Privacy policy

Last updated on 11 February 2021 

The principal of respect for data privacy is integral to Hexocene’s core values.  We understand how important data privacy is to you individually, and to the protection of free will in society.   We are therefore committed to respecting your privacy and protecting your personal data.

In this policy, we describe in detail how we approach this important subject in relation to your use of our website (www.hexocene.com), and our collection, use and disclosure of personal information that we receive from you through our website.  We intend to expand and refine this policy to make it as accessible as possible.

1. What is a privacy policy?

Personal information of users is protected under various laws, such as the EU General Data Protection Regulation (GDPR). These laws aim to give you more control over your data. Businesses are therefore required to have their own privacy policy, which is a legal statement that tells you how they collect personal information from users, what they do with it, how they process it and for what purposes. 

Hexocene headquarters is based in the United Kingdom (UK). Please note that now that the UK has left the EU, the UK government has indicated that it will transfer the terms of the GDPR into national law under UK-GDPR. Should anything change, we will update our privacy notice accordingly.   

2. What type of information does Hexocene collect about you?

As Hexocene values respect and privacy, it collects only the most necessary personal information in the course of its business activities and services. This includes:

  • Information that you give us 

To enable us to provide you with products and services, we collect personal information that we ask you for and that you provide to us, such as your name, contact details, mailing address, e-mail address, telephone number, fax number, date of birth, and financial details.  We will also ask you for and collect further detailed information relating to you and your business that is required to provide client services, depending on what you are doing. 

For example, if you purchase one of our cyber security products, we might ask you for information that will help us understand your company’s activities and its cyber security maturity, in order to provide a service that better meets your needs as well as to improve the products and services we offer more generally.

We also collect personal information on certain areas of our website, such as when you register for our newsletters and alerts, sign up for conferences and events, or participate in public user posting areas (such as bulletin boards, discussion forums and surveys). Additionally, when you create an account on our website, or update details or settings, Hexocene asks for some personal information, such as your e-mail address and other identifying details.

  • Information about how you use our services 

We anonymise any information collected regarding your use of our website.  We therefore do not know what you individually have searched for and viewed on the public facing website.  

We are able to see how you individually are progressing through our courses and products.  This enables us to provide you with the service you have requested.

  • Information about your activities outside Hexocene when you talk about us

Hexocene may collect information from your activities when you mention us, such as when you mention or tag us in a Twitter or Instagram post.

  • Information from third parties 

Hexocene collaborates with a small number of third parties which power some of our services.  For example, when we take payments from you.  We exchange information about you with these third parties when required to do so to provide you with the services you request of us. 

Hexocene may also collect publicly available information about you and your business from third parties during our business activities and client services. We may combine this data with existing information you provide us, or use it independently. Uses might include undertaking your request to assess the risks to your business, detecting fraud patterns in connection with financial transactions, or our benchmarking and data analytics activities (e.g. analysis of the use of cyber security across a sector or industry).

When we collect this type of information, we will always seek to confirm that the third party has provided transparent information about its Privacy Policy, its disclosure to third parties, and that it is in compliance with the applicable law. 

3. How can Hexocene collect and use my personal information? 

Our use of your personal information is based on:

  1. Our legitimate interests in providing you our services, promoting and protecting Hexocene, building and maintaining relationships, and recruitment.
  2. Your consent, when we ask your permission to do things, such as when you subscribe to our newsletter alerts.
  3. To comply with the law, when certain information is necessary to satisfy our legal or regulatory obligations. 

4. Why and how does Hexocene use my personal information?

We collect your information so that we can: 

  • Deliver our services and provide you with information about them.
  • Deal with your requests, complaints and enquiries in an effective manner.
  • Protect our business and yours from a range of risks and threats including fraud and cyber crime.
  • Keep our licensing database accurate and up to date.
  • Recommend things we think might interest you.
  • Research and innovate. We believe that knowing how you use our services can help us improve our services and may even lead to the next big technology breakthroughs. 
  • Contact you about various things, such as new services that we might offer.

5. Will Hexocene share my personal information with others? 

As a principle, we will never sell your personal information.  Nor will we intentionally disclose or intentionally transfer your personal information to a third party, unless required to do so by law or in order to provide you with the services that you require of us.  When we do share it in line with these principles, we will do so in the manner agreed in our client services agreements. 

We will only share your information when:

  • You make something public (e.g. a comment on your or our Facebook account which the public can see).

You should be aware that whenever you make your personal information public, we and other businesses could collect and use it. Hexocene is not responsible for any action or policies of any third parties who collect information that users publicly post on any forums or websites. 

  • We use third party companies which power our services. 

