Compliance & Legal
DCM – Digital Cloud Management Ltd operates under a structured governance framework aligned with UK and applicable international regulatory expectations.
We maintain documented policies, defined operational procedures, and security controls to ensure responsible service delivery across all managed IT, cybersecurity, cloud, and infrastructure services.
Our compliance and governance framework is supported by clearly documented policies and statements, including:
• Frequently Asked Questions (Compliance & Governance)
• Privacy Policy
• Cookie Policy
• Terms of Service
• Acceptable Use Policy
• Refund Policy
• Complaints Procedure
• Information Security Statement
• Incident Response Policy
• Recruitment Privacy Notice
• Modern Slavery Statement
• Assessibility Statement
Together, these documents provide clarity, accountability, and structured operational standards for our clients, partners, regulators, and financial institutions.
This governance structure demonstrates our commitment to regulatory alignment, responsible data handling, operational transparency, and long-term business integrity.
Our compliance structure is designed to support:
- UK regulatory standards
- Reduced downtime
- UK GDPR & EU GDPR principles
- Operational transparency
- Responsible data handling
- Corporate accountability
- Financial onboarding verification
- Every interaction is documented, ensuring transparency and consistent service quality.
- We believe that governance, transparency, and documented processes are fundamental to long-term operational trust.
Privacy Policy
Privacy Policy
DCM – Digital Cloud Management Ltd
Last Updated: Friday, 20 February 2026
1. Introduction
DCM – Digital Cloud Management Ltd (“DCM”, “we”, “us”, “our”) is committed to protecting and respecting your privacy.
This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you:
Visit our website
Use our Managed IT, Cybersecurity, Cloud, Network, Backup, CCTV, or Digital Services
Contact us
Apply for employment
Engage with us as a client, partner, or supplier
We process personal data in accordance with:
UK General Data Protection Regulation (UK GDPR)
Data Protection Act 2018
Applicable EU GDPR (where relevant)
2. Who We Are
Company Name: Digital Cloud Management Ltd
Trading Name: DCM
Registered in: England & Wales
Registered Office: 981 Great West Road, Brentford, TW8 9DN, United Kingdom
Contact Email: compliance@office.dcmhub.com
For the purposes of data protection legislation, DCM acts as:
A Data Controller when determining how personal data is processed
A Data Processor when delivering services on behalf of clients
3. What Personal Data We Collect
We may collect and process the following categories of personal data:
3.1 Identity Information
Full name
Job title
Company name
3.2 Contact Information
Email address
Telephone number
Business address
3.3 Technical Information
IP address
Browser type & version
Device information
Login data
Usage data
3.4 Service Data
Support tickets
Communication records
Account management records
3.5 Recruitment Data
CV information
Employment history
Qualification details
We do not knowingly collect special category data unless required for lawful business purposes.
4. How We Collect Data
We collect data through:
Website forms
Service agreements
Email communications
Support ticket systems
Monitoring tools (for managed services)
Recruitment submissions
Cookies and analytics tools
5. Lawful Basis for Processing
We process personal data under one or more of the following lawful bases:
Contractual necessity
Legitimate interests
Legal obligations
Consent (where applicable)
6. How We Use Personal Data
We use personal data to:
Deliver Managed IT and Cybersecurity services
Provide 24/7 support and monitoring
Manage service contracts
Improve service quality
Respond to enquiries
Conduct recruitment
Maintain security controls
Comply with legal obligations
We do not sell personal data.
7. Data Retention
We retain personal data only for as long as necessary to:
Fulfil contractual obligations
Meet legal requirements
Resolve disputes
Enforce agreements
Retention periods vary depending on service type and regulatory requirements.
8. Data Security
DCM implements appropriate technical and organisational measures to protect personal data, including:
Role-based access controls
Encrypted communications
Firewall & endpoint protection
Patch management
24/7 monitoring systems
Secure backup & disaster recovery
We continuously review our security controls to mitigate risk.
9. Data Sharing
We may share personal data with:
Authorised employees and contractors
Trusted technology partners (e.g., Microsoft, Bitdefender, WatchGuard)
Cloud service providers
Professional advisors
Regulatory authorities (where legally required)
All third-party processors are subject to appropriate data protection safeguards.
10. International Transfers
Where data is transferred outside the UK, we ensure:
Adequate safeguards are in place
Standard Contractual Clauses (SCCs) are applied where required
Transfer mechanisms comply with UK GDPR requirements
11. Your Rights
Under UK GDPR, you have the right to:
Access your personal data
Request correction of inaccurate data
Request erasure (where lawful)
Restrict processing
Object to processing
Data portability
Withdraw consent (where applicable)
Requests can be submitted to: compliance@office.dcmhub.com
12. Cookies & Tracking
Our website uses cookies for:
Essential functionality
Security
Analytics
Performance monitoring
You can manage cookie preferences through your browser or our cookie consent banner.
For more details, see our Cookie Policy.
13. Children’s Data
Our services are not directed at children under 16 without appropriate consent. Where educational institutions are clients, data handling is governed by client agreements and safeguarding policies.
14. Complaints
If you have concerns about how we handle personal data, you may contact us directly.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).
15. Changes to This Policy
We may update this Privacy Policy periodically to reflect legal, regulatory, or operational changes. The updated version will be published on our website with the revision date.
