UK GDPR and security logging
A calm explanation of how this security endpoint sits alongside UK GDPR principles.
Security logs are operational records
Security logs are not a marketing database. They are operational records used to protect systems and users. They exist so that real customers, real mailboxes, and real infrastructure stay available and trustworthy.
Your rights
Under UK GDPR you have rights including access, rectification, erasure where applicable, restriction, objection, and the right to lodge a complaint with the Information Commissioner’s Office (ICO). These rights apply here, in plain English, without marketing dressing.
Limits around security evidence
Hostile or suspicious traffic creates legitimate security records. A request to erase data does not automatically override the need to retain security evidence, particularly where records may be needed to:
- prevent ongoing or repeated abuse;
- investigate a security incident;
- defend or establish legal claims;
- cooperate with lawful requests from regulators or law enforcement.
Each request is considered on its merits. We aim to be reasonable, proportionate, and lawful.
Data request route
To make a data protection request, use the published contact route for the service operator and include enough information to identify the request without sending unnecessary sensitive data.
Useful detail typically includes: the approximate date and time of the relevant request, the IP address or network used, and a short description of the matter. Please do not send passwords, payment details, or unrelated personal data.