Introduction.
- This Privacy Notice explains what we do with your personal data, whether we are in the process of helping you as a customer or dealing with individuals working for our suppliers.
- It describes how we collect, use and process your personal data, and how, in doing so, we comply with our legal obligations to you. Your privacy is important to us, and we are committed to protecting and safeguarding your data privacy rights.
- This Privacy Notice applies to the personal data of our Website Users, Customers, Suppliers and other people whom we may contact to undertake our business.
Please visit this page if you want to stay up to date, as we will post any changes to this policy, here.
Who we are.
- This Privacy Notice refers to Simply IT (GB) Ltd- Registered in England and Wales No. 9363625
- If you have any cause for complaint, if you wish to exercise any of your privacy rights or if you just want to clarify how we use your personal data you should contact management on telephone number 01924 666 097, in the first instance.
Whose data do we process?
- Customers: If you are a customer, we need to collect and use information about you, or individuals at your organisation, in the course of providing you services such as:
- Sale of Hardware and Software
- IT Services as a Reseller
- Sale of Office Supplies
- Media Services, such as Print, Design and Website Development
- We limit the data we collect about customers; we need to make sure that our relationship runs smoothly so we will collect the details of contacts within your organisation, such as names, telephone numbers and email addresses.
- We may pass on your details to our suppliers, in order that they are able to fulfil your order.
- In most cases, our suppliers will arrange delivery directly with our customers, however there are occasions where we will pass on your personal data to logistics companies if we have to deliver items to you directly.
- We will also collect bank details, so that we can arrange payment for services.
- We may also hold extra information that someone in your organisation has chosen to tell us.
- The main reasons for using your personal data are to ensure that the contractual arrangements between us can properly be implemented so that the relationship can run smoothly, and to comply with legal requirements.
- We use ‘cloud storage’ and ‘office applications’ to assist us with our business operations. All of this data processing on the web is based in the EU.
- We may use your personal data if we deem this necessary for other legitimate interests, such as recovering any outstanding debts etc.
- Suppliers and Professional Services: We limit the data we collect about Suppliers and our advisors – we need to make sure that our relationship runs smoothly so we will collect the details for our contacts within your organisation, such as names, telephone numbers and email addresses. We will also collect bank details, so that we can pay you. We may also hold extra information that someone in your organisation has chosen to tell us.
- The main reasons for using your personal data are to ensure that the contractual arrangements between us can properly be implemented so that the relationship can run smoothly, and to comply with legal requirements.
- We utilise a UK hosted VOIP service which does contain personal data in the form of our address book however, we do not currently record any calls on this system other than any voicemail message which you may chose to leave.
- We may use your personal data for the above purposes if we deem this to be necessary for our legitimate interests, such as recovering any outstanding debts etc.
- Website Visitors: We do not routinely collect or store any information pertaining to the visitors of our website. Please visit this page if you want to stay up to date, as we will post any changes to this policy, here.
- We collect data from you on our website if you enter any data into the web forms, such as our ‘Contact us’ page. This data is emailed directly to the relevant person in our organisation and is not retained on our website.
How long do we keep your personal data for?
- We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
- If we have not had meaningful contact with you (or, where appropriate, the company you are working for or with) for a period of two years, we will review your data and make efforts to determine if it is still relevant to our relationship.
- If it is not we will delete your personal data from our systems unless we believe in good faith that the law or other regulation requires us to preserve it (for example, because of our obligations to tax authorities or in connection with any anticipated litigation).
- If we learn an individual has left our customer or supplier we will delete that individuals’ personal data from our systems unless we believe in good faith that the law or other regulation requires us to preserve it (for example, because of our obligations to tax authorities or in connection with any anticipated litigation).
- To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
- By law, we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
How do we process your data internationally?
There are circumstances where we may transfer your personal data internationally, this may be:
- between and within our different legal entities;
- to third parties (such as advisers or other suppliers to our business);
- to overseas suppliers
- to overseas clients
- to a cloud-based storage provider; and
- to other third parties
To ensure that your personal information receives an adequate level of protection, we have put in place appropriate procedures with the third parties we share your personal data with to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects the law on data protection.