16. Contact Information
For privacy-related enquiries:
Digital Cloud Management Ltd
981 Great West Road
Brentford
TW8 9DN
United Kingdom
Email: compliance@office.dcmhub.com
Cookie Policy
Cookie Policy
Digital Cloud Management Ltd (DCM)
Last Updated: Friday 20 February 2026
1. Introduction
This Cookie Policy explains how Digital Cloud Management Ltd (“DCM”, “we”, “us”, “our”) uses cookies and similar technologies on our website.
This policy should be read alongside our Privacy Policy.
We use cookies in accordance with:
• UK GDPR
• Data Protection Act 2018
• UK PECR (Privacy and Electronic Communications Regulations)
• Applicable EU regulations (where relevant)
2. What Are Cookies?
Cookies are small text files stored on your device (computer, mobile phone, or tablet) when you visit a website.
They help websites:
• Function properly
• Remember preferences
• Improve performance
• Enhance security
• Analyse usage
3. Types of Cookies We Use
1️⃣ Strictly Necessary Cookies
These cookies are essential for website functionality and cannot be disabled.
They enable:
• Secure login sessions
• Page navigation
• Security protection
• Form submission handling
Without these cookies, certain features will not function properly.
2️⃣ Performance & Analytics Cookies
These cookies help us understand:
• How visitors use our website
• Which pages are visited most
• User interaction behaviour
• Performance issues
Examples may include analytics tools (e.g., Google Analytics).
These cookies collect anonymised data where possible.
3️⃣ Functional Cookies
These allow the website to remember:
• User preferences
• Language selection
• Display settings
They improve user experience but are not essential.
4️⃣ Security Cookies
Used to:
• Detect suspicious activity
• Prevent fraud
• Protect against malicious traffic
• Secure sessions
These support cybersecurity controls.
4. Third-Party Cookies
We may use trusted third-party services, including:
• Analytics providers
• Security monitoring tools
• Content delivery networks
• Cloud hosting platforms
These providers may set cookies in accordance with their own privacy policies.
5. How Long Cookies Are Stored
Cookies may be:
• Session Cookies (deleted when browser closes)
• Persistent Cookies (remain for defined period)
Retention varies depending on cookie type and purpose.
6. Managing Cookies
You can manage or disable cookies by:
• Adjusting browser settings
• Using website cookie consent tools
• Clearing browser cookies
Please note:
Disabling certain cookies may affect website functionality.
7. Cookie Consent
Upon visiting our website, you may be presented with a cookie consent banner allowing you to:
• Accept all cookies
• Reject non-essential cookies
• Manage cookie preferences
Consent can be withdrawn at any time.
8. Data Protection & Cookies
Where cookies collect personal data (e.g., IP addresses), such data is processed in accordance with our Privacy Policy.
9. Updates to This Policy
We may update this Cookie Policy to reflect:
• Regulatory changes
• Technology updates
• Operational improvements
Revisions will be published on our website.
10. Contact Information
For cookie-related enquiries:
Digital Cloud Management Ltd
981 Great West Road
Brentford
TW8 9DN
United Kingdom
Email: compliance@office.dcmhub.com
Terms of Service
Terms of Service
DCM – Digital Cloud Management Ltd
Last Updated: Friday 20 February 2026
1. Introduction
These Terms of Service (“Terms”) govern the provision of services by Digital Cloud Management Ltd (“DCM”, “we”, “us”, “our”) to clients (“Client”, “you”, “your”).
By engaging DCM for any Managed IT, Cybersecurity, Cloud, Network, Backup, CCTV, or Digital Services, you agree to be bound by these Terms.
2. Company Information
Company Name: Digital Cloud Management Ltd
Registered in: England & Wales
Registered Office: 981 Great West Road, Brentford, TW8 9DN, United Kingdom
3. Scope of Services
DCM provides structured technology services including, but not limited to:
Managed IT Support (MSP)
Cybersecurity Services
Microsoft 365 & Cloud Services
Network, WiFi & Internet Services
Cloud Backup & Disaster Recovery
CCTV & Physical Security
Web Development & Digital Solutions
Service scope is defined in individual Service Agreements or Statements of Work (SOW).
4. Service Delivery Framework
DCM operates under a structured service model that may include:
24/7 remote monitoring
Remote and onsite support
Ticket-based helpdesk support
Escalation procedures
SLA-backed response standards
Specific service levels are defined in your selected plan.
5. Free Trial Terms
Where DCM offers a 30-day free trial:
The trial is limited to agreed scope
Hardware, third-party licenses, and infrastructure costs may not be included
No long-term contract is required to exit
DCM reserves the right to refuse trial requests
Trial services are subject to fair usage limits
6. Client Responsibilities
Clients agree to:
Provide accurate information
Maintain secure credentials
Notify DCM of system changes
Cooperate during incident investigations
Ensure lawful use of services
Maintain adequate internal data governance
Failure to meet these responsibilities may impact service delivery.
7. Payment Terms
For paid services:
Fees are defined in your service agreement
Payment terms are typically 3 or 30 days unless otherwise agreed
Late payments may incur service suspension
Pricing may vary based on scope, user count, and infrastructure size
8. Acceptable Use
Clients must not use DCM services for:
Illegal activity
Distribution of malware
Network intrusion
Intellectual property violations
Fraudulent activity
Abusive or harmful conduct
DCM reserves the right to suspend services where unlawful activity is identified.
