This policy was last updated: 23 May 2018

Policy Statement

This privacy policy sets out how Cumbria Computer Repairs uses and protects any personal information that you give to us when you use this website. Cumbria Computer Repairs is committed to ensuring that your privacy is protected and we will take the necessary steps to ensure that personal information is safeguarded and kept in accordance with the law and any applicable regulations.

Cumbria Computer Repairs may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

Use of this website constitutes your legal agreement to the terms contained within this Policy. If you do not accept these terms, you are advised not to use the website.

About us

Cumbria Computer Repairs provides a computer repair service. We can be contacted by email to support@cumbriacomputerrespairs.co.uk, by phone on 01228 576090 or 01228 217100, and by post at:

Cumbria Computer Repairs
Midtown Farm
Kirkbampton
Carlisle
Cumbria
CA5 6JB.

Where we manage personal data, we identify as a Data Controller and recognise and act on our obligations under applicable data protection laws. We are registered with the Information Commissioner’s Office (ICO) reference number Z2980446.

The person responsible for Data Protection is Paul Brown.

What data do we collect?

Information that you provide to us is retained and processed in accordance with UK data protection legislation.

Types of personal information collected:

  • name and job title
  • contact information including email address
  • demographic information such as postcode, preferences and interests
  • other information relevant to customer surveys and/or offers

Sources of personal information collected:

Blog: We use WordPress to publish our blog and anonymous information to track users’ activity in relation to the blog. If you wish to post a comment on the blog, you will be asked to give your name and email address. Email addresses do not appear publicly.

Contact: We use a contact form to collect your name, email and phone number as well as your message, so that we can contact you and provide details of our services to you, provide support and deal with general company enquiries. Data is held on the grounds of being legitimate to our business interests.

Emails: We retain copies of emails sent to us on our servers which are hosted on Office 365 in the Cloud. For details of how your data is handled by this third party you should refer to their Privacy Policy at www.privacy.microsoft.com. Your personal information will be held by us in accordance with this Privacy Policy.

Phone calls: Phone calls to us may be recorded and any data relating to the call may be retained by us. The data will be held on the basis of being for our legitimate business needs or in order to fulfil our contractual obligations if you are a client of ours.

Social media: We use social media to engage with users and the Cumbria Computer Repairs website links to our Facebook, Google+, Twitter, YouTube and LinkedIn pages. We do not keep any specific data that identifies you as an individual user, but hold details of our followers on these platforms. You should refer to the Privacy Policies of these channels to understand how they treat your data in relation to linking to our site.

Facebook:     https://www.facebook.com/privacy/explanation

Google+:       https://policies.google.com/privacy

LinkedIn:         https://www.linkedin.com/legal/privacy-policy

Twitter:            https://www.twitter.com/en/privacy

YouTube:        https://policies.google.com/privacy

If you send us a direct message via social media, the details may be retained by us only as relevant to any ongoing contract or to further our legitimate business interests or as required for legal purposes. The third party provider may also retain details in accordance with their Privacy Policy.

Testimonials/Feedback: We may contact you for a testimonial in relation to our services that may be used on our website or social media. Your comments may be added to our testimonial page on www.cumbriacomputerrespairs.co.uk including your full name and location.

Payment

Cumbria Computer Repairs do not record personal bank details or hold identifying information on an individual’s banking transactions.

Where payments are made by debit or credit card, we are obliged to adhere to the Payment Card Industry Data Security Standard (PCI-DSS) which outlines a number of specific technical and organisational measures that must be followed when data is being processed.

Children

We do not market this website at those under 18 years old. Consistent with the GDPR we will never knowingly request personally identifiable information from anyone under the age of 16 years old.

Information we get from other sources

From time to time, we may need to obtain information from third parties about you. This will only apply where it is necessary to provide our services and as permitted by law.

How we use your personal information

Your information will be used by us to enable us to provide our services to you. We act as a Data Controller (see below) of your information and undertake to protect your personal and sensitive data in a manner that is consistent with the requirements of the General Data Protection Regulation (GDPR). We will take reasonable measures to ensure the secure storage of your data.

Personal data submitted on this website will be used for the purposes specified in this Privacy Policy, to include the following:

  • administer the website;
  • internal record keeping
  • improve your browsing experience by personalising the website;
  • follow up with email enquires;
  • send you general (non-marketing) communications;
  • send you email notifications which you have specifically requested;
  • send to you marketing communications, where expressly agreed;
  • provide third parties with statistical information about our users – but this information will not be used to identify any individual user;
  • ask for feedback and reviews or to conduct market research;
  • improve the products or services that we offer;
  • deal with enquiries and complaints made by or about you relating to the website.

Users of this website do so at their own discretion and provide any such personal details at their own risk.

Sharing Information

Disclosure

We don’t share, sell, or distribute your data to third parties, except as contractually agreed with you or as provided in this Privacy Policy.

We may disclose your personal information if we are required to do so by law, in connection with any legal proceedings, and in order to establish, exercise or defend our legal rights, or if otherwise legally permitted.