Exercising your rights
- Even if we hold your personal data, you still have various rights in relation to it. To get in touch about these, please contact us. We will seek to deal with your request without undue delay, and in any event in accordance with the requirements of any applicable laws. Please note that we may keep a record of your communications to help us resolve any issues, which you raise.
- Right to object: If we are using your data because we deem it necessary for our legitimate interests to do so, and you do not agree, you have the right to object. We will respond to your request within 30 days. Generally, we will only disagree with you if certain limited conditions apply.
Right to rectification: If you have informed us that your personal data is inaccurate you have the right to have your data corrected on our systems. We will respond to your request within 30 days.
Right to restrict processing: Where we have obtained your consent to process, your personal data or you object to any other processing we deem in our legitimate interest, you may ask us to stop this processing. We will assess if our interests prevail and make a decision based upon this assessment. In the event that you are requesting that we stop marketing to you, we will do this unconditionally.
Data Subject Access Requests (DSAR): Just so it is clear, you have the right to ask us to confirm what information we hold about you at any time, and you may ask us to modify, update or delete it. At this point we may comply with your request or, additionally do one of the following:
- we may ask you to verify your identity, or ask for more information about your request; and
- where we are legally permitted to do so, we may decline your request, but we will explain why if we do so.
Right to erasure: In certain situations (for example, where we have processed your data unlawfully), you have the right to request us to “erase” your personal data. We will respond to your request within 30 days and will only disagree with you if certain limited conditions apply. If we do agree to your request, we will delete your data but will retain your name on our register of individuals who would prefer not to be contacted or have been erased. That way, we will minimise the chances of you being contacted in the future where your data are collected in unconnected circumstances.
Right of data portability: If you wish, you have the right to transfer your data from us to another data controller. We will help with this – either by directly transferring your data for you, or by providing you with a copy in a commonly used machine-readable format.
Automatic Decision Making: There are often occasions where organisations make automated decisions based upon personal data held. You have the right to have a person intervene in this decision-making process. We do not undertake any profiling or automated decision making on your personal data
Right to lodge a complaint with a supervisory authority: You also have the right to lodge a complaint with your local supervisory authority, if you want to exercise this right you should contact the Information Commissioners Office at www.ico.org.uk.
If your interests or requirements change, you can unsubscribe from part or all of our marketing content by clicking the unsubscribe link.
Cookies Used
Cookie Name | Cookie Owner | Cookie Description |
---|---|---|
_gat | Google Analytics | Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_ . |
_gid | Google Analytics | Used to distinguish users. |
wfvt_ | Wordfence | This allows a security plugin we use to operate |
wfwaf-authcookie | Wordfence | This cookie is set by the WordPress security plugin “Wordfence”. It is used to authenticate user’s login request. |
wordfence_verifiedHuman | Wordfence | Cookie set by the Wordfence Security WordPress plugin to protect the site against malicious attacks. |
wfvt_2941393772 | Wordfence | This allows a security plugin we use to operate |
_ga | Google Analytics | Used to distinguish users. |
DYNSRV | Hosting Provider | This cookie is believed to be used for load balancing to manage server traffic demand. |
wordpress_logged_in | WordPress | After login, wordpress sets the wordpress_logged_in_[hash] cookie, which indicates when you’re logged in, and who you are, for most interface use. |
wordpress_sec | WordPress | Essential WordPress session management cookies for logged in users. |
wordpress_test_cookie | WordPress | WordPress sets this cookie when you navigate to the login page. The cookie is used to check whether your web browser is set to allow, or reject cookies. |
wp-setting- | WordPress | WordPress also sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface. |
wp-settings-time- | WordPress | WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface. |
gdpr_popup | Simply IT GB | This cookie is used to track who has already been shown the notice. The cookie has been set never to expire unless there is a change in the privacy policy. |