9. Service Level Agreements (SLA)
Where SLA-backed plans apply:
Response times are defined per severity level
Resolution times may vary depending on complexity
Onsite support eligibility depends on selected plan
Scheduled maintenance windows may apply
SLAs do not guarantee uninterrupted service.
10. Data Protection & Confidentiality
DCM processes personal data in accordance with UK GDPR and applicable regulations.
Both parties agree to maintain confidentiality regarding:
Business information
Security configurations
Client data
System access credentials
Confidentiality obligations survive termination.
11. Limitation of Liability
To the fullest extent permitted by law:
DCM shall not be liable for indirect or consequential loss
DCM is not responsible for third-party service failures (e.g., ISP outages)
DCM’s total liability is limited to fees paid within a defined period
Nothing in these Terms excludes liability for fraud or death caused by negligence.
12. Third-Party Services
DCM may integrate third-party providers such as:
Microsoft
Bitdefender
WatchGuard
Cloud hosting providers
Internet service providers
DCM is not responsible for outages or failures beyond its reasonable control.
13. Termination
Either party may terminate services in accordance with:
Contractual notice period
Material breach
Insolvency
Legal requirement
Upon termination:
Access credentials will be revoked
Outstanding invoices remain payable
Data transfer assistance may be provided under separate agreement
14. Force Majeure
DCM is not liable for failure to perform due to circumstances beyond reasonable control, including:
Natural disasters
Government restrictions
Infrastructure failures
Widespread cyber incidents
15. Intellectual Property
All DCM methodologies, frameworks, and documentation remain the intellectual property of DCM unless otherwise agreed in writing.
Clients retain ownership of their own data.
16. Amendments
DCM reserves the right to update these Terms periodically. Updated Terms will be published on our website.
Continued use of services constitutes acceptance of updated Terms.
17. Governing Law
These Terms are governed by the laws of England & Wales.
Any disputes shall be subject to the exclusive jurisdiction of the courts of England & Wales.
18. Contact Information
For contractual enquiries:
Digital Cloud Management Ltd
981 Great West Road
Brentford
TW8 9DN
United Kingdom
Email: compliance@office.dcmhub.com
Acceptable Use Policy
Acceptable Use Policy (AUP)
Digital Cloud Management Ltd (DCM)
Last Updated: Friday 20 February 2026
1. Purpose
This Acceptable Use Policy (“Policy”) sets out the rules governing the use of services provided by Digital Cloud Management Ltd (“DCM”, “we”, “us”, “our”).
This Policy applies to all clients, users, employees, contractors, and third parties who access or use DCM-managed systems, networks, cloud environments, hosting platforms, monitoring services, or associated infrastructure.
Its purpose is to:
Protect service integrity
Prevent misuse
Ensure legal compliance
Maintain operational stability
Safeguard data and systems
2. Scope of Services Covered
This Policy applies to all DCM services, including but not limited to:
Managed IT Support (MSP)
Cybersecurity Services
Microsoft 365 & Cloud Services
Network & Internet Services
Backup & Disaster Recovery
CCTV & Physical Security
Web Hosting & Digital Solutions
3. General Acceptable Use Principles
Users must:
• Use DCM services lawfully
• Comply with applicable UK and international laws
• Respect intellectual property rights
• Maintain security of access credentials
• Cooperate during security investigations
• Avoid actions that compromise system stability
4. Prohibited Activities
The following activities are strictly prohibited:
4.1 Illegal Activities
Users may not use DCM services to:
• Conduct unlawful activity
• Distribute illegal content
• Commit fraud
• Facilitate financial crime
• Violate sanctions regulations
• Distribute prohibited materials
4.2 Security Violations
Users must not:
• Attempt unauthorised access to systems
• Bypass authentication mechanisms
• Circumvent firewall or monitoring controls
• Perform penetration testing without written consent
• Interfere with network traffic
• Deploy malware or harmful software
4.3 Abuse of Services
Users may not:
• Overload infrastructure intentionally
• Generate excessive automated traffic
• Conduct denial-of-service attacks
• Host malicious scripts
• Abuse ticketing or support systems
4.4 Email & Communication Abuse
Users may not:
• Send unsolicited bulk email (spam)
• Conduct phishing campaigns without approval
• Distribute malicious attachments
• Impersonate individuals or organisations
• Use services for harassment
4.5 Intellectual Property Violations
Users must not:
• Infringe copyright
• Distribute pirated software
• Share unauthorised licensed materials
• Violate trademark rights
4.6 Misuse of CCTV & Physical Security Systems
Users may not:
• Tamper with installed CCTV systems
• Access surveillance footage without authorisation
• Share recorded footage unlawfully
• Use surveillance systems for non-legitimate purposes
5. Client Responsibilities
Clients are responsible for:
• Securing internal devices
• Protecting login credentials
• Maintaining lawful content
• Training staff appropriately
• Reporting security incidents promptly
• Complying with internal HR policies
DCM is not responsible for misuse caused by client negligence.
6. Monitoring & Enforcement
DCM reserves the right to:
• Monitor system activity for security purposes
• Investigate suspected misuse
• Suspend services where misuse is detected
• Restrict access during investigation
• Report unlawful activity to authorities
Monitoring is conducted in accordance with applicable data protection regulations.
