ESProfiler

Privacy Policy

Capability Exchange — last updated: 19 June 2026

This page summarises how ESPROFILER Ltd handles your data when you use Capability Exchange. The full ESPROFILER privacy policy is available at esprofiler.com/documents/privacy-policy .

Who we are

Capability Exchange is operated by ESPROFILER Ltd ("we", "us", "our"), a company based in the United Kingdom. We are committed to protecting your privacy and personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

ESPROFILER never collects data to sell to third parties or vendors without notification, permission, and a genuine interest to improve our platform.

Data controller and DPO

ESPROFILER Ltd is the Data Controller for personal data processed through Capability Exchange.

  • Data Protection Officer: Louis Holt
  • Email:[email protected]
  • Address: Midway House, Herrick Way, Staverton, Cheltenham, GL51 6TQ, United Kingdom

You may complain to the ICO at www.ico.org.uk, though we ask that you contact us first.

Data we collect on Capability Exchange

  • Sign-in data — name, email, and profile image from LinkedIn when you authenticate
  • Company data — company name and work email if you verify your organisation for advanced features
  • Platform usage — your security product portfolio, framework mappings, and interaction with Platform features
  • Consent records — when you accepted our Terms & Conditions and whether you opted in to marketing
  • Analytics — usage data to help us improve the Platform

Why we process your data

We rely on the following legal bases under UK GDPR:

  • Contract — to provide your account and Platform features
  • Consent — for optional marketing communications
  • Legitimate interests — to improve, secure, and analyse the Platform
  • Legal obligation — where required by law

Marketing

We only send marketing about ESProfiler products and cyber industry reports if you opt in separately when creating your account. You can opt out at any time via unsubscribe links or by emailing [email protected].

Your rights

You have rights to access, rectify, erase, restrict, object to, and port your personal data, and to withdraw consent where applicable. Contact our DPO to exercise these rights. There is normally no fee. See section 4 of the full Privacy Policy for details.

Retention, sharing, and transfers

We retain data only as long as needed for the purposes described above. We use service providers (authentication, hosting, email, analytics) under contractual safeguards. Some processing may occur outside the UK with appropriate safeguards in place. We do not sell your personal data.

Full policy and terms

For complete details on data types, processors, international transfers, security measures, and interpretation, please read the ESPROFILER Privacy Policy and our Terms & Conditions.

← Back to home

My Stack

Map to security frameworks
See how your products align to NIST 800-53, ISO 27001 and SOC 2 controls so you can evidence coverage in seconds.
Spot coverage gaps
Quickly identify missing capabilities across endpoint, cloud, app security and more to guide your roadmap.
Compare vendors & products
Understand which products drive overlapping capabilities and where you can consolidate spend.