Effective Date 25.05.18
About this Privacy Notice
Data Network Solutions is committed to protecting your personal data when you are using our services. Personal data is any information relating to an identifiable living person who can be directly or indirectly identified in particular by reference to an identifier such as a name, address, email and ISP addresses and cookies.
This privacy notice relates to our use of any personal data that we collect from you whether in the course of the supply of Hosted Services, On Site Repairs and Installations, Website interaction, or the provision of any other associated products and services.
We will comply with data protection law which requires that personal data we hold about you is:
- Used lawfully, fairly and in a transparent way;
- Collected only for valid purposes that we have clearly explained to you and not used in any way incompatible with those purposes;
- Relevant to the purposes we have told you about and limited only to those purposes;
- Accurate and kept up to date;
- Kept only as long as lawfully necessary for the purposes we have told you about; and
- Kept securely.
This privacy notice will, therefore, inform you as to who we are, what personal data we collect, the purposes for which we use it, for how long we retain it and how we keep it secure, your rights in relation to your personal data and how you can contact us to discuss, query or obtain details of the personal data we hold about you.
- Who we are
- Whose personal data we process
- Why we process your personal data
- Personal data sources
- How we will inform you about our privacy notice
- The purposes for which your personal data is collected and processed
- Who we will share your personal data with
- Transferring your data outside of the European Economic Area
- Safeguarding your personal data
- How long we retain your personal data
- Your rights as a data subject
- Reporting a concern to us or to the Information Commissioner’s Office
- Your right to lodge a complaint with a supervisory authority
- The automated decision-making processes we operate
- Other Websites
- Getting in touch with us
1 - Who we are
Data Network Solutions, Unit 36D, Icknield Way Farm Business Park, Tring Road, Near Dunstable, Bedfordshire, LU6 2JX. Data Network Solutions is a data controller and is registered with the Information Commissioner’s Office (ZA694944).
We supply IT Consultancy, Hardware and Software, Hosted online Services such as MS Exchange, Office, Anti-Virus and CRM Solutions…
How to Contact Us
We operate from one location and can be contacted directly about your personal data on the details below:
The Data Protection Manager Data Network Solutions Unit 36D Icknield Way Farm Business Park Tring Road Near Dunstable Bedfordshire LU6 2JX
- Telephone Number: 0330 9000 090 (Monday to Friday 09:00 to 17:00)
- Email: firstname.lastname@example.org
- Website: https://www.dns-uk.biz
2 - Whose personal data we process
We collect and process personal data about our:
- suppliers and service providers;
- advisers, consultants and other professionals;
- enquirers and complainants.
3 - Why we process your personal data
We collect and process personal data:
- with your consent; and/or
- to perform the contract we have entered with you (or discharge other contractual obligations); and/or
- to comply with our legal obligations; and/or
- to pursue our legitimate interests (and your rights do not override our interests).
4 - Personal data sources
We can collect personal data from any number of sources including:
- Information you provide by visiting our website (www.dns-uk.biz), filling in forms online requesting our products and/or services, contacting us and contracting with us;
- Publicly available information such as Companies House, Linkedin and search engines such as Google;
- Third party providers such as debt recovery agencies, contractors and business introducers.
5 - How we will inform you about our privacy notice
You can request a free hard copy of this privacy notice by contacting us using the details set out above.
Where we obtain your personal data indirectly, for example from a business contact or website, we will inform you where you can access this privacy notice within one month of obtaining that data. We will not use your personal data for any purposes other than those set out below without first informing you. Changes made to this privacy notice will be updated on our website and clearly signposted on our key documents.
6 - The purposes for which your personal data is collected and processed
We collect personal data with the overall aim of providing a better service to all of our customers and industry partners.
We will not collect sensitive personal data from you. For example, we will never ask for or process data relating to race, religion or ethnicity.
The personal data categories identified below are relevant and specific for the products and services that we offer or obtain. The listing also describes how and why we process them.
6.1 - Name, address and contact details (including company details, contact names, telephone numbers and email addresses)
This data allows us:
- To carry out our obligations arising from any contracts entered into between you and us including delivery of product, invoicing and reporting; and
- To provide you with information on products and/or services you specifically request from us or which we believe may be of interest to you.
If you are an existing customer we will only contact you by email and/or telephone with information about products and/or services similar to those which we have previously supplied to you.
If you are a new customer, and where we permit selected third parties (such as Microsoft, Spitfire, 3CX,) to use your data, we (or they) will contact you by email and/or telephone only with your consent.
If you do not want us to use your personal data to market to you by email and/or telephone or pass on your details to third parties for marketing purposes, please, unsubscribe by using the link in the relevant email. Please note it might take up to 30 days for us to update our records.
On occasions we will share your contact details with our agents (such as third party suppliers) who may need to contact you to arrange, for example, the delivery of Hardware, Software or Engineers visiting Site. Or the supply of other associated products and services on our behalf.
