Byzas Research Limited An extension of your in-house capabilities

Data Protection Statement

Byzas Research Limited is committed to protecting personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Governance

  • We identify the purpose and lawful basis for processing personal data.
  • We limit access to personal data using role-based permissions.
  • We maintain records of security-relevant events (such as login attempts) to support incident response.

Security controls

  • Authentication: passwords are stored using industry-standard hashing; password reset and forced reset controls are available.
  • Access control: administrative functions are restricted to authorised admin users.
  • Monitoring: login attempts are recorded to detect abuse and support investigations.
  • Protection: input validation, prepared statements, CSRF protection, and session hardening are implemented across the site.

Data minimisation

We collect only the personal data necessary to deliver the website’s functions and respond to enquiries. Users should avoid including unnecessary sensitive personal data in contact forms.

Incident management

Where a personal data breach is suspected, we assess the risks to individuals. We will notify the ICO and affected individuals when required by law.