Privacy Policy
Information you share with us.
Personal data/information not only includes names, addresses, dates of birth as you would expect but can also include information such as who you work for, what you do for a living or anything that someone could use to identify you as an individual.
What your information is used for.
The lawful bases for processing the information you provide is one or more of the following as set out in Article 6 of the GDPR:
Consent: the individual has given clear consent for you to process their personal data for a specific purpose.
Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.
Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations).
Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests. (This cannot apply if you are a public authority processing data to perform your official tasks.)
We require specific information to provide our services to you. We reserve the right to send you information regarding your account with us (for example, but not limited to: Account and payment status, updates to terms and conditions, general customer communications, e.g price changes, opening hours). This is in line with the GDPR regulations.
If you email us, we will keep the content of your message, your email address, and your contact information to respond to your request.
We do not sell or give your information to a third party unless specifically ordered to by a court of law with jurisdiction.
How long we keep your information.
We retain contact information account data for as long as necessary to provide services and support and fulfil transactions you have requested, or for other essential purposes such as complying with our legal obligations and resolving disputes and enforcing our agreements.
How your information is stored.
Robust security has always been a crucial part of everything we do. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access, use or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. Any data we transmit over email/the internet is protected using encryption. We carry out regular reviews of all systems and apply patches for security issues.
Credit Card Information.
Our card payments are processed through our payment service provider PayVector, a trading name of Iridium Corporation who also prevent, detect, and investigate fraud or other prohibited activities and dispute’s such as chargebacks, and for other purposes associated with the acceptance of credit and debit cards.
Remote Access.
Processing of personal data is unavoidable when initiating a remote control session. To facilitate the connection, the remote device must be identified via username, IP address, hostname, or alias of some kind.
Remote access support is optional.
We are able to offer clients remote access support and alternatively telephone or onsite support where requested.
Clients are welcome to remain present whilst engineers remote access their computer and is able to see what the engineer is accessing.
Our remote access is carried out via a secure services provided by https://www.logmeinrescue.com/resources and https://www.logmein.com/pro/security-information
These services are encrypted with SSL/TLS authentication https://www.logmein.com/pro/security-information no data is recorded or kept using these services.
Telephone Calls.
We use call recording for monitoring service levels, or staff training. The lawful basis for this is one or more of the following:
All parties in the call have given consent to be recorded.
Recording is necessary to protect the interests of one or more of the call participants.
Recording is in the legitimate interests of the recorder, unless those interests are overridden by the interests of the participants in the call.
We currently use a standard call recording package where calls are kept for 3 months with a Third Party provider. Limited staff are granted access to the calls via a secure web portal. Specific calls can be deleted on request, unless for example, but not limited to, they are required for things such as defence of legal or potential claims. The phone system informs the caller that calls are recorded for training purposes before putting them through to staff.
Use of Third Party Controllers and Processors.
Any third parties we use will be vetted for adequate security and checked for compliance with the GDPR as part of our security measures review. We will ensure that they are compliant with existing regulations and that they have appropriate security measures in place to adequately protect the data we share with them.
Updating our privacy policy.
We will update our privacy statement as necessary to ensure that our policies are in line with international regulations, our services and business practices.