7. Security Testing & Penetration Testing
Clients wishing to conduct penetration testing, vulnerability scanning, or security audits must obtain prior written approval from DCM.
Unauthorised testing is considered a violation of this Policy.
8. Data Protection Compliance
Users must:
• Process personal data lawfully
• Follow data protection obligations
• Maintain confidentiality
• Avoid unauthorised data disclosure
Misuse involving personal data may result in immediate suspension and regulatory reporting where required.
9. Third-Party Services
Where DCM integrates third-party services (e.g., Microsoft, Bitdefender, WatchGuard, ISPs):
• Users must comply with the third-party provider’s acceptable use terms
• Breach of third-party policies may result in service suspension
10. Reporting Violations
Suspected violations of this Policy should be reported to:
[Insert Official Email Address]
All reports will be investigated promptly.
11. Consequences of Violation
Violations may result in:
• Temporary service suspension
• Immediate termination of service
• Legal action
• Financial liability for damages
• Reporting to regulatory authorities
DCM reserves the right to act proportionately based on severity.
12. Amendments
DCM may update this Acceptable Use Policy periodically to reflect operational, legal, or regulatory changes.
Updated versions will be published on our website.
13. Governing Law
This Policy is governed by the laws of England & Wales.
Refund Policy
Refund Policy
Digital Cloud Management Ltd (DCM)
Last Updated: 20 February 2026
1. Introduction
This Refund Policy outlines the terms under which refunds may be issued for services provided by Digital Cloud Management Ltd (“DCM”, “we”, “us”, “our”).
This policy applies to all Managed IT, Cybersecurity, Cloud, Network, Backup, CCTV, and Digital services provided under contractual agreement.
2. General Policy Position
Due to the nature of professional technology services, which involve labour, configuration, monitoring, infrastructure deployment, and third-party licensing, services are generally non-refundable once delivered or commenced.
Refund eligibility depends on the type of service purchased.
3. 30-Day Free Trial
Where DCM offers a complimentary 30-day trial:
• No payment is required during the trial period
• No long-term contract is required to exit
• Clients may discontinue at any time before trial completion
• Any third-party licensing costs may be excluded from refund eligibility
• Trial services are subject to fair usage limits
No refund applies as no charge is made during the trial period.
4. Subscription-Based Managed Services
For monthly or annual subscription services:
• Refunds are not provided for partial months of service
• Clients must provide written notice in accordance with contract terms
• Services remain active until the end of the paid billing period
• Early termination clauses may apply depending on agreement
Refunds are not provided for dissatisfaction unless service obligations were materially breached.
5. Project-Based & Once-Off Services
For fixed-scope or project-based engagements:
• Payments made for completed work are non-refundable
• Work already commenced is billable
• Deposits may be non-refundable once project initiation begins
• Refund requests will be assessed on a case-by-case basis
6. Third-Party Licensing & Subscriptions
Where services involve third-party products (e.g., Microsoft 365, security software, hosting services):
• Refunds are subject to third-party provider policies
• DCM cannot guarantee refunds for licenses already activated
• License billing cycles may be non-reversible
7. Hardware & Equipment
Hardware purchases (where applicable):
• May be subject to manufacturer warranty terms
• Are not refundable once opened or installed
• Returns may be accepted only if defective and within supplier policy
8. Service Credits
Where service performance falls below agreed Service Level Agreements (SLA):
• Service credits may apply
• Credits do not constitute cash refunds
• Credits apply only as defined in contractual SLA terms
9. Exceptional Circumstances
Refunds may be considered in exceptional circumstances including:
• Duplicate payment errors
• Billing miscalculations
• Failure to deliver agreed scope
• Regulatory requirement
All such requests must be submitted in writing and will be reviewed by management.
10. How to Request a Refund Review
Refund review requests must be submitted to:
refund@office.dcmhub.com
Include:
• Company name
• Invoice number
• Service details
• Reason for request
Responses will typically be issued within 14 business days.
11. Governing Law
This Refund Policy is governed by the laws of England & Wales.
Complaints Procedure
Complaints Procedure
Digital Cloud Management Ltd (DCM)
Last Updated: Friday 20 February 2026
1. Purpose
DCM is committed to delivering structured, professional, and accountable services. We recognise that, on occasion, concerns may arise.
This Complaints Procedure outlines how clients, partners, or third parties may raise concerns and how DCM will address them transparently and fairly.
2. Scope
This procedure applies to complaints relating to:
• Managed IT Support
• Cybersecurity Services
• Cloud & Infrastructure Services
• Network & Internet Services
• CCTV & Physical Security
• Web & Digital Solutions
• Billing or contractual matters
• Service quality or response times
3. How to Submit a Complaint
Complaints must be submitted in writing to:
Email: complaints@office.dcmhub.com
Company: Digital Cloud Management Ltd
Registered Office: 981 Great West Road, Brentford, TW8 9DN, United Kingdom
Please include:
• Company name
• Contact details
• Description of the issue
• Relevant dates
• Supporting documentation (if applicable)
4. Complaint Handling Process
Step 1 – Acknowledgement
We will acknowledge receipt of your complaint within 2 business days.
