What this policy covers
Abbeystoke Limited, trading as Castlefields Computer Consultants are committed to protecting the privacy and security of your personal information.
This policy does not form part of any agreement and may be updated at any time.
Identity of the data controller
We are a data controller for any personal information that we hold relating to you. This means that we are responsible for determining how information relating to you is used, stored and shared.
Categories of personal data we process
We may collect, store and use the following categories of personal information about you:
∑ Your full name
∑ Your contact details, such as your phone numbers and email addresses
∑ Details of your employment, such as the company you work for and the position you hold
Sources of personal data
We collect personal information relating to you directly from you as you may have got in contact with us directly as you are interested in our products and services.
We may also be passed your information by a 3rd party as they have referred you to us due to the products and services that we provide.
Your business or employer may also provide us with your personal information where they deem it necessary to do so, or where your business or employer are interested in our products and services.
Our lawful bases for processing your data
We will process your personal data in the following circumstances:
∑ Where it is necessary to do so in order for us to administer a contract which we have entered in to with your business or employer.
∑ Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests.
∑ To comply with relevant legislation and regulation.
Our purposes for processing your data
∑ Administering the contract that we have entered in to with your business or employer.
∑ To provide information to you relating to our products and services.
∑ To liaise with you when necessary regarding our products and services.
We may gather information about your general internet usage by using cookies. Where used, these cookies are downloaded to your computer and stored on the computerís hard drive. Such information will not identify you personally. It is statistical data that does not include, and cannot be used to retrieve, any personal data whatsoever.
We may gather cookies for the purpose of improving our website.
You can adjust the settings on your computer to decline cookies if you wish. You can also delete any existing cookies from your computer at any time.
Who has access to your data?
We may share your personal data with third parties where required by law, where it is necessary to administer the contract we have entered in to with your business, or where we have a legitimate interest to do so.
Recipients of your data may include third-party service providers, our parent or sister companies, or a regulator.
Where we do so, we will require third parties to respect the security of your data and to treat it in accordance with the law.
Security of your data
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised manner, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a legitimate business need to know.
We have put in place procedures to identify and deal with any suspected data security breaches and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
How we decide how long to retain your data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal or contractual requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process your personal data, whether we can achieve those purposes through other means, and the applicable legal requirements.
Under data protection law you have several rights relating to the personal data we hold about you. These rights only apply in specific circumstances and should you wish to exercise any of these then please get in touch with us on the contact details at the bottom of this notice.
You have the right to:
∑ Request access to, and a copy of the personal data that we hold relating to you.
∑ Request correction of the personal data that we hold relating to you if you believe it is inaccurate or incomplete.
∑ Request erasure of your personal data in specific circumstances, such as; if our processing of your personal data is based upon legitimate interests and you believe it is no longer necessary; or if you believe we have processed your personal data unlawfully or not for the purposes which it was intended.
∑ Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
∑ Request to restrict the processing of your personal data in specific circumstances, such as; you have requested that your personal data is corrected and want to restrict processing whilst we correct it; where you believe our processing is unlawful but do not want us to erase your personal data; where we no longer need to store your personal† data but you require us to do so to enable you to exercise or defend a legal claim.
∑ Data portability in particular circumstances, meaning that you can request for your personal data to be securely moved, copied or transferred from our IT environment to another. This will only apply if our lawful basis for processing your data is consent or performance of a contract, and we are processing your data by automated means.
If you believe we have not complied with your rights, you can complain to the Information Commissionerís Office by visiting their website https://ico.org.uk/
Automated decision-making and profiling
We do not conduct any automated decision-making or profiling with your personal data.
Changes to this Privacy Notice
The company reserves the right to update this privacy notice at any time. We recommend that you regularly visit our website to review the most up to date version.
If you wish to discuss this privacy notice with us, or you wish to exercise any of your rights then please contact our Data Protection Officer, Lewis Jenkinson, by emailing firstname.lastname@example.org or by writing to 22 Eaton Avenue, Matrix Office Park, Euxton, Lancashire, PR7 7NA.