Research and analysis

Grant Thornton Privacy Notice

Published 30 January 2025

© Crown copyright 2025

This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.

Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.

This publication is available at https://www.gov.uk/government/publications/survey-on-the-state-of-uk-cyber-insurance-market/grant-thornton-privacy-notice

Privacy notice: survey on the state of UK cyber insurance market

1. About this research  

Grant Thorton has been commissioned by the Department for Science, Innovation and Technology (DSIT) to develop research on the UK cyber insurance market in order to provide government with a better understanding of the state of the cyber insurance market and levels uptake of cyber insurance by SMEs.

We are looking for people responsible for making decision about the procurement of cyber insurance for their company across the UK to participate in this survey. The focus of the survey is on people who represent small and medium sized enterprises (SMEs), which are companies that employ between 10 and 249 employees.   

Participants will be asked questions about:  

  • Their understanding and awareness of cyber insurance;  
  • Their own experience of the process of procuring cyber insurance;  
  • The types and costs of cyber insurance that they have procured; and  
  • Their views on the benefits and limitations of cyber insurance for SMEs

We may also request a short follow up interview to develop a number of case studies for the final report. Your insight will be used to create a report which will inform government policy on cyber insurance for the small and medium sized enterprise market.  

2. About your data  

Grant Thornton will collect and process the minimum amount of data possible to carry out this research. We will request some personal data including your name and email address and some information about the organisation you work for. All data is held on Grant Thornton IT systems, and we will not share your personal data with DSIT or third parties. Any insight developed from this research will be anonymised. During this research we will also collect high-level information about the cyber security of your organisation. Grant Thorton holds ISO27001 accreditations for Information Security.

We will not sell or rent any of your data to third parties or share your data with third parties for marketing purposes.  

The data collected through this form will be held for a maximum of 3 months. After this point, we will delete all personal data relating to you but may retain research data containing your anonymised quotes.  

Under UK GDPR, you have the right to access the personal data we hold about you, and request deletion of your data. You have the right to withdraw consent to the processing of your personal data at any time. Please contact DataProtectionOfficer@uk.gt.com if you would like to request access, deletion or to invoke any of your other rights.  

This research project can be verified by contacting cybergovernance@dsit.gov.uk.

Back to top