Step 2 – Investigation
A structured internal review will be conducted, which may include:
• Reviewing service logs
• Reviewing ticket history
• Consulting relevant engineers
• Reviewing contractual obligations
• Assessing SLA performance
Step 3 – Response
A formal written response will be provided within 14 business days, outlining:
• Findings
• Proposed resolution (if applicable)
• Corrective measures (if required)
If further investigation is required, we will provide progress updates.
5. Escalation
If you are not satisfied with the initial resolution:
• You may request escalation to senior management
• The matter will undergo secondary review
• A final written decision will be issued
6. Resolution Options
Where appropriate, DCM may offer:
• Service correction
• Service credit (as per SLA terms)
• Contract clarification
• Operational improvement measures
Resolutions are assessed proportionately and in accordance with contractual agreements.
7. Confidentiality
All complaints are handled confidentially and in accordance with data protection regulations.
8. Regulatory Complaints
If a complaint relates to data protection, individuals may also contact the UK Information Commissioner’s Office (ICO).
9. Continuous Improvement
Complaints are logged and reviewed as part of our quality assurance and governance process to improve service standards.
Information Security Statement
Information Security Statement
Digital Cloud Management Ltd (DCM)
Last Updated: Friday 20 February 2026
1. Purpose
Digital Cloud Management Ltd (“DCM”) is committed to maintaining the confidentiality, integrity, and availability of information entrusted to us.
This Information Security Statement outlines the principles, controls, and governance framework under which we manage information security across all services.
2. Security Governance Framework
DCM operates under a structured information security framework aligned with recognised best practices.
Our framework is built upon:
• Risk identification and mitigation
• Role-based access control
• Continuous monitoring
• Structured incident response
• Data protection compliance
• Security awareness training
Security is integrated into every layer of our Managed IT, Cybersecurity, Cloud, Network, and Physical Security services.
3. Core Security Principles
Confidentiality
Information is accessible only to authorised individuals.
Integrity
Information is protected from unauthorised modification.
Availability
Systems and data remain accessible and operational when required.
4. Access Control & Authentication
DCM enforces strict access control measures including:
• Role-based access management
• Least-privilege principle
• Multi-Factor Authentication (MFA)
• Secure password policies
• Session control mechanisms
• Administrative access restrictions
Access rights are reviewed periodically and adjusted based on role changes.
5. Network & Infrastructure Security
We implement structured network protection controls:
• Enterprise firewall configuration
• Network segmentation
• Secure VPN access
• Intrusion detection & prevention systems
• Secure WiFi deployment
• Perimeter monitoring
These measures protect against external and internal threats.
6. Endpoint & Device Security
All managed devices operate under defined security standards:
• Endpoint Detection & Response (EDR)
• Anti-malware protection
• Patch management enforcement
• Device encryption (where applicable)
• Device lifecycle management
• Remote monitoring integration
7. Cloud Security Controls
For Microsoft 365 and cloud services, we implement:
• Conditional access policies
• Advanced threat protection
• Data Loss Prevention (DLP)
• Secure configuration baselines
• Access governance
• Audit logging
Cloud environments are configured using secure-by-design principles.
8. Backup & Disaster Recovery
We maintain structured data protection controls:
• Encrypted cloud backups
• Backup validation monitoring
• Disaster recovery planning
• Recovery testing
• Retention policy configuration
Business continuity is treated as a core security function.
9. Monitoring & Threat Detection
DCM operates a 24/7 monitoring model incorporating:
• Log aggregation
• Security event monitoring (SIEM)
• Real-time alerting
• Escalation procedures
• Remote response capability
Alerts are reviewed by real IT professionals.
10. Incident Management
We maintain a structured Incident Response framework that includes:
• Threat containment
• Root cause analysis
• Recovery planning
• Reporting & documentation
• Post-incident review
Our goal is to minimise disruption and reduce long-term risk.
11. Vendor & Partner Management
We integrate security technologies from trusted partners such as:
• Microsoft
• Bitdefender
• WatchGuard
• Enterprise hosting providers
Third-party vendors are evaluated for security posture and compliance alignment.
12. Staff Security Awareness
All personnel are expected to adhere to internal security policies and undergo appropriate training to:
• Recognise phishing attempts
• Protect sensitive information
• Follow secure handling procedures
• Maintain confidentiality
Human awareness is an essential part of our defence model.
13. Physical Security Controls
DCM implements physical security measures including:
• Controlled facility access
• CCTV integration (where applicable)
• Secure hardware storage
• Visitor logging
14. Continuous Improvement
Security controls are reviewed periodically to address:
• Emerging threats
• Regulatory changes
• Operational risk
• Technology updates
We remain committed to ongoing improvement of our security posture.
15. Compliance Alignment
Our security framework supports alignment with:
• UK GDPR
• Data Protection Act 2018
• Applicable EU GDPR standards
• Industry best practices
16. Contact Information
Security-related enquiries may be directed to:
cyber@office.dcmhub.com
Incident Response Policy
Incident Response Policy
Digital Cloud Management Ltd (DCM)
Last Updated: Friday 20 February 2026
1. Purpose
Digital Cloud Management Ltd (“DCM”) maintains a structured Incident Response Policy to ensure timely identification, containment, investigation, and resolution of security incidents.
