techniquests general privacy policy


Where postcode data is collected via paper questionnaires, this will input digitally within 7 working days of collection and stored securely and digitally on the Techniquest server. Following digital input, all paper copies will be destroyed in a secure manner

Your rights

You can ask us to access the information we hold on you at any time

You have the right to rectify the information we hold

You can ask us to completely remove your details from all of our systems

You’re able to object to us using your information

You can restrict how we use your information

You have a right to data portability

Contact and complaints

The primary point of contact for all issues arising from this Policy, including requests to exercise data subject rights, is our Data Protection Officer. The Data Protection Officer can be contacted in the following way:

If you have a complaint or concern about how we use your personal data, please contact us in the first instance and we will attempt to resolve the issue as soon as possible. You also have a right to lodge a complaint with your national data protection supervisory authority at any time. In the UK, the supervisory authority for data protection is the ICO ( We do ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.