We do this in order to provide services of the highest quality. In order to ensure that your personal information is in the right hands, we carefully select companies and only share with them what is absolutely necessary in order to do the work, and we also make sure they keep your information secure.  For example, when you make a payment to us, your details will be shared with third parties that we use to process your payment and to provide you the product or service that you require of us.

  • We share personal information with companies in the Hexocene family (our subsidiaries).

For example, if we decide to re-organise our business, merge with another company, sell our company, be involved in a joint venture, or transfer or dispose of a part or all of our business. 

  • You use another company’s service that connects us, such as voice-enabled devices and connected TV. 
  • We do collaborative research. When we do, we are careful about what we share and what our research partners are allowed to do with it.
  • The law requires us to pass on your information to other organisations (e.g. to law enforcement authorities or other government officials).
  • We believe disclosure is necessary or appropriate to prevent physical harm or financial loss or when we believe it is necessary for an investigation of suspected or actual illegal activity.
  • We need to enforce our Terms of Use.
  • We need to protect our property, services and legal rights.
  • We need to prevent fraud against Hexocene, our subsidiaries, affiliates or business partners.
  • We need to support auditing, compliance and corporate governance functions.
  • We need to comply with any applicable laws. 

Where the law requires, we have put in place policies to ensure protection of your personal information that is processed by Hexocene subsidiaries, affiliates, and third-party companies. 

We would like to emphasise that by using any of our websites, and providing information on any of them, you voluntarily give permission to us to transfer your personal information in the manner explained above. 

6. How long will Hexocene keep my personal information?

We will only hold your information for as long as it is necessary for the relevant business activity or purposes for which it was processed. If we keep your information, we will always follow these principles:

  • We only keep your information for as long as we do the activities or have a valid reason to keep it.
  • The duration will depend on the type of information, the amount we collected, how sensitive it may be and any legal requirement.
  • We will not hold information for any longer than we have to.
  • We may only hold it longer if the law requires (e.g. if law enforcement officials require us to do so). 


7. How do you protect my personal information?

We are strongly committed to keeping your information safe and we design our services with your safety in mind. We have taken reasonable steps to protect personal information from loss, misuse, alteration, or destruction. Only authorised Hexocene personnel and third party service providers are provided access to personal information (in certain circumstances), and are required to treat this information as confidential. 

Some companies that provide services to us may run their services outside the UK and the European Economic Area (EEA). We only let that happen if we are satisfied with their levels of security and protection. This means that when you give us personal information, it could be transferred, stored or processed in a location outside the UK and the EEA, in accordance with the principles set out in section 5. 

If you have any concerns about your information or you believe that it has been put at risk, for example if someone could have found out your password, please contact us at freewill@hexocene.com

Please note that we cannot absolutely guarantee that unauthorised persons will not obtain access to your personal information, such as hackers. 

8. What are my rights? 

Hexocene wants to make sure that you are fully aware of your data protection rights. Every user is entitled to:

  • The right to access – You can request access or a copy of the personal information that we have collected about you. 
  • The right to rectification – You can ask us to have inaccuracies in your personal information corrected. You can also ask us to complete the information you believe is incomplete.
  • The right to erasure – You can request from us to delete your personal information that we have collected about you. Sometimes it is not possible to delete your information, for example if the law tells us that we can’t. In those circumstances, we will use your information in accordance with this privacy policy and consider if we can limit how we use it. 
  • The right to restrict and object to processing – You can ask us to stop processing or object to our processing of your personal information under certain circumstances. 
  • The right to data portability – You can ask us to transfer the data that we have collected to another organisation or to you under certain circumstances. 

If you want to request one of the above, please contact us at freewill@hexocene.com. We will respond to you within one month.


9. When will Hexocene use my information to contact me? 

We would like to send you information about our products and services that we think you might like. We will only send you marketing emails or contact you about our services and your views on issues about Hexocene if you have agreed to this. If you have agreed to receive these emails, you can always opt out at a later date using the unsubscribe option on the emails you receive. 

10. Privacy policies of other companies and websites

Our privacy policy applies only to our website and our products and services, so if you click on a link to another website, you should read their privacy policy. 

11. Changes to our privacy policy

We will review our privacy policy on a regular basis to make sure it is up-to-date with your data practices and that it meets the latest requirements provided by law. For avoidance of doubt, the latest version always applies. If you do not agree to the changes, you can always stop using our services, and stop giving us any more personal information. We’d be sorry to see you go. 

12. Who can I contact about my data privacy? 

If you have any questions about our privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us at freewill@hexocene.com.

Contact Us

Hexocene Limited
7 Bell Yard
London, WC2A 2JR

Privacy Policy
Terms and Conditions
Cookie Policy
Terms of Use

© Hexocene Limited 2021