Data Processors

We may use Data Processors who act on our instruction in relation to the management of your data and they must adhere to all data protection laws and regulations. We will ensure that any Data Processors used only operate on our written instructions and comply with their obligations under the GDPR.

You will be informed of any other Data Controllers who have access to your data and who may determine processing activities separately to us, or as a Joint Data Controller.

Marketing

We will only send you emails about our services, i.e. direct marketing, with your express consent. You have the option not to give consent or to withdraw consent at any time. You may withdraw your consent for us to contact you by contacting us at support@cumbriacomputerrespairs.co.uk.

Non-personally identifiable visitor information may be provided to third parties for marketing, advertising or other uses.

External links

Users of the Cumbria Computer Repairs website are advised to adopt a policy of caution before clicking on any external web links. Clicking an external link will take the user away from our website. Once you leave our website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s terms and conditions.

Cumbria Computer Repairs cannot guarantee or verify the contents of any externally linked website and users click on external links at their own risk. Cumbria Computer Repairs and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Social media platforms

Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are subject to our terms and conditions as well as the privacy policies held with each social media platform respectively.

Users are advised to use social media platforms wisely and communicate and/or engage with them with due care and caution in regard to their own privacy and personal details. This website nor its owners will not ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.

Cumbria Computer Repairs uses social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised that before using such social sharing buttons, that they do so at their own discretion, and should consider that the social media platform may track and save requests to share a web page, through the users’ social media platform account.

Retaining your data

We keep your personal information in accordance with our Data Retention Policy which reflects our needs to provide services to you as contracted and also as required to meet legal, statutory and regulatory obligations. The need to hold information is regularly reviewed and information/data will be disposed of when no longer required.

Data Security and Storage

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Any information that you supply to us may be stored and processed at our office premises and on servers used for 3rd party processing (see above list). Your data may be transferred in accordance with the relevant data protection laws.

Data Subject Rights

Subject Access Requests

The General Data Protection Regulation (GDPR) gives data subjects (i.e individuals), the right to access personal data held by a company by making a subject access request (SAR). We will endeavour to respond quickly to any such requests, which legally require us to respond within one month of receiving the request and necessary information. To make a SAR request email us at support@cumbriacomputerrespairs.co.uk

Right to Rectification

Data subjects have the right to request that we amend or change personal information that we hold about you, that is inaccurate or incorrect.

Right to erasure

Data subjects have the right to ask us to delete personal information from our systems without giving any reason and at any time. We will act on any request without delay.

Right to restrict processing

Data subjects have the right to rectification or erasure of personal data in the following circumstances:

  • Personal data is not accurate;
  • The processing of data is unlawful – data subjects may request that processing is restricted;
  • Data is required to exercise legal rights or defend legal claims;
  • Data is unlawful but there may be lawful grounds for processing, which override this right.

Right to data portability

Data subjects have the right to obtain and transfer their data to different service providers.

Right to object

Data subjects have the right to object to the processing of data at any time based on their particular situation. This includes objecting to profiling unless it is in the ‘public interest’ or exercised lawfully by an official authority. We will only process data under lawful grounds.

Right not to be subject to decisions based on automated processing

We do not use any automated processing that results in any automated decision based on a data subject’s personal information.

Using your rights

If you wish to invoke any of these rights, you should contact the person responsible for data protection by emailing us at support@cumbriacomputerrespairs.co.uk

Data Breaches

We will report any unlawful breach of data as required by the GDPR within 72 hours of the breach occurring, if it is considered that there is an actual, or possibility, that data within our control including the control of our data processors, has been compromised. If the breach is classified as ‘high risk’ we will notify all data subjects concerned using an appropriate means of communication. We will report any relevant breaches to the ICO, see below.

Important Information

Questions and queries

If you have any concerns about how we handle your data, you can contact the Data Controller by email to support@cumbriacomputerrespairs.co.uk

Changes to this policy

We reserve the right to change this Privacy Policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. You will be deemed to have accepted any changes to the terms of the privacy policy on your next visit of the website following the amendment.

Complaints

If you wish to raise a concern about the use of your data, you can contact us by email to support@cumbriacomputerrespairs.co.uk. Alternatively, you can formally raise a concern or complaint to the Information Commissioner’s Office (ICO) directly on 0303 123 1113, or see the options for reporting issues on https://ico.org.uk/concerns/

No Waiver

No failure or delay by us in exercising any of our rights in accordance with this Privacy Policy or our terms and conditions shall be deemed to be a waiver of that right, and no waiver of a breach of any provision of the Agreement shall be deemed to be a waiver of any subsequent breach of the same or any other provision.

Severance

If one or more of the provisions of this Privacy Policy or our terms and conditions is found to be unlawful, invalid or otherwise unenforceable, those provision(s) shall be deemed severed from the remainder of these terms and conditions and shall remain enforceable.

Third Party Rights

The terms of this Privacy Policy shall not confer rights on any third parties.

Jurisdiction and Governing Law

The terms of this Privacy Policy and all disputes, whether contractual or otherwise, arising out of or in connection with the policy are governed by and shall be construed in accordance with the laws of England and Wales and each party submits to the exclusive jurisdiction of these courts.