Security & Data Processing Statement
How this website and the data you submit through it are protected, and who processes what.
Last updated: 15 July 2026
1. Scope
This statement describes the technical and organisational measures protecting cdnworld.com and the data submitted through it, and how that data is processed. It supplements our Privacy Policy.
2. Architecture
The Website is a static site: it has no user accounts, no customer database and no server-side application storing personal data. This design removes entire classes of risk, including credential theft and database breaches, because there is nothing of that kind to breach.
3. Encryption in transit
All traffic is served exclusively over HTTPS (TLS). HTTP Strict Transport Security (HSTS) instructs browsers to refuse unencrypted connections.
4. Security headers
The Website enforces a Content Security Policy restricting resources to our own domain; X-Frame-Options DENY against clickjacking; X-Content-Type-Options nosniff; a strict Referrer-Policy; and a Permissions-Policy disabling camera, microphone, geolocation and payment APIs. Directory listing is disabled.
5. Third parties
The Website loads no third-party scripts, fonts, pixels or trackers. Visiting it causes no requests to any server other than our own hosting infrastructure.
6. Form data and processing roles
Information submitted through our forms (contact, assessment, partner, newsletter) is transmitted over TLS to our mail system and handled by Web and Cloud Innovation Ltd. as data controller, on the lawful bases and for the retention periods described in the Privacy Policy. Our hosting and e-mail providers act as processors under contractual terms consistent with Article 28 GDPR.
7. Incident response
Suspected vulnerabilities or incidents can be reported to legal@cdnworld.com. We investigate all reports and, where personal data is affected, follow the notification duties of Articles 33 and 34 GDPR.