Most contact details will be provided by you at the point that you make an online enquiry or request or provide a quotation. In some cases, we may need to obtain alternative contacts (for example a Office manager) who may be best suited to assist us should we have a specific query. Where we have no contact details, we may sometimes take proactive steps to collect data using desktop research (such as internet searches).
There may be an impact on the level of service we provide should we have only limited or inaccurate contact details.
6.2 Employment and education details
This data allows us to carry out recruitment. We will dispose of all unsuccessful candidates' data securely.
6.3 Bank and payment details
This data may be provided to us at the start of or at any time during our business relationship with you. Such data can relate to the setting up of a direct debit, which we will process in accordance with the direct debit guarantee scheme.
We do not take credit and debit card payments over the telephone and will not ask you to confirm your bank details by email and over the telephone should we need to make any payments to you.
These processing activities allow us charge you for our products and services and make payments to you.
6.4 Telephone call recordings
External telephone calls are recorded for training, security and auditing purposes and stored for 30 days. Calls regarding complaints or confirmation of contractual status may be kept on record for the duration of the Contract.
6.5 Electronic and hardcopy correspondence and other documentation
We may collect and process electronic and hardcopy correspondence and other documentation (such as emails, invoices, contracts, tenders and letters) as part of either a contractual obligation or a wider legitimate interest.
When you contact Data Network Solutions for any reason, we may keep a record of our communication to help us deal with any queries and/or to support our customer service delivery operation.
6.6 IP addresses and cookies
When you access our website and web portal we may collect data relating to your computer including its IP address. Such data is anonymous in its form and allows us to carry out statistical analysis of browsing behaviour.
The cookies provide us with anonymous information showing us the number of visitors to our website, the device used to access it and which web browser they are viewing it on. This data allows for statistical analysis and helps us understand our customer behaviour better and optimise your online experience. Cookies, also, provide a convenience feature to save you time. For example if you personalise a web page or navigate within a site, a cookie helps the site to recall your specific information on subsequent visits. This simplifies the process of delivering relevant content and eases site navigation.
For further information visit www.aboutcookies.org or www.allaboutcookies.org
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.
7 - Who we will share your personal data with
We may share your personal data with:
- Regulatory authorities (such as Trading Standards), Government departments (such as HMRC) or the police in order to comply with any legal obligations or to assist in fraud prevention and detection;
- Credit agencies (for the purpose of credit risk management), and professional advisors to enforce or apply the terms of any contracts between us and you;
- Third party suppliers where we have subcontracted to them the performance of any or all of our obligations under our contract with you;
- The buyer and its professional advisors should we wish to sell any or all of our business and/or our assets in which case personal data we hold about our customers will potentially be one of the assets we sell; and
- Other third parties where we reasonably believe that such action is necessary to comply with a legal obligation, or to protect our rights and property, or act in urgent circumstances to protect the personal safety of users of our products or services or members of the public.
8 - Transferring your data outside of the European Economic Area
Some of our processing activities may involve your personal data being transferred to a third party agency who may in turn process your data outside of the European Economic Area (EEA). In such instances the transfer of data outside of the EEA is necessary for the performance of a contract between ourselves and that of our processing partner.
9 - Safeguarding your personal data
Data Network Solutions takes all reasonable steps to ensure that appropriate safeguards are in place to protect your personal data. We have policies in place dealing with information security (both physical and digital) and data breaches. We ensure that we can process your data securely and safely. Safeguards are regularly reviewed as part of our wider data protection policy which sets out how we aim to preserve the confidentiality, integrity and availability of personal data we hold.
10 - How long we retain your personal data
Your personal data will be retained by us for as long as there remains a valid lawful basis for retaining it. We will keep data retention under regular review.
Accounting information (such as invoices) will be retained for at least 6 years in line with current tax legislation. Contractual documentation will be held for at least 6 years.
Any other information such as IP Addresses, Usernames, Password, Site credentials will be kept on record for 3 Years and reviewed within the 36 month period for further valid consent.
11 - Your rights as a data subject
To ensure fair and transparent processing it is important that we inform you of your rights with regards to how your personal data is processed. Where you wish to exercise a right, we have signposted the best contact details for you to get in touch with us. Naturally we will need to confirm your identity before your request can be processed.
11.1 - Your right to be informed
This is our privacy notice which informs you of who we are, why we are processing your personal data, with whom we share your personal data and how we have collected it. These details are set out above. Our privacy notice can be found on our website and is signposted on our web portals and other key business documentation (such as on contracts and invoices). We can provide this notice in hard copy, soft copy or orally on request.
If you would like to discuss this privacy notice or suggest ways which we could improve the content or its communication then please contact Adam Rowdon on 0330 9000 090 who or email email@example.com.
11.2 - Your right to access
As a data subject you have the right to access the personal data we hold about you and check that we are lawfully processing it.
