Privacy Notice

Last updated: 14 May 2026 · Applies to the NCLOPS public website at nclops.com (and dev/test public hostnames where published)

This notice explains how Cecure Intelligence Limited (“CIL”, “we”, “us”) processes personal data when you use the NCLOPS public marketing website—including programme pages, legal information, and the contact form. It does not replace privacy documentation for a deployed NCLOPS country or programme platform instance; those environments are operated under separate contracts, data controllers, and privacy notices published by the relevant government or organisation.

1. Who is responsible?

For this public website, the data controller is Cecure Intelligence Limited, a company registered in the United Kingdom. The primary channel for privacy questions and requests relating to this site is nclops@cil.support, which acts as the correspondence hub for NCLOPS public-site matters.

2. Scope of this notice

This notice covers:

It does not govern authentication to, or use of, a separate NCLOPS platform web application (for example environments on nclops.net), which may be operated by CIL or by a customer under its own legal basis and notices.

3. What personal data we process

3.1 Contact form

If you contact us, we process the information you enter: typically name, email address, organisation (optional), message body, and a CAPTCHA verification token produced by the configured provider (for example Cloudflare Turnstile). We use this data solely to understand your enquiry, respond, and maintain a record of the communication where there is a legitimate interest or pre-contractual need.

3.2 Technical and security logs

Like most websites, our servers and edge network may automatically record technical data such as IP address, approximate location derived from IP, user agent, requested URL, HTTP status, referrer, and timestamps. We use this information for security monitoring, abuse prevention, capacity planning, and troubleshooting.

3.3 Cookies and similar technologies

We use cookies and similar storage for essential operation, CAPTCHA, and—as described below—aggregate web analytics. Details are set out in our Cookie Notice.

3.4 Web analytics (Google Analytics 4)

We use Google Analytics 4 on this public website to understand aggregate traffic (for example page views, approximate geography, devices, and referrals). The configured measurement identifier is referenced in our Cookie Notice. Google acts as a processor under our instructions for this purpose. You can read how Google uses information from sites that use its services in Google's Privacy & Terms. We do not use this public-site tag on authenticated NCLOPS platform applications hosted elsewhere.

4. Lawful bases (UK GDPR / GDPR)

Depending on the processing activity, we rely on one or more of the following lawful bases:

We do not use this public website to profile individuals for automated decisions with legal or similarly significant effects.

5. Recipients and processors

We use reputable infrastructure and service providers (for example cloud hosting, content delivery, email delivery, CAPTCHA, and Google Analytics for aggregate measurement of this marketing site) who process data on our instructions or under their terms as applicable. They are subject to contractual confidentiality and security obligations where we act as controller. CAPTCHA providers may process technical and interaction data under their own policies for fraud prevention.

6. International transfers

Your data may be processed in the United Kingdom and, where we use global cloud or CAPTCHA services, in other countries. Where personal data is transferred outside the UK and EEA, we implement appropriate safeguards such as the UK International Data Transfer Agreement / Addendum, EU Standard Contractual Clauses, or adequacy decisions, as applicable.

7. Retention

We retain contact form content and related correspondence for as long as needed to fulfil your request and for a reasonable period afterwards for follow-up, dispute resolution, and legal defence—typically up to twenty-four (24) months unless a longer period is required by law or active litigation. Security logs are retained on a rolling basis according to operational policy (often a shorter period, subject to incident investigation needs).

8. Your rights

Subject to applicable law, you may have the right to:

To exercise rights, email nclops@cil.support with sufficient detail for us to verify your identity. You may also lodge a complaint with the UK Information Commissioner's Office (ico.org.uk).

9. Security

We implement appropriate technical and organisational measures, including transport encryption (HTTPS), security headers, access controls on administrative systems, and supplier due diligence. No online transmission is completely secure; please do not send highly sensitive clinical identifiers through the public contact form.

10. Children

This website is intended for professional and governmental audiences. It is not directed at children. If you believe a child has provided personal data through the contact form, contact us and we will take steps to delete it where appropriate.

11. Changes to this notice

We may update this page to reflect legal, technical, or business changes. Material changes will be indicated by updating the “Last updated” date at the top. Continued use of the site after changes constitutes notice of the update; where required by law, we will obtain additional consent.

12. Contact

For all privacy matters relating to this public website, contact nclops@cil.support.