Client Privacy
Policy
What this policy covers
Abbeystoke Limited, trading as Castlefields Computer Consultants are committed to protecting the privacy and security of your personal information.
This privacy policy describes how we collect and use personal information relating to you.
This policy does not form part of any agreement and may be updated at any time.
Identity of the data
controller
We are a data controller for any personal information that we hold relating to you. This means that we are responsible for determining how information relating to you is used, stored and shared.
Categories of personal
data we process
We may collect, store and use the following categories of personal information about you:
· Your full name
· Your contact details, such as your phone numbers and email addresses
· Details of your employment, such as the company you work for and the position you hold
Sources of personal
data
We collect personal information relating to you
directly from you as you may have got in contact with us directly as you are
interested in our products and services.
We may also be passed your information by a 3rd
party as they have referred you to us due to the products and services that we
provide.
Your business or employer may also provide us with your
personal information where they deem it necessary to do so, or where your
business or employer are interested in our products and services.
Our lawful bases for
processing your data
We will process your personal data in the following
circumstances:
·
Where it is necessary to do so in order for us to administer
a contract which we have entered in to with your business or employer.
·
Where it is necessary for our legitimate interests and your
interests and fundamental rights do not override those interests.
·
To comply with relevant legislation and regulation.
Our purposes for
processing your data
·
Administering the contract that we have entered in to with
your business or employer.
·
To provide information to you relating to our products and
services.
·
To liaise with you when necessary regarding our products and
services.
Use of cookies
We may gather information about your general internet
usage by using cookies. Where used, these cookies are downloaded to your
computer and stored on the computer’s hard drive. Such information will not
identify you personally. It is statistical data that does not include, and cannot
be used to retrieve, any personal data whatsoever.
We may gather cookies for the purpose of improving our
website.
You can adjust the settings on your computer to
decline cookies if you wish. You can also delete any existing cookies from your
computer at any time.
Who has access to your
data?
We may share your personal data with third parties
where required by law, where it is necessary to administer the contract we have
entered in to with your business, or where we have a legitimate interest to do
so.
Recipients of your data may include third-party
service providers, our parent or sister companies, or a regulator.
Where we do so, we will require third parties to
respect the security of your data and to treat it in accordance with the law.
Security of your data
We have put in place appropriate security measures to
prevent your personal data from being accidentally lost, used or accessed in an
unauthorised manner, altered or disclosed. In addition, we limit access to your
personal data to those employees, agents, contractors and other third parties
who have a legitimate business need to know.
We have put in place procedures to identify and deal
with any suspected data security breaches and will notify you and any
applicable regulator of a suspected breach where we are legally required to do
so.
How we decide how long
to retain your data
We will only retain your personal data for as long as
necessary to fulfil the purposes we collected it for, including for the
purposes of satisfying any legal or contractual requirements.
To determine the appropriate retention period for
personal data, we consider the amount, nature, and sensitivity of the personal
data, the potential risk of harm from unauthorised use or disclosure, the
purposes for which we process your personal data, whether we can achieve those
purposes through other means, and the applicable legal requirements.
Your rights
Under data protection law you have several rights
relating to the personal data we hold about you. These rights only apply in
specific circumstances and should you wish to exercise any of these then please
get in touch with us on the contact details at the bottom of this notice.
You have the right to:
·
Be informed about what data we hold
about you and how we process that data. The purpose of this privacy policy is
to explain this to you.
·
Request access to, and a copy of the personal
data that we hold relating to you.
·
Request correction of the personal data that
we hold relating to you if you believe it is inaccurate or incomplete.
·
Request erasure of your personal data in
specific circumstances, such as; if our processing of your personal data is
based upon legitimate interests and you believe it is no longer necessary; or
if you believe we have processed your personal data unlawfully or not for the
purposes which it was intended.
·
Object to processing of your personal data where
we are relying on a legitimate interest (or those of a third party) and there
is something about your particular situation which makes you want to object to
processing on this ground.
·
Request to restrict the
processing
of your personal data in specific circumstances, such as; you have requested
that your personal data is corrected and want to restrict processing whilst we
correct it; where you believe our processing is unlawful but do not want us to
erase your personal data; where we no longer need to store your personal data but you require us to do so to enable
you to exercise or defend a legal claim.
·
Data portability in particular
circumstances, meaning that you can request for your personal data to be
securely moved, copied or transferred from our IT environment to another. This
will only apply if our lawful basis for processing your data is consent or
performance of a contract, and we are processing your data by automated means.
If you believe we have not complied with your rights,
you can complain to the Information Commissioner’s Office by visiting their
website https://ico.org.uk/
Automated
decision-making and profiling
We do not conduct any automated decision-making or
profiling with your personal data.
Changes to this Privacy
Notice
The company reserves the right to update this privacy
notice at any time. We recommend that you regularly visit our website to review
the most up to date version.
Contacting Us
If you wish to discuss this privacy notice with us, or
you wish to exercise any of your rights then please contact our Data Protection
Officer, Lewis Jenkinson, by emailing info@creditsolutionsgroup.co.uk or by writing to 22 Eaton
Avenue, Matrix Office Park, Euxton, Lancashire, PR7 7NA.