To make a data subject access request (DSAR) is free and can be done in writing by emailing us at firstname.lastname@example.org or alternatively writing to us at:The Data Protection Manager Data Network Solutions Unit 36D Icknield Way Farm Business Park Tring Road Near Dunstable Bedfordshire LU6 2JX
You can also speak to Adam Rowdon should you have any questions or queries relating to a DSAR. In line with legal requirements we do not have a data protection officer due to the nature and volume of our processing activities. However, we have appointed a data protection manager who will act in an equivalent capacity.
Once we receive your request we will ask you to verify your identity and ask you to specify the data or processing activity that you require so that we can confirm your expectations and respond within one month.
We do have the right to refuse a DSAR should it be manifestly unfounded or excessive and we can apply a reasonable fee and/or extend the time to respond should the request be complex (in which case you would be informed within 30 Days). We do have the right to charge a reasonable fee if you make numerous requests for the same information.
11.3 - Your right to rectification
Where personal data is inaccurate or incomplete you have the right for it to be rectified on our systems. In such cases we will act promptly to put things right.
So that we can quickly resolve your query we may ask you to provide some supporting evidence to show that the data needs to be altered.
If you require your personal data to be rectified you can speak to Adam Rowdon on 0330 9000 090 who will put you in contact with the data protection manager or email email@example.com.
11.4 - Your right to erasure
This enables you to ask us to delete or remove personal data where there is no good reason for us to continue to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to withdraw consent (see below).
Sometimes, however, we may refuse a request to erase such data in order, for example, to comply with a legal obligation.
If you require your personal data to be erased you can speak to Adam Rowdon on 0330 9000 090 or email firstname.lastname@example.org.
11.5 - Your right to restricted processing
This enables you to ask us to restrict the processing of your personal data. For example, if you do not want us to erase your data you may ask us to restrict our processing activities instead. A good example would be electronic invoicing.
If you wish for restricted processing to be applied to your personal data you can speak to Adam Rowdon on 0330 9000 090 or email email@example.com.
11.6 - Your right to data portability
To help strengthen your control over your data, you have the right, in certain circumstances, to receive personal data from us in a format which allows you to easily access it. For example, you may want your invoicing data in an Excel format.
We may ask you to specify what data you wish us to provide to you, or we may direct you to an existing service that we already provide where you can freely obtain the information. Where we can we will try and provide you the data in a common format which is transferable with other data controllers.
Should you wish to exercise your right to data portability you can speak to Adam Rowdon on 0330 9000 090 or email firstname.lastname@example.org.
11.7 - Your right to withdraw consent
In circumstances where you may have provided your consent to the processing of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing activity at any time. To withdraw your consent you can speak to Adam Rowdon on 0330 9000 090 or email email@example.com.
Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose or purposes you originally agreed to, unless we have another lawful basis for doing so such as a contractual or legal reason.
11.8 - Your rights relating to automated decision making
Details of what automated decision-making activities we carry out are described below in paragraph 14. If you wish to speak to a member of our team to understand the decision made, obtain an explanation of the decision and challenge it you can speak to to Adam Rowdon on 0330 9000 090 or email firstname.lastname@example.org.
We may reject your request not to be subject to automated decision making where such activity is a necessary step in our contracting process or is required in the performance of a contract between us.
12 - Reporting a concern to us or to the Information Commissioner’s Office
If you have a concern regarding how we handle your personal data then we kindly request that you inform us about it first so that we can work with you in an effort to resolve it.
You can report a concern or raise a complaint with us initially by contacting your usual contact or speaking to Adam Rowdon on 0330 9000 090 or email email@example.com.
Alternatively, you can write to us by sending your letter to:
The Data Protection Manager Data Network Solutions Unit 36D Icknield Way Farm Business Park Tring Road Near Dunstable Bedfordshire LU6 2JX
We aim to acknowledge your complaint within two business days and provide a resolution within 28 days. If we are unable to meet this timescale we will write to notify you in advance.
If you are not satisfied with our proposed resolution to your complaint you can raise the matter directly with the Information Commissioner’s Office (ICO). The ICO will take steps to address your concern and provide guidance and support to us to so that we can put things right.
Data Network Solutions is a data controller and is registered with the Information Commissioner’s Office (ZA694944)
Details as to how to get in touch with the ICO or report a concern can be found on their webpage https://ico.org.uk/concerns/
13 - Your right to lodge a complaint with a supervisory authority
If you consider that the processing of personal data infringes any of your rights set out in paragraph 11, you have the right to lodge a complaint with the relevant supervisory authority in the European State that you reside, or work or in the place of the alleged infringement; the relevant supervisory authority for the UK is the Information Commissioner's Office.
The supervisory authority with which the complaint has been lodged shall inform you of its progress and the outcome of the complaint including the possibility of a judicial remedy.
14 - The automated decision-making processes we operate
We do not use automatic decision processes that you should be aware of.
15 - Other Websites
16 - Getting in touch with us
If you would like to discuss this privacy notice or suggest ways in which we could improve the content or its communication then please contact us on 0330 9000 090 or firstname.lastname@example.org.