This Policy may change from time to time and, if it does, the up-to-date version will always be available on our website and becomes effective immediately.
Please take the time to read this Policy, which contains important information about the way in which we process personal data.
For the purposes of this Policy, “Data Protection Legislation” is defined as,
- unless and until the GDPR is no longer directly applicable in the UK, the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then
- any successor legislation to the GDPR or the Data Protection Act 1998.
Information we may collect about you
We may collect and process information about you and your personnel through various means, including:
- in the course of carrying out work for you (or your business)
- via our website (e.g. on our contact page or when submitting a job application etc.)
- by email or other electronic correspondence
- by telephone
- networking (e.g. at client events and/or other seminars and meetings or events either hosted or attended by us)
- by operating security policies and procedures in our offices (e.g. by virtue of our access to CCTV footage recorded and collected in our offices)
- otherwise through providing our IT sales and support services or operating our business.
The personal data you give to us may include:
- your name and title
- contact information, including telephone number, postal address and email address
- information relating to your location, preferences and/or interests
- employment and job application details, e.g. date of birth, employment history, qualifications
- photographic identification and video footage
- in certain circumstances, your and others’ signature(s), National Insurance number(s), financial details such as bank account details and details of any relevant sanctions or similar restrictions
- the content of any enquiry submitted over our website
- any other personal data we collect (such as the client reference number which may be assigned to you) in the context of our work for our clients or in the course of operating our business.
We may ask you for information when you report a problem with our website.
If you contact us, we may keep a record of that correspondence.
The personal data described above may relate to any of the following categories of person:
- our clients and clients’ personnel
- those emergency contacts whose details have been provided to us by our people
- third parties with whom we have contact by virtue of providing IT sales and support services (e.g. third-party sub-contractors providing specialist services for clients)
- our contacts at our third-party sub-contractors or others with whom we work in the context of our IT sales and support services
- our prospective target clients
- our contractors and suppliers
- those who submit enquiries through our website or whose details are otherwise entered into our client relationship management system
- any other visitor to our offices.
- Web usage information (e.g. IP address), your login information, browser type and version, time zone setting, operating system and platform.
- Information about your visit, including the full Uniform Resource Locators (URLs) clickstream to, through and from our website (including date and time); time on page, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs).
- Location, device and demographic information (Google Analytics provides age range and gender information. Find out more about how Google collects demographic data).
How we will use your information
We may use your information for the following purposes:
- to respond to any query that you may submit to us
- to manage our relationship with you (and/or your business), including by maintaining our database of clients and other third parties for administration, and accounting and relationship management purposes
- to complete our contractual obligations to you, or otherwise taking steps as described in our Terms & Conditions and Service Agreement (including any associated administration)
- to send you any relevant information on our services and events that may be of interest to you using the email and/or postal address which you have provided, but only if you have given us your consent to do so or we are otherwise able to do so in accordance with applicable Data Protection Legislation
- ensure that our website’s content is presented in the most effective manner for you and your device
- to customise our website according to your interests
- to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey responses
- to allow you to participate in interactive features on our website when you choose to do so
- as part of our efforts to keep our website safe and secure
- to measure or understand the effectiveness of advertising we send to you and others, and to deliver relevant advertising to you
- to ensure we appropriately administer any attendance/visits to our offices
- to comply with any other professional, legal and regulatory obligations which apply to us or policies that we have in place
- as we feel is necessary to prevent illegal activity or to protect our interests.
All of these purposes are supported by one or more of the following lawful justifications. We need your personal data only:
- To perform the services or provide the products that you have asked us to under contract or in connection with a contract that we are each considering entering into;
- Because it is in our legitimate interests to collect the personal data, having objectively balanced your privacy interests against that;
- Because we have a legal obligation to collect certain personal data from you; or
- Because you have granted us explicit consent to use your personal information for a specific purpose.
Sharing your information
We may share your details with carefully selected third parties. These may include service providers, support services and organisations that help us to market our services and third parties instructed to enable us to fulfil our contractual obligations to you and/or our clients in the course of business.
If we share your information with third parties they will process your information as either a data controller or as our data processor and this will depend on the purposes of our sharing your personal data. We will only share your personal data in compliance with the Data Protection Legislation which includes the principle to limit data sharing to that which is strictly necessary to achieve a specific purpose.
