Privacy Policy

Privacy Policy

Last Updated: 12 May 2026

Quantum Logic Consulting Ltd (“Quantum Logic”, “we”, “us”, or “our”) is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, store, share, and protect information about you when you visit our website or use our services.

We operate as an Artificial Intelligence Security company incorporated in the United Kingdom. As such, we are subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Where we process the personal data of individuals in the European Economic Area (EEA), we also comply with EU GDPR (Regulation (EU) 2016/679). We take additional steps to comply with applicable data protection laws in other jurisdictions where our customers are based, including the California Consumer Privacy Act (CCPA) and other international frameworks.

1. Who We Are

The data controller responsible for your personal data is:

Company Name: Quantum Logic Consulting

Registered in: England

Website: www.quantumlogic.io

Contact Email: [email protected]

If you have any questions about how we handle your personal data, or wish to exercise any of your rights, please contact us using the details above.

2. What Personal Data We Collect

We collect the following categories of personal data:

2.1 Data You Provide Directly

  • Full name
  • Email address
  • Job title and company name (where provided)
  • Any information you include in contact form messages or enquiries

2.2 Data Collected Automatically

  • IP address and approximate geolocation
  • Browser type, version, and operating system
  • Pages visited, time spent on pages, and navigation paths
  • Referring URLs (how you arrived at our site)
  • Cookie identifiers and session data (see Section 8 on Cookies)

2.3 Data from Third Parties

We may receive limited data about you from third-party analytics providers, marketing platforms, or business partners, in each case subject to appropriate safeguards.

3. Legal Bases for Processing (UK & EU GDPR)

We rely on the following legal bases under Article 6 UK/EU GDPR to process your personal data:

Contractual Necessity (Art. 6(1)(b)): Where processing is necessary to perform a contract with you or to take steps at your request prior to entering into a contract — for example, providing services you have purchased.

Legitimate Interests (Art. 6(1)(f)): Where our legitimate business interests, or those of a third party, are not overridden by your interests or fundamental rights — for example, improving our website, preventing fraud, and direct marketing to existing customers.

Consent (Art. 6(1)(a)): Where you have freely given, specific, and informed consent — for example, opting in to receive marketing emails or accepting non-essential cookies.

Legal Obligation (Art. 6(1)(c)): Where processing is necessary for us to comply with a legal obligation to which we are subject.

You have the right to withdraw consent at any time where consent is the legal basis. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

4. How We Use Your Personal Data

We use your personal data for the following purposes:

  • To respond to enquiries and provide customer support
  • To provide, maintain, and improve our AI security products and services
  • To process transactions and manage billing
  • To send service-related communications (e.g. account notifications, security alerts)
  • To send marketing communications where you have consented or where we have a legitimate interest to do so, and you have not opted out
  • To analyse website usage and improve our site’s content and performance
  • To detect and prevent fraud, abuse, or security incidents
  • To comply with our legal and regulatory obligations
  • To enforce our Terms of Service and other agreements
5. How We Share Your Personal Data

We do not sell your personal data. We may share your data in the following limited circumstances:

5.1 Service Providers (Data Processors)

We engage trusted third-party companies to help operate our business. These include cloud hosting providers, CRM and email platforms, analytics services, and payment processors. All processors are bound by data processing agreements and may only process your data on our documented instructions.

5.2 Business Transfers

In the event of a merger, acquisition, or sale of all or part of our assets, personal data may be transferred as part of that transaction. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

5.3 Legal Requirements

We may disclose your data where required to do so by law, regulation, or a court order, or where necessary to protect the rights, property, or safety of Quantum Logic, our customers, or others.

5.4 With Your Consent

We may share your data with other third parties where you have given us specific, informed consent to do so.

6. International Data Transfers

As a UK company with global customers, we may transfer your personal data to countries outside the United Kingdom and the European Economic Area (EEA). Where such transfers occur, we ensure that appropriate safeguards are in place, including:

  • UK International Data Transfer Agreements (IDTAs) or EU Standard Contractual Clauses (SCCs) for transfers to countries without an adequacy decision
  • Transfers only to countries that benefit from a UK or EU adequacy decision
  • Binding Corporate Rules where applicable

If you are based in the EEA, please note that Quantum Logic acts as a data controller and, where applicable, appoints an EU representative in accordance with Article 27 EU GDPR. 