The purpose of this policy is to:
• Minimise operational disruption
• Protect client data
• Maintain service continuity
• Meet regulatory obligations
• Ensure accountability
2. Scope
This policy applies to:
• Managed IT environments
• Cybersecurity services
• Cloud platforms (e.g., Microsoft 365)
• Network & firewall systems
• Backup & disaster recovery systems
• CCTV & physical security infrastructure
• Internal DCM systems
3. Definition of a Security Incident
A security incident may include, but is not limited to:
• Malware or ransomware detection
• Unauthorised system access
• Suspicious login activity
• Data breach or suspected data compromise
• Firewall intrusion alerts
• Service outage caused by cyber activity
• Phishing campaign compromise
• Insider misuse
4. Incident Response Framework
DCM follows a structured 6-stage response model:
1️⃣ Identification
Detection through monitoring systems, alerts, or user reporting.
2️⃣ Classification
Assessment of severity, impact, and risk level.
3️⃣ Containment
Immediate action to isolate affected systems and prevent spread.
4️⃣ Investigation
Root cause analysis, log review, and forensic evaluation.
5️⃣ Remediation
Removal of threat, system restoration, and security hardening.
6️⃣ Post-Incident Review
Documentation, reporting, and prevention planning.
5. Detection & Monitoring
Incidents may be identified via:
• 24/7 system monitoring
• SIEM alerting
• Endpoint Detection & Response (EDR)
• Firewall event monitoring
• Backup anomaly alerts
• Client-reported anomalies
All alerts are reviewed by real IT professionals.
6. Escalation Procedures
Incident severity levels determine escalation pathway:
Low Severity
Minor threat, limited impact.
Medium Severity
Operational disruption possible.
High Severity
Active compromise or system failure.
Critical Severity
Data breach or widespread disruption.
Escalation may include:
• Senior engineer review
• Client notification
• Third-party vendor coordination
• Legal consultation (where required)
7. Client Notification
Where incidents materially affect client systems:
• Clients are notified promptly
• Impact scope is explained
• Remediation steps are outlined
• Recovery timeline is communicated
Where legally required (e.g., data breach), notification follows UK GDPR guidelines.
8. Regulatory Compliance
If an incident involves personal data:
• Assessment is conducted immediately
• Legal obligations under UK GDPR are reviewed
• Notification to relevant authorities occurs where required
• Documentation is retained
9. Data Breach Response
In the event of confirmed data compromise:
• Systems are isolated
• Access credentials are reset
• Logs are preserved
• Recovery procedures initiated
• Impact assessment conducted
DCM cooperates with affected clients and relevant authorities.
10. Recovery & Restoration
Recovery may involve:
• Restoring from backup
• Rebuilding compromised systems
• Patch implementation
• Security configuration hardening
• Firewall policy revision
Recovery speed is aligned with defined service levels.
11. Documentation & Reporting
Each incident is:
• Logged
• Documented
• Reviewed
• Assessed for systemic improvements
Where applicable, clients receive incident reports.
12. Preventative Improvements
Following resolution:
• Vulnerabilities are addressed
• Monitoring thresholds are adjusted
• Staff training reinforced
• Policy improvements implemented
Continuous improvement is embedded into the framework.
13. Roles & Responsibilities
DCM Responsibilities:
• Detect incidents
• Contain threats
• Notify affected parties
• Restore services
• Document findings
Client Responsibilities:
• Report anomalies
• Maintain credential security
• Cooperate in remediation
• Maintain internal governance controls
14. Third-Party Coordination
Where incidents involve:
• Microsoft services
• Bitdefender security tools
• WatchGuard firewalls
• Internet service providers
DCM coordinates with relevant vendors.
15. Continuous Review
This policy is reviewed periodically to address:
• Emerging cyber threats
• Regulatory updates
• Operational improvements
16. Contact for Security Incidents
Security concerns may be reported to:
cyber@office.dcmhub.com
Recruitment Privacy Notice
Recruitment Privacy Notice
Digital Cloud Management Ltd (DCM)
Last Updated: Friday 20 February 2026
1. Introduction
Digital Cloud Management Ltd (“DCM”, “we”, “us”, “our”) is committed to protecting the privacy and personal data of individuals who apply for employment or engagement with our organisation.
This Recruitment Privacy Notice explains how we collect, use, store, and protect personal data during the recruitment process.
This notice applies to:
• Job applicants
• Contractors
• Temporary staff
• Internship applicants
• Recruitment agency submissions
We process personal data in accordance with:
• UK GDPR
• Data Protection Act 2018
• Applicable employment legislation
2. Who We Are
Company Name: Digital Cloud Management Ltd
Registered in: England & Wales
Registered Office: 981 Great West Road, Brentford, TW8 9DN, United Kingdom
For recruitment purposes, DCM acts as the Data Controller.
3. What Information We Collect
During recruitment, we may collect:
3.1 Identity Information
• Full name
• Address
• Date of birth
• Nationality (where required for right-to-work checks)
3.2 Contact Information
• Email address
• Phone number
3.3 Employment Information
• CV / Resume
• Employment history
• Qualifications
• Professional certifications
• Skills & references
3.4 Assessment Data
• Interview notes
• Skills test results
• Technical assessment outcomes
• Background check results (where applicable)
3.5 Right to Work Information
• Passport or ID documents
• Visa status
• Immigration documentation (where applicable)
4. How We Collect Information
We collect information through:
• Direct applications via our website or external website
• Email submissions
• Recruitment agencies
• Interview processes
• Professional networking platforms
5. Lawful Basis for Processing
We process recruitment data based on:
• Legitimate interest (assessing suitability for employment)
• Contractual necessity (where employment is offered)
• Legal obligation (right-to-work verification)
• Consent (where required)
6. How We Use Recruitment Data
We use applicant data to:
• Assess suitability for a role
• Conduct interviews
• Perform background checks (where relevant)
• Verify qualifications
• Conduct right-to-work checks
• Maintain internal recruitment records
We do not use recruitment data for marketing purposes.