We may disclose your information to third parties when:
- you specifically request this or it is necessary to provide our IT sales and support services to you (e.g. when we need to use a sub-contractor to provide a specialist service)
- we feel other companies’ products and services may interest you but only if you have given us your consent to do so or we are otherwise able to do so in accordance with our contract or applicable Data Protection Legislation
- in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets
- if our website or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property or safety of our website, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
The third parties include:
- our bank and/or bureau for the purpose of Direct Debit collections etc.
- our insurers
- our auditors, including external accreditation bodies
- other professional advisors or third parties
- our data processors providing offsite storage and/or backup facilities, specialist support and/or specialist services and other business support services
- our email marketing platform provider and our website platform provider
- selected partner digital agencies and online job application provider
- analytics and search engine providers that assist us in the improvement and optimisation of our website
- any third party you ask us to share your data with.
Our website may, from time to time, contain links to and from the websites of advertisers and partners. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
We will not rent or sell our users’ or other contacts’ details to any other organisation or individual.
Storage and retention of your personal data
We follow strict security procedures as to how your personal information is stored and used, and who sees it, to help stop any unauthorised person getting hold of it. All personal information you register on our website will be located behind a firewall. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. Unfortunately, the transmission of information via the internet is not completely secure and although we do our best to protect your personal data, we cannot absolutely guarantee the security of your data.
Where you are a client, we will keep your information stored on our systems for as long as it takes to provide the services to you and in accordance with our Terms & Conditions and Service Agreement. We may keep your data for longer than our stated retention period if we cannot delete it for legal, regulatory or technical reasons. We may also keep it for research, preventing conflicts of interests or statistical purposes. If we do, we will ensure that appropriate safeguards are in place to protect your privacy and only used for those purposes.
Any contact details stored on our client relationship management database will be removed from our mailing lists if they do not interact with our emails (i.e. open emails or click on links within them) for a certain period following which they will be moved to an archive folder before being deleted permanently.
The third parties we engage to provide services on our behalf will keep your data stored on their systems for as long as is necessary to provide the services to you.
We will not store your information for longer than is reasonably necessary or required by law.
Sending your information outside of the EEA
We will only transfer the personal information we collect about you relating to your contact details outside the EEA and only to the United States of America in order to perform our contract with you and to secure the provision of hardware or software licences on your behalf.
To ensure that your personal information receives an adequate level of protection we will only transfer such details to organisations like Dell and Microsoft where they have ensured that your personal information is treated in a way that is consistent with and which respects the EU and UK laws on data protection.
If you require further information about these protective measures, please see the contact information at the end of this policy or use the contact page on our website.
Asking us to stop processing your personal data
You have the right to opt out of us sending you marketing communications at any time. If you wish us to stop processing your personal data for this or other reasons, please contact us by using the contact information at the end of this policy or use the contact page on our website.
We may still need to process some of the data that you have provided to us on other grounds and will notify you of these at such time.
Your information rights
Changes to your personal data:
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us (for example if you change your email address or if you wish to cancel a request for information). Under certain circumstances, by law, you have the right to:
|Request access to your personal information (commonly known as a “data subject access request”)||This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
|Request correction of the personal information that we hold about you||This enables you to have any incomplete or inaccurate information we hold about you corrected.
|Request erasure of your personal information||This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
|Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.||You also have the right to object where we are processing your personal information for direct marketing purposes.
|Request the restriction of processing of your personal information||This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it.|
|Request the transfer of your personal information to another party.
|This enables you to seek a transfer of your personal data to a third party elected by you.|
|Complain to the Information Commissioner’s Office (ICO)||If you have a complaint about the way in which we are managing and processing your personal data.|
Please note: in the event that an access request is unfounded, excessive or especially repetitive, we may charge a ‘reasonable fee’ for meeting that request. Similarly, we may charge a reasonable fee to comply with requests for further copies of the same information. (That fee will be based upon the administrative costs of providing the information).
If at any time you do not think that we have complied with the Data Protection Legislation, please contact us straight away to let us know.
You also have the right to make a complaint to the Information Commissioner’s Office. For more details please visit the ICO website.
Questions, comments and requests regarding this Policy should be addressed to:
Name: Chris Patten
Address: Melford House, 6 Oaklands Business Park, Yate, Bristol. BS37 5NA
Email address: firstname.lastname@example.org Telephone number: 0800 091 3252
Alternatively, you can contact us via the contact page on our website.