2023 Finalists

See the list

Privacy Policy


When you buy tickets using https://www.eventcreate.com/e/nca22 some of your personal data will be collected and stored. This policy explains what data is collected, why it’s collected, how it is used and who has access to it.

The National Cyber Awards acts as both a data controller and data processor with respect to your data. The event organisers who list events on our website are also data controllers.

Information about our Organisation and Website

Modern information and communication technologies play a fundamental role in the activities of an organisation like The National Cyber Awards. We are based in the UK.

Our principal activity is: Event Organisers

Our privacy policy covers The National Cyber Awards, and our web site:

Organisation Name: The National Cyber Awards Limited 2019
Address: 123 Promenade
City, Zip: Cheltenham, GL50 1NW
State: Gloucestershire
Country: UK
Controller: The National Cyber Awards Limited 2019
Web Sites(s): https://thenationalcyberawards.org/ & ttps://www.eventcreate.com/e/nca22

Providing Visitors with Anonymous Access

You can access our Web site home page and browse our site without disclosing your personal data. Registration is required if you wish to make a purchase from the site.

Automatic Collection of Information

We do not automatically log personal data nor do we link information automatically logged by other means with personal data about specific individuals.

We use cookies to store personal data. Some pages on our website may also use third party cookies to enable our clients and partners to track visits to specific pages and subsequently display relevant adverts on social media platforms. You can find out more about this and discover ways to manage tracking at this location: http://www.aboutads.info/choices

Data Collection


What data do we collect?

The following items of personal data will be collected and stored when you buy ticket(s) for an event:

– Your name

– Your email address

– A password to secure your account

– Your address

– Your phone number

– Your dietary & access requirements

You will also be asked for your payment card details if you choose to pay by credit or debit card but that data is not processed or stored by The National Cyber Awards.

Why is this data collected?

This is why we need each of these items of personal data:

– Your name – this will appear on your ticket so that your identity can be checked at the event.

– Your email address – we will email your order confirmation (receipt) to this address. If your tickets are electronic tickets they will also be emailed to this address.

– A password – this is used to secure access to your account.

– Your address – This is used to process your payment and to provide geographic reporting to the event organiser.

– Your phone number – we may use this to contact you if there is a problem with your order. In some cases event tickets will be sent via SMS to this number if it is a mobile number. Occasionally we may send you a text message relating to an event you are attending, for example if there is a change to the start time.

– Dietary & Access requirements – we collect this information in order to ensure any allergies and access requirements are communicated to our event organiser and venue.

Who has access to this data?

Usually 2 organisations have access to this data.

The National Cyber Awards has access to this data as it used to process your order (see above).

In addition to this, the event organiser has access to some of this data. Other than any data they have requested which is described above the data they have access to is:

– Your name – this will appear on your ticket

– Your email address and contact phone number – they will use this to contact you with information relating to the event you have bought tickets for. For example, they may email you with travel information, or information about what to bring to the event.

– Your postcode* – they will see only the first portion of your postcode and may use it to verify your identity

– Dietary & Access requirements – we collect this information in order to ensure any allergies and access requirements are communicated to our event organiser and venue.

The event organiser may give third party companies access to your data in order to fulfil part of the ticketing contract.

*In these cases we may share your full address with the event organiser and their chosen fulfilment partner.

Under no circumstances will any of your data be shared for marketing purposes with anyone other than The National Cyber Awards and the event organiser.

How long is the data kept for?

We keep all of the data items listed above for 3 years to comply with financial processing regulations.  This also makes it more convenient for you to place future orders with us.

Where is the data stored?

Your data is stored in our database which is located Europe. The live database is encrypted, and all data is encrypted during transmission to and from your browser.

Your password is hashed within the database in order to protect your account.

Your data also exists in database backups which are also encrypted. Database backups are kept for a maximum of 2 months then deleted.

Can I access my data?

Yes you can. By logging into your customer control panel you can see all the data we hold which relates to you.

Can I update my data?

Yes – by logging into your control panel as described above. In there you can edit all your personal data.

Can I erase my data?

You can, but only in the following circumstances:

More than 6 months has elapsed since the last event you bought tickets for. Until this point we will need your data in order to fulfil your order and grant you access to the event.


Your tickets for an upcoming event or one that happened less than 6 months ago have been voided and your refund was processed back onto your original payment card. In this situation we no longer need your data as there is no order to fulfil therefore you may request that it is deleted.

If you wish to delete your data please contact us and we will do this for you and confirm when it has been carried out. Please note that your data will be removed from the live system immediately but will remain in any system backups until they are deleted (see ‘Where is the data stored?’ above).

Special circumstances – collecting bank account information

If we are unable to process a refund back to your original payment method, we may need to take your name, bank account number and sort code in order to give your money back via BACS transfer.

These details will be collected on a secure Googleform and accessed only by employees responsible for processing the refunds (logging in using 2-Factor authentication).

Your details will be held securely for as long as reasonably necessary, until liability for the intial purchase and refund has passed (a maximum of 2 years).

Children’s Privacy

The majority of events for which we sell are for 18 and over, so we rarely collect personal data from children.

We do not take specific steps to protect the privacy of children who disclose their personal data to us.

Confidentiality / Security

We use a secure transmission method to send us the following types of personal data:

    • primary personal data (such as name and contact details)
    • identifiers (such as website password)

We have implemented security policies, rules and technical measures to protect the personal data that we have under our control from:

  • unauthorised access
  • improper use or disclosure
  • unauthorised modification
  • unlawful destruction or accidental loss

All our employees and data processors, who have access to, and are associated with the processing of personal data, are obliged to respect the confidentiality of our visitors’ personal data.

We ensure that your personal data will not be disclosed to State institutions and authorities except if required by law or other regulation.

Third Party Policies

We cannot be responsible for the privacy policies of other companies who may advertise on our site. If you follow a link to another web site, please consult their individual policy.

Transfer of personal information in the event of the sale of the company.

If the company is sold, customer information may be included as part of that sale but use of this information will still be governed by the terms set out in this policy.

What are your rights?

If at any point you believe the information we process on you is incorrect you can request to see this information and even have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you can contact The National Cyber Awards who will investigate the matter.

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).

Privacy Support

If you have an enquiry or concern about our privacy policy, please contact:

Name: Data Protection Officer
Address: 123 Promenade Cheltenham, GL50 1NW
Email Address: info@thenationalcyberawards.org