7. Data Retention
If your application is unsuccessful:
• We may retain your details for up to 12 months for future opportunities (unless you request deletion)
If successful:
• Your data will become part of your employment record and retained in accordance with employment data policies.
8. Data Sharing
We may share recruitment data with:
• Internal hiring managers
• Recruitment agencies (where applicable)
• Background verification providers
• Legal or regulatory authorities (if required)
We do not sell applicant data.
9. International Transfers
Applicant data is primarily processed within the United Kingdom. If transferred internationally, appropriate safeguards will be applied.
10. Data Security
We implement technical and organisational safeguards including:
• Restricted access controls
• Secure data storage
• Encrypted communication channels
• Confidential handling procedures
11. Applicant Rights
Under UK GDPR, applicants have the right to:
• Access their personal data
• Request correction
• Request deletion
• Restrict processing
• Object to processing
• Withdraw consent (where applicable)
Requests may be sent to:
hr@office.dcmhub.com
12. Equal Opportunity & Non-Discrimination
DCM is committed to fair and lawful recruitment practices and does not discriminate based on:
• Age
• Gender
• Race
• Religion
• Disability
• Sexual orientation
• National origin
Recruitment decisions are based solely on merit and suitability.
13. Withdrawal of Application
Applicants may withdraw their application at any time by notifying us in writing.
14. Complaints
If you have concerns regarding how your recruitment data is handled, you may contact us directly or lodge a complaint with the UK Information Commissioner’s Office (ICO).
15. Policy Updates
This Recruitment Privacy Notice may be updated periodically to reflect legal or operational changes.
Modern Slavery Statement
Modern Slavery Statement
Digital Cloud Management Ltd (DCM)
In accordance with the UK Modern Slavery Act 2015
Last Updated: Friday 20 February 2026
1. Introduction
Digital Cloud Management Ltd (“DCM”, “we”, “us”, “our”) is committed to operating ethically and with integrity in all aspects of our business.
We recognise our responsibility to prevent modern slavery, human trafficking, forced labour, and exploitation within our operations and supply chains.
This statement is made pursuant to Section 54 of the UK Modern Slavery Act 2015 and outlines the steps DCM takes to ensure modern slavery does not occur within our business or supply chain.
2. Our Organisation
DCM is a UK-registered company providing:
• Managed IT Support
• Cybersecurity Services
• Microsoft 365 & Cloud Services
• Network & Internet Services
• Backup & Disaster Recovery
• CCTV & Physical Security
• Web & Digital Solutions
We operate primarily within the United Kingdom and serve clients across selected international markets.
3. Our Commitment
We are committed to:
• Upholding human rights
• Preventing exploitation
• Ensuring fair employment practices
• Promoting ethical business conduct
• Maintaining transparency in supply chains
Modern slavery is incompatible with our values and governance framework.
4. Risk Assessment
As a technology services provider, DCM considers the risk of modern slavery within our direct operations to be low.
However, we acknowledge potential risk areas in:
• Third-party technology vendors
• Hardware supply chains
• Hosting providers
• Infrastructure suppliers
• International service partners
We conduct reasonable due diligence when engaging third-party providers.
5. Supplier Standards
DCM expects suppliers and partners to:
• Comply with applicable labour laws
• Prohibit forced or compulsory labour
• Prohibit child labour
• Ensure safe working conditions
• Operate with ethical recruitment practices
Where appropriate, we may request confirmation of compliance from suppliers.
6. Internal Policies
DCM maintains internal governance policies including:
• Acceptable Use Policy
• Information Security Statement
• Recruitment Privacy Notice
• Complaints Procedure
• Code of Professional Conduct
These policies promote lawful and ethical conduct.
7. Recruitment Practices
DCM ensures that:
• All staff are employed voluntarily
• Employment terms are clear and transparent
• Right-to-work checks are conducted
• No recruitment fees are charged to employees
• Employees may leave employment freely
We do not tolerate forced labour in any form.
8. Training & Awareness
While operating in a low-risk sector, DCM promotes awareness of ethical standards and encourages staff to report concerns through structured channels.
9. Reporting Concerns
If concerns regarding modern slavery or unethical conduct arise, they may be reported to:
compliance@office.dcmhub.com
All reports are reviewed and investigated appropriately.
10. Governance & Review
This statement is reviewed periodically to ensure it remains aligned with:
• UK legal requirements
• Operational changes
• Risk assessments
11. Approval
This statement has been approved by the management of Digital Cloud Management Ltd.
Signed on behalf of DCM:
Name: JEFFREY SAM
Title: Director
Date: 20/02/2026
Accessibility Statement
Accessibility Statement
Digital Cloud Management Ltd (DCM)
Last Updated: Friday 20 February 2026
1. Commitment to Accessibility
Digital Cloud Management Ltd (“DCM”, “we”, “us”, “our”) is committed to ensuring digital accessibility for all users, including individuals with disabilities.