7. Data Retention

We retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy, and in accordance with applicable legal and regulatory requirements.

Contact and enquiry data: Retained for up to 3 years from last contact, unless a customer relationship is established.

Customer account data: Retained for the duration of the contractual relationship, plus 7 years in accordance with UK tax and accounting obligations.

Marketing data: Retained until you opt out, withdraw consent, or for a maximum of 3 years from last engagement.

Website analytics data: Aggregated or anonymised data may be retained indefinitely; identifiable data retained for up to 26 months.

When data is no longer required, we securely delete or anonymise it.

8. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies. Cookies are small text files placed on your device to help us operate the site and understand how it is used.

8.1 Types of Cookies We Use

Strictly Necessary: Essential for the website to function. Cannot be disabled.

Analytics/Performance: Help us understand how visitors interact with the site (e.g. Google Analytics). Used only with your consent.

Functional: Remember your preferences and settings. Used only with your consent.

Marketing/Targeting: Used to deliver relevant advertising. Used only with your consent.

You can manage cookie preferences via the cookie consent banner displayed on your first visit, or at any time via our Cookie Settings link in the website footer. You can also control cookies via your browser settings, though disabling certain cookies may affect site functionality.

9. Your Rights

Depending on your location, you have certain rights in relation to your personal data. We will respond to all requests within one month (or as otherwise required by applicable law).

9.1 Rights Under UK GDPR / EU GDPR

Right of Access: Request a copy of the personal data we hold about you (Subject Access Request / SAR).

Right to Rectification: Request correction of inaccurate or incomplete data.

Right to Erasure: Request deletion of your personal data where there is no compelling reason for continued processing.

Right to Restriction: Request that we restrict the processing of your data in certain circumstances.

Right to Data Portability: Receive your data in a structured, machine-readable format and transfer it to another controller.

Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.

Rights re Automated Decisions: Not to be subject to solely automated decision-making that produces significant legal or similarly significant effects, without human review.

9.2 Rights Under CCPA (California Residents)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA):

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information held by us
  • Right to opt out of the sale or sharing of personal information (we do not sell personal data)
  • Right to non-discrimination for exercising your rights
  • Right to correct inaccurate personal information
  • Right to limit use of sensitive personal information

9.3 How to Exercise Your Rights

To exercise any of the above rights, please contact us at [email protected] [update] with your name, contact details, and a description of your request. We may need to verify your identity before processing your request.

10. Security

We take the security of your personal data seriously. As an AI security company, we apply technical and organisational measures appropriate to the nature of the data we process, including:

  • Encryption of data in transit (TLS/HTTPS) and at rest
  • Access controls and role-based permissions
  • Regular security assessments and penetration testing
  • Staff training on data protection and security
  • Incident response procedures

Despite these measures, no transmission over the internet is completely secure. We cannot guarantee the absolute security of data transmitted to our website, and any transmission is at your own risk.

11. Children’s Privacy

Our website and services are not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected data from a child, please contact us immediately at [email protected] and we will take prompt steps to delete it.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies. This Privacy Policy applies solely to data collected by Quantum Logic.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting an updated notice on our website and updating the “Last Updated” date at the top of this document. Where required by law, we will seek your consent for material changes. We encourage you to review this page periodically.

14. Supervisory Authority & Complaints

If you are based in the United Kingdom and believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):

Website: www.ico.org.uk

Helpline: 0303 123 1113

If you are based in the EEA, you may also have the right to complain to your local supervisory authority.

We would, however, always welcome the opportunity to address your concerns before you approach any authority — please contact us first at [email protected].

15. Contact Us

For any questions, concerns, or to exercise your rights under this Privacy Policy, please contact:

Data Controller: Quantum Logic Consulting Ltd

Email: [email protected]

© 2026 Quantum Logic Ltd. All rights reserved.