Privacy Policy

Last updated: March 14, 2026

MOUSA CLOUD CONSULTING LTD, company number 17090955, registered in England and Wales ("we", "us", "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us as a cloud security consulting firm. This policy complies with applicable laws in the EU (GDPR), UK (UK GDPR), Canada (PIPEDA), US (state privacy laws like CCPA/CPRA), Australia/New Zealand (Privacy Act), Asia (e.g., PDPA in Singapore), and Africa (e.g., POPIA in South Africa). [web:1][web:2]

## 1. Information We Collect

We collect personal data you provide directly, such as name, email, company, job title, and contact details when you inquire about cloud security services, subscribe to newsletters, or attend webinars. We also collect technical data like IP address, browser type, and usage data via cookies. For clients, we may process business contact data and limited professional information for service delivery, such as AWS/Azure configurations (no sensitive personal data). [web:10]

## 2. How We Use Your Information

To provide cloud security consulting, compliance advice (e.g., ISO 27001, GDPR), and related services.
To communicate about services, send updates, or respond to inquiries.
For marketing B2B services via email (with opt-out), targeting SMEs.
To improve our website, analyze usage, and ensure security.
For legal compliance, billing, and dispute resolution.

We rely on bases like contract performance, legitimate interests (e.g., service improvement), consent (marketing), and legal obligations. [web:10]

## 3. Legal Bases for Processing (EU/UK)

Processing is based on consent, contract necessity, legitimate interests, legal obligation, vital interests, or public task. You can withdraw consent anytime. Legitimate interests include service delivery and marketing to professionals. [web:1]

## 4. Sharing Your Information

We share with service providers (e.g., email tools like Mailchimp, cloud hosts like AWS), affiliates, or in business transfers. No sales of data. Disclosures for legal reasons or to protect rights. International transfers use Standard Contractual Clauses, adequacy decisions (e.g., UK to EU), or Binding Corporate Rules. [web:10]

## 5. Data Retention

We retain data as needed for services (e.g., 7 years for billing), legal requirements, or legitimate interests. Marketing data kept until opt-out. Inquiries: 3 years. [web:1]

## 6. Your Rights

Right	Description
Access	Confirm processing and access copy.
Rectification	Correct inaccurate data.
Erasure	Delete under certain conditions.
Restriction	Limit processing.
Portability	Receive data in structured format (automated data).
Object	To processing (e.g., marketing).
Withdraw Consent	Anytime, without affecting prior processing.

Exercise via contact@mousa-cloud.com. Verification required. CCPA: Right to know, delete, opt-out of sale (no sales). Appeals process available. Canada/Australia similar rights. No discrimination. [web:1][web:10]

7. Cookies and Tracking Technologies

We use cookies and similar technologies on this website. Some are essential for security and basic functionality (for example, to load forms or prevent abuse). Others are optional analytics or marketing tools that help us understand how visitors use the site and measure the performance of our advertising campaigns.

Essential cookies and scripts (no consent required):

Analytics and advertising tags (consent‑based):

Embedded forms and newsletter tools:

When required by EU/UK law, these non‑essential tags are only activated after you provide consent via the cookie banner. You can withdraw or change your consent at any time by adjusting your settings in the banner (where available) or by contacting us. You can also control cookies via your browser settings.

## 8. Children’s Privacy

Our services are B2B; not for children under 16 (or higher per local law). No knowing collection from children. [web:10]

## 9. Security

We use reasonable security (encryption, access controls) appropriate for cloud security consultants. No absolute security guarantee. Report incidents per law (e.g., GDPR 72 hours). [web:10]

## 10. Automated Decisions

We do not use automated decision-making or profiling that produces legal effects or significantly affects individuals.

## 11. Third-Party Links

Links to external sites not covered. Review their policies. [web:1]

## 12. Changes to Policy

Updates posted here with date. Continued use constitutes acceptance. Significant changes notified by email. [web:1]

## 13. Contact Us

Privacy Officer: Mousa Al Bateh, contact@mousa-cloud.com, Registered office: As per Companies House (17090955). EU/UK Rep: [if needed]. Complaints to supervisory authority (e.g., ICO UK). [web:1][web:2]

## 14. CCPA Disclosures

No personal data sold in last 12 months. Categories collected: Identifiers (name/email), Professional info. Opt-out: privacy@mousa-cloud.com. [web:47]

Legal Review: Compliant as of March 14, 2026. Registered Office: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ .

For region-specific addenda (e.g., US states, Asia countries), contact us. This policy covers global operations from UK base.