We strive to provide a website and digital services experience that is inclusive, accessible, and aligned with recognised accessibility standards.
Accessibility is an integral part of our governance and operational framework.
2. Accessibility Standards
We aim to align our website and digital platforms with:
• Web Content Accessibility Guidelines (WCAG) 2.1 Level AA (where reasonably practicable)
• UK Equality Act 2010 principles
• International accessibility best practices
We recognise that accessibility is an ongoing process and are committed to continuous improvement.
3. Accessibility Features
Our website incorporates accessibility-focused features, including:
• Clear navigation structure
• Readable typography and sufficient contrast
• Logical heading hierarchy
• Keyboard navigation support
• Alternative text for meaningful images
• Structured content layout
• Consistent design patterns
• Accessible form fields
• Error identification guidance
We aim to ensure content remains perceivable, operable, understandable, and robust.
4. Known Limitations
While we aim for full accessibility compliance, some limitations may exist, including:
• Third-party embedded content
• External partner platforms
• Legacy downloadable documents
We actively review and improve these areas where possible.
5. Ongoing Monitoring & Improvement
Accessibility is reviewed periodically as part of our website maintenance and governance procedures.
Our improvement process includes:
• Periodic accessibility audits
• Content structure reviews
• Code validation
• Feedback-based improvements
Accessibility is integrated into our digital governance framework.
6. Feedback & Assistance
If you encounter accessibility barriers while using our website, please contact us.
We are committed to responding promptly and working toward resolution.
Contact:
Digital Cloud Management Ltd
981 Great West Road
Brentford
TW8 9DN
United Kingdom
Email: compliance@office.dcmhub.com
Please include:
• Description of the issue
• Page URL (if applicable)
• Device and browser information
7. Alternative Formats
Where required and reasonably practicable, we may provide information in alternative formats upon request.
8. Third-Party Content Disclaimer
Certain areas of our website may link to or integrate third-party services (e.g., Microsoft platforms, partner tools). Accessibility of those platforms is governed by their respective providers.
9. Regulatory Alignment
This Accessibility Statement demonstrates our commitment to:
• Digital inclusion
• Equal access principles
• Responsible governance
• Regulatory transparency
• Ethical service delivery
10. Policy Review
This statement will be reviewed periodically to ensure ongoing alignment with evolving accessibility standards and best practices.
Frequently Asked Questions (Compliance & Governance)
1 Is DCM a legally registered UK company?
Yes. Digital Cloud Management Ltd is registered in England & Wales and operates under UK corporate and regulatory law. All services are delivered under formal contractual agreements.
2 Do you operate under UK GDPR?
Yes. Where DCM acts as a data processor, we provide structured Data Processing Addendum (DPA) documentation outlining processing responsibilities, safeguards, and legal alignment.
3 Do you provide Data Processing Agreements (DPA)?
Yes. Where DCM acts as a data processor, we provide structured Data Processing Addendum (DPA) documentation outlining processing responsibilities, safeguards, and legal alignment.
4 Where is client data stored?
Data storage depends on the selected cloud provider (e.g., Microsoft 365). We align configurations with UK/EU data residency requirements where applicable and ensure secure processing controls.
5 Do you offer Service Level Agreements (SLA)?
Yes. Our structured plans include clearly defined SLAs outlining response times, escalation procedures, support coverage, and accountability standards.
6 How do you handle cybersecurity incidents?
DCM follows a documented Incident Response framework that includes detection, containment, investigation, remediation, and reporting, supported by 24/7 monitoring oversight.
7 Do you operate 24/7?
Yes. Our Managed IT and Cybersecurity services include continuous monitoring and structured escalation procedures. Remote support is available 24/7, with onsite coordination based on service tier.
8 Do you integrate trusted security partners?
Yes. We integrate recognised enterprise security platforms (e.g., Bitdefender, WatchGuard, Microsoft) into our service framework to deliver layered protection.
9 How do you ensure confidentiality?
We enforce role-based access controls, secure configurations, encryption standards, and documented internal policies to protect client information.
10 Do you operate under one unified service contract?
Yes. DCM consolidates Managed IT, Cybersecurity, Cloud, Network, Backup, and Physical Security services under one structured and accountable agreement reducing vendor fragmentation and improving governance.
11 Do you offer a free trial?
Yes. We offer a structured 30-day Premium Trial allowing clients to evaluate our 24/7 Managed IT and Cybersecurity framework before committing.
12 How do you handle complaints?
We maintain a documented Complaints Procedure ensuring timely acknowledgement, investigation, and structured resolution in accordance with UK commercial standards.
13 Are your policies documented and accessible?
Yes. DCM maintains publicly available policies including:
• Privacy Policy
• Cookie Policy
• Terms of Service
• Acceptable Use Policy
• Refund Policy
• Complaints Procedure
• Information Security Statement
• Incident Response Policy
• Recruitment Privacy Notice
• Modern Slavery Statement
14 Do you support banking and financial onboarding requirements?
Yes. Our structured governance framework, documented policies, and operational transparency support financial institution and payment processor compliance checks.
15 Do you provide documentation for regulatory review?
Yes. Upon request, DCM can provide relevant governance documentation to support compliance reviews and onboarding processes.
Official Technology Partners & Certified Solution Providers