For the purpose of the General Data Protection Regulations, We (as defined and detailed in this website (our Site)) are the Data Controller.
Within the meaning of the General Data Protection Regulations we consider the following organizations to be Data Processors that we have engaged to assist us in processing your data:
- Microsoft – information held by us in electronic form is either stored within our Office 365 application or within an encrypted Microsoft Azure database. Both of these products utilise Microsoft support contracts.
- SendGrid – process all email messages sent from our administrative systems. SendGrid provide us with details of all events arising from each of the emails we send.
- Twilio – process any text messages sent or received from our administrative systems. Twilio provide us with status information relating to each message.
- stpsolutions – provide web application development and support services
- Saitech UK – provide general IT consultancy and support services
Information we may collect from you
We may collect and process the following data about you:
- Information that you provide by filling in forms on our Site. This includes information provided at the time of registering to use our Site, subscribing to any of our services, posting material, requesting further services or responding to invitations we may send to you. We may also ask you for information when you report a problem with our Site.
- If you contact us, we may keep a record of that correspondence, text message or telephone call
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- Details of transactions you carry out through us and of the fulfilment of your instructions.
- Details of your visits to our Site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own purposes or otherwise and the resources that you access.
If you ask us to delete your information, we will delete all personal information we hold that does not conflict with our right to retain information that enables us to comply with regulatory or contractual obligations we may have.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to track the source of telephone calls made to us. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
Where we store your personal data
Where your personal information is stored by us in electronic format it is held either in servers securely located within our premises or held in encrypted format in one or more Microsoft Data Centres within the EU. Email communications pass through and are temporarily stored on servers in the US. By providing us with your personal information, you agree that we may transfer, store and process your information in this manner.
Unfortunately, the transmission of information via the internet is not completely secure. Although we employ security measures designed to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Uses made of the information
We use information held about you in the following ways:
- To ensure that content from our Site is presented in our opinion in the most effective manner for you and for your computer.
- To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
- To carry out our obligations arising from any contracts entered into between you and us.
- To allow you to participate in interactive features of our service, when you choose to do so.
- To notify you about changes to our service.
- We do not provide any data to any third-party for the purposes of advertising products.
Disclosure of your information
We may disclose your personal information to:
- any company under the same ownership as us or any company in which we have majority control;
- our Data Processors and other third parties working on our or their behalf (whether directly or indirectly).
We may disclose your personal information to third parties:
- In the event that we sell or buy any business, assets or shares, in which case we may disclose your personal data to the prospective seller or buyer of such business, assets or shares, having first secured the agreement of such buyer or seller to handle any such data as though they were a Data Controller.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions; or to protect our rights, property, or safety, or those of our customers or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
- Every now and again, requests are received for information from government departments, the police and other enforcement agencies. If this happens, and there is a proper legal basis for providing your information, it will be provided to the organisation asking for it.
Access to information
Data Protection legislation gives you the right to access information held about you. Your right of access can be exercised in accordance with the law. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.