Privacy notice

Last updated: 1 May 2026

This Privacy Notice explains how fortiter (“we”, “us”, or “our”) collects and uses personal data when you visit our website or contact us about our services. We are committed to protecting your privacy and handling personal data fairly, transparently, and in accordance with applicable law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who we are and how to contact us

fortiter Limited is a company registered in England and Wales (Company No. 16696893).

We are the “controller” of your personal data for the purposes of UK data protection law. If you have questions about this Notice or how we handle your data, please contact us.

Registered office:

Suite 106, The Pinnacle
170 Midsummer Boulevard
Milton Keynes
MK9 1FD

hello@fortiter.co.uk

+44 7725 782 035

www.fortiter.co.uk

The personal data we collect

We collect and process the following categories of personal data:

  • Identity and contact data, such as name, job title, company, email address, phone number and any other contact details you provide.

  • Communications data, including the content of enquiries you submit via website forms, email or telephone, and our correspondence with you.

  • Technical and usage data, such as IP address, device and browser type, operating system, pages viewed, links clicked, time zone and other diagnostic or analytics data collected via cookies and similar technologies.

  • Marketing preferences, including your preferences for receiving updates from us.

  • Recruitment data if you apply for a role (e.g., CV/resume details, professional history and references).

  • We do not intentionally collect special category data via this website. Please do not share confidential, sensitive or proprietary information with us via the site or email unless we have agreed to receive it securely.

How we collect personal data

We collect data directly from you when you complete forms, subscribe to updates, download content, contact us, or otherwise interact with us.

We also collect data automatically via cookies and similar technologies when you browse our site.

Purposes and lawful bases for processing

We use your personal data only where the law allows us to. The purposes and lawful bases are as follows:

  • Responding to enquiries and providing information you request – legitimate interests (to operate our business and respond to prospective clients and partners), or performance of a contract or steps at your request before entering into a contract.

  • Operating, securing and improving our website, including analytics and troubleshooting – legitimate interests (to maintain and improve our site and services); consent for non essential cookies.

  • Sending relevant updates or event invitations – consent where required under PECR; otherwise legitimate interests for B2B communications, with an unsubscribe option.

  • Managing our relationship with you, including record keeping – legitimate interests; performance of a contract where applicable.

  • Recruitment (processing applications) – legitimate interests; consent where required by law.

  • Complying with legal and regulatory obligations – legal obligation.

Where we rely on consent, you may withdraw it at any time.

Marketing

We may send B2B marketing to corporate contacts about services that may be relevant to them. You can opt out at any time by using the unsubscribe link in our emails or contacting us. We will not sell your personal data to third parties for their marketing.

Sharing your personal data

We share personal data with trusted service providers who help us operate our website and business, such as hosting providers, IT support, analytics providers, email and CRM platforms, and professional advisers. These providers act under contractual obligations to protect your data and only process it on our instructions.

We may also share data as required by law or to protect our rights, users, or systems, and in connection with corporate transactions (e.g., merger or reorganisation).

International transfers

Some providers may be located outside the UK. Where we transfer personal data internationally, we will ensure appropriate safeguards are in place, such as UK adequacy regulations, the UK International Data Transfer Agreement (IDTA), or the UK Addendum to the EU Standard Contractual Clauses, together with additional technical and organisational measures as appropriate.

Data retention

We retain personal data only for as long as needed for the purposes set out in this Notice, including to satisfy legal, accounting or reporting requirements. Typical retention periods include:

  • Enquiries and correspondence: up to 24 months after last contact unless we establish a client relationship.

  • Marketing contact details: until you unsubscribe or your details become inactive, plus a short period to maintain suppression lists.

  • Analytics data: in accordance with our Cookie Policy and analytics provider settings.

  • Recruitment: usually up to 12 months after the process concludes unless you consent to a longer period.

We may retain data longer where required by law or to establish, exercise or defend legal claims.

Your rights

You have the following rights under UK data protection law, subject to conditions and exemptions:

  • Access to your personal data.

  • Rectification of inaccurate or incomplete data.

  • Erasure of your data.

  • Restriction of processing.

  • Data portability.

  • Objection to processing based on legitimate interests or for direct marketing.

  • Withdrawal of consent where processing is based on consent.

  • The right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects (UK GDPR Article 22). We do not currently carry out such processing.

To exercise your rights, please contact us. We may need to verify your identity. You also have the right to lodge a complaint with the ICO, though we would appreciate the chance to resolve your concerns first. You may contact the Information Commissioner’s Office at ico.org.uk, on 0303 123 1113, or at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. We will respond to verified rights requests within one month, extendable by up to two further months for complex or numerous requests under UK GDPR Article 12(3).

Security

We use appropriate technical and organisational measures to protect personal data, including access controls, encryption in transit where appropriate, and secure hosting. We operate multi-factor authentication on administrative access, hold Professional Indemnity and Cyber Insurance, and align our practices with industry-standard frameworks for information security. No system is completely secure. You should take steps to protect your own devices and credentials.

Children’s privacy

Our site is intended for business users and is not directed at children. We do not knowingly collect data relating to children.

Third party links

Our site may include links to third party websites. We are not responsible for their privacy practices. We encourage you to read the privacy notices of those sites.

Cookie Policy

Cookies are small text files placed on your device when you visit a website. They are widely used to make websites work, improve user experience, and provide information to site owners. Similar technologies include pixels, tags, SDKs, and local storage. We refer to all of these as “cookies” in this policy.

Our Cookie Policy explains how Fortiter uses cookies and similar technologies on our website and how you can control them. It should be read together with this Privacy Notice.

Changes to this Notice

We may update this Notice from time to time. Any changes will be posted on this page with an updated “Last updated” date. Your continued use of the site after changes take effect constitutes acceptance of the updated Notice.