Bespoke Computing Ltd is committed to providing IT support, IT services and tailor-made telephone and communications solutions to companies of all sizes across the UK. When it comes to how we collect, use and protect your personal information whilst doing that – your privacy is important and of the utmost priority to us.
That is why we have developed this Privacy Notice to:
- Set out the types of personal data that we collect;
- Explain how we use your data;
- Explain how we ensure your privacy is maintained; and
- Explain the rights and choices you have when it coms to your personal data.
This Privacy Notice also applies to the information about the people who enquire about our services, subsequently go on to use our services and people who use our websites.
All of our employees are responsible for maintaining client confidentiality. We provide training and education to all employees and we regularly review our policies and procedures. Our aim is to ensure that you have confidence in Bespoke Computing Ltd and feel comfortable about giving us your information.
If you wish to talk to us about this Privacy Notice and how we collect, use and process personal information – further details on how to contact us are set out later in this document.
This notice was last updated on 24th May 2018. We may change this notice from time to time to reflect changes in the law or our privacy practices. However, we will not use your personal information in any new ways without your consent.
What information do we collect about you?
When you enquire about our services, and throughout your relationship with Bespoke Computing Ltd, you’ll provide personal information to us. We may also collect certain information about you from others.
This may include some or all of the following pieces of information:
- Names and job titles
- Company name and address
- Contact information including email addresses
- Credit scoring information where credit facilities are offered
- Financial details for invoicing and payment processing purposes
- Names and contact details for your employees;
- Information relevant and necessary to deliver services, for example: installation addresses
- Data on how you interact with our websites and services (website cookies)
Where we collect personal data from you, we are known as the Data Controller as we decide the purposes for and the means by which the personal data we hold is processed. Where you supply the personal data, we are known as the Data Processor.
Sensitive Personal Data
It may benefit you to notify us of any health condition or disability you have so that we are aware of these conditions and how they affect you. This will allow us to take any reasonable steps to accommodate specific needs or requirements you have when providing our services to you. This type of information is known under the law as ‘special category information’ (or ‘sensitive personal data’) and we require your explicit consent to process this information.
This data will only be kept as long as it is required for this purpose, or until such time as you notify us you no longer consent to its processing.
How will we use your information?
Your information will be used by Bespoke Computing Ltd to do all of the things that you expect from us and to meet our obligations to you under our terms and conditions. This will include:
- Providing a tailored and personalised service;
- Internal audit purposes;
- Improving our services;
- Processing payments;
- Compliance with legal and regulatory obligations; and
- Periodically sending promotional communications that you may find interesting. The lawful basis on which we process for this activity includes contractual consent for clients, where there is legitimate interest, or where explicit consent has been provided.
Who will we share your information with?
Bespoke Computing Ltd works with carefully selected Service Providers that carry out certain functions on our behalf to support the services provided to you. These may include, for example, companies that help us with technology services or processing payments.
We only share personal data that enables our Service Providers to provide their services and it will always be shared in a secure and appropriate manner.
We may also share personal data with other organisations in the following circumstances:
- HMRC or other authorities require it;
- The law, a regulatory body or the public interest requires it;
- Where we need to establish, exercise or defend our legal rights;
- To an organisation we sell or transfer (or enter into negotiations to sell or transfer) any of our business, rights or obligations under any agreement we may have with you. If the sale or transfer goes ahead, the organisation receiving your personal data can use your personal data in the same way as us; or
- To any successors in title to our business.
The UK and other EEA countries provide a high standard of data protection and privacy however, it may sometimes be required to obtain services from other parts of the world that do not have a similar standard of data protection laws. If so, we will require and put contractual commitments in place that make sure your personal information is protected to at least UK standards.
How will we keep your information safe and secure?
We know that it is important to protect and manage your personal information. Some of the measures that we have in place for this includes:
- Computer safeguards such as firewalls, data encryption and removable media controls;
- Physical access to our buildings and paper records;
- Secure Sockets Layer (SSL) to encrypt information being transferred; and
- Enforcing physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data. We may occasionally ask for proof of identity before we share your personal data with you.
However, whilst we take appropriate measures to safeguard your personal data in our care, note that we cannot guarantee the security of any personal data that you transfer over the Internet to us.
How long will we keep your information for?
Bespoke Computing Ltd will keep your information for as long as we are providing you with a service or are likely to provide a service as a result of an enquiry that we have received. We will also keep your personal information for a certain period after our business relationship ends.
When determining how long this period will last, we take into account our legal and regulatory obligations, the expectation of data protection regulators and the amount of time we may strictly need to hold your information to carry on our business or defend our rights.
We will also need to keep your information in archived form in order to defend our legal rights. This may be for the period under which legal claims can be made under applicable law. In the UK, this is six years for contractual claims. We have policies and procedures in place to ensure that we delete information no longer needed for any of these purposes.
Your rights relating to your personal data
Under data protection legislation, you have certain rights over your personal information. We generally will not charge you to exercise your rights unless we deem your request to be excessive, repetitive or if the details have already been issued previously.
If you wish to contact us in respect of any of the Rights described below, details on how to contact us regarding this Privacy Notice are set out below. We will respond to your request within one month.
The rights are described below.
Right of Access
You have a right to as Bespoke Computing Ltd if we have your personal data. If we do, you have a right to know:
- Why we have it;
- What type of information we possess;
- Whether we have or will sent it to others, especially outside the European Economic Area (EEA);
- How long we will keep it;
- Where we got it from; and
- Details of any automated decision making.
If you want, you can ask for a copy of your information.
Rights of Rectification and Erasure
Where any of your information is incorrect, you have a right to tell us to correct it promptly. If your data is incomplete, you can ask us to correct this too.
You may have a right to have some or all of the information we hold about you deleted. However, you should be aware that we are required to maintain certain records even after our business relationship ends.
Right of Restriction and Right to Object
You have the right to restrict the processing of your personal data under certain circumstances, including if you have contested its accuracy and whilst this is being verified by us, or if you have objected to its processing and whilst we are considering whether we have legitimate grounds to continue to do so.
Depending upon the legal basis for which we are using your information, you may be entitled to object. For example, where we are using your information connected with marketing, we will stop if you object. However, if we are using your information to meet legal or regulatory requirements, we may continue to do so even if you object.
Right of Data Portability
In certain circumstances, you would be entitled to receive some of your information from us electronically. We can either pass the information to you, or to another person or business where it is practical for us to do so.
Automated Decision Making
You have the right not to be subjected to a decision based solely on automated processing, including profiling. Bespoke Computing Ltd does not process any personal data in this way.
Who to contact about your personal data
If you require any further information you may contact the Data Protection Office directly at firstname.lastname@example.org or in writing to:
The Data Protection Officer
Bespoke Computing Ltd
Stafford Park 7
Telford, TF3 3BQ.
Making a complaint
If you are not satisfied with our response to any query you raise with us, or you believe we are processing your personal data in a way which is inconsistent with the law, you may complain to the Information Commissioners Office whose helpline number is 02926 788400. Alternatively, you may write to them:
Information Commissioners office
17 Churchill Way