Privacy Policy

Who we are?

We at PC Net Solutions Ltd  are registered with the Information Commissioners Office as a Data Controller registration number ZA467240 . We are specialists in the provision of IT-related support services and operate from:

Mercury House, Shrewsbury Business Park, Shrewsbury, Shropshire, SY2 6LG and Stafford Enterprise Park, Weston Road, Stafford, Staffordshire, ST18 0BF.

Your Privacy

Your privacy matters to us, and we are committed to the highest data privacy standards, confidentiality and adherence with the Data Protection Act 2018 and UK GDPR.

. To disclose this to you, our Privacy Notice includes the following:

  • What data we collect from you.
  • How and why we process it.
  • Who we share it with and why.

We adopt the six core principles of data protection which are:

  1. Lawfulness, fairness and transparencywe process personal data lawfully, fairly and in a transparent manner in relation to you, the data subject.
  2. Purpose limitationwe only collect personal data for a specific, explicit and legitimate purpose. We clearly state what this purpose is in this Privacy Notice, and we only collect data for as long as necessary to complete that purpose.
  3. Data minimisationwe ensure that personal data we process is adequate, relevant and limited to what is necessary in relation to the processing purpose.
  4. Accuracywe take every reasonable step to update or remove data that is inaccurate or incomplete. You have the right to request that we erase or rectify erroneous data that relates to you, and we will complete this task as soon as possible but guarantee to do so within a month.
  5. Storage limitationwe delete personal data when we no longer need it. Whilst the timescales in most cases aren’t set, we outline our retention strategy within this Privacy Notice.
  6. Integrity and confidentialitywe keep personal data safe and protected against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Collection of your Personal Data

We may collect your personal information via disclosure directly from you, your employer or through referral. This might be via our website, email, telephone or face-to-face engagement.

Categories and Type of Personal Data Collected and processed.

We will collect contact details from you in order to provide our services or respond to your enquiries. These will include:

  • Name
  • Address
  • Telephone number(s)
  • Email addresses

We will gain additional personal information from individuals who apply to us for employment, which will be relative to determining their suitability and qualification for any job vacancies we have.

We may also capture some data which can be considered as personal data when you visit our website and further information is given in our Cookie policy which is available on the website.

Our website or news updates may contain links to other organisations websites, for which we are not responsible. You should ensure that you are aware of their Privacy and Cookie information provided by any site which you link onto.

During the provision of our services, we may have access to a variety of personal data which is held in our client’s devices or systems, which may include that of employees or their customers. Whilst that access may be available to us, we will not actively collect, copy or use such personal data for our own purposes and will only access devices or systems under authorisation of our clients.

We will treat all personal data as sensitive and acknowledge that we may at times also process special category data.

Reason for Data collection and processing activities.

Contact information is captured to enable us to contact you through various communication channels on matters directly related to the services you have contracted us to provide.

We may also use your data to inform you of changes to our services, developments in technology, threats to security of your data and general IT related topics of interest. We may also use your data to provide promotional offers for products or services which we believe will be of interest to you.

Sharing of Personal Data

During the delivery of our service to you, we may share your data with other companies who are critical to us for the effective provision of services required and in enabling communication with you. These companies will be Data Processors to PC Net and are contractually required to only process your personal data in accordance with contracted terms; which requires them to ensure your data is protected using appropriate technical and organisation measures.

A full list of processors is available on request.

We may also need to share your data in order to meet our commercial legal obligations, respond to requests from regulatory bodies or for our own legal defence.

We will never sell your personal data or allow those we share it with to use it for their own marketing purposes.

Securing and Processing of your Personal Data

The personal data collected from you will be held securely on encrypted servers and access to it will be limited to only those employees who need it.

We employ a range of Technical and Organisational measures to ensure that your data remains secure and cannot be accessed by unauthorised persons, mis-used, lost or altered. Our staff work under the provisions of strict confidentiality requirements and receive training in our data security policies and procedures.

These measures are also employed when we have access to personal data for which our clients are responsible to ensure that all access is authorised, monitored and in situations where that data is held physically or electronically by us is maintained in a secure environment.

In the unlikely event that we lose your data, or a device on which your data resides, or it is accessed by someone unauthorised, we have a duty to inform you immediately. If the loss or unauthorised access of your data has potential to cause you harm, we will also report this to the Information Commissioners Office, who are responsible for regulating data protection legislation in the UK.

https://ico.org.uk/

Our legal basis for processing your personal data

We are required to identify one of six possible legal grounds for processing. These are:

  • consent
  • contract
  • legitimate interests
  • vital interests
  • public task
  • legal obligation

The majority of our processing activities are crucial to the provision of the service which we enter into a contract with you to provide, so we process your personal data on the basis of that contractual relationship.

We also process your data under our legitimate interests when utilising various third-party systems through which to provide support or communications.

Legitimate Interest will also be our basis when processing your personal data to inform you about changes, technology developments, news, promotions or offers. You will always be given the option not to receive such contact from us.

How long do we keep your personal data for

We will retain your data for the duration of the contracts we have with you and on expiry for the duration required to meet all our legal obligations. This will typically be seven years.

If you applied to us for employment and were not successful, we will not hold your personal data for longer than twelve months.

Your rights in relation to personal data

Under the UK GDPR, you have rights to access and control your personal data. These rights include:

  • access to personal information
  • correction and deletion
  • withdrawal of consent (if processing data on condition of consent)
  • data portability
  • restriction of processing and objection
  • lodging a complaint with the Information Commissioner’s Office

You can exercise your rights by emailing our nominated responsible Director:

MPennington@epx.co.uk

If you are unhappy with anything we have done with your data, you have the right to complain to the Information Commissioners Office.

To make a complaint to the Information Commissioners Office use the link below or call their hotline on Tel No.: 0303 123 1113   

https://ico.org.uk/concerns/

How to contact us

For all data protection matters or questions relating to how we manage your data, you can contact our responsible Director:

Responsible Director:  Mark Pennington

Email: MPennington@epx.co.uk

or by writing to:

Mark Pennington (Data Controller)

c/o EPX Technical Services

Stafford Enterprise Park

Weston Road, Stafford

Staffordshire

ST18 0BF