We handle and protect your personal data with care.
Version 1.0 – 25th May, 2018
This Privacy and Data Protection Notice became effective as of 25th May, 2018.
At Contedia, we understand that we have a responsibility to protect and respect your privacy and look after your personal data.
This Privacy and Data Protection Notice, inclusive of our Terms and Conditions of Business, explains what personal data we collect, how we use your personal data, reasons we may need to disclose your personal data to others and how we store your personal data securely.
For clarity, Contedia may be both data controller and data processor for your personal data under certain circumstances.
We must advise that this policy is subject to change, so please check our website on a regular basis for any further changes.
Data Protection law changed on 25th May, 2018
This Privacy and Data Protection Notice sets out your rights under the new laws.
Who are we?
Contedia Limited is a provider of I.T. consultancy, equipment and software sales, installation, maintenance and support services and custom software and website development services. It also provides cloud and hosting services using the services of Microsoft and RapidSwitch (part if the Iomart Group). Contedia has a registered office at Technology House, 35 Southgate, Pontefract, West Yorkshire, WF8 1LN and company number 04231393. Tim Guest is the registered Data Protection Officer for Contedia.
How the law protects you
Data protection laws state that we are only able to process personal data if we have valid reasons to do so. The reasons we process your personal data include, but are not limited to, your consent, performance of a contract, billing and to contact you.
How do we collect personal data from you?
We receive information about you from you when you use our website and complete online forms contact forms, if you contact us by phone, email, live-chat or otherwise in respect of any of our products and services or during the purchasing of any such product. Additionally, we also collect information from you when you sign up to receive our targeted marketing information, enter a competition, promotion or survey or when you inform us of any other matter.
If you provide us with personal data about a third party (for example when registering a domain on their behalf), you warrant that you have obtained the express consent from the third party for the disclosure and use of their personal data.
Your personal data may be automatically collected when you seek information about our products or services, receive a product or service, and it may include, but is not limited to, your IP address, device-specific information, server logs, device event information, location information.
What type of data do we collect from you?
The personal data that we may collect from you includes your name, employer’s address, your home address only if it required for the registration of a domain name or SSL/TLS certificate in your name, a business email address (or one which you provide us with on the basis of being used for business purposes), business phone numbers, including mobile phone numbers where you have provided it for use in the context of conducting our work for you and your employer, payment information and IP addresses. We may also keep details of your visits to our website including, but not limited to traffic data, location data, weblogs and other communication data. We also retain records of your queries and any correspondence we exchange in the event you contact us to request products or services.
Please be aware that any video, image, or other content posted, uploaded or otherwise made available by you onto your website, where it is hosted or developed and maintained by Contedia, whether published content or not, is not subject to our Privacy and Data Protection Notice.
We merely process such data on your behalf, subject to our Terms and Conditions of Business and you are responsible for any applicable legal requirements in respect of your content.
How do we use your data?
Contedia uses information about you in the following ways:
- To provide quotations for products and services
- To process orders that you have submitted
- To provide you with products and services
- To comply with our contractual obligations we have with you or your employer
- To help identify you as an agent or representative of any customer or supplier accounts
- To enable the review, development and improvement the company’s website and associated services
- To provide customer care, including responding to your requests if you contact us with a query, such as those of our support subscriptions
- To administer accounts, process payments and keep track of invoices and payments received
- To detect fraud and to make sure what you have told us is correct
- To carry out marketing and statistical analysis
- To review job applications
- To notify you about changes to our website and services
- To provide you with information about products or services that you request from us or which we feel may be of specific interest to you and your employer, where you have consented to be contacted for such purposes and by specific means
- To inform you of service and price changes
We will keep your personal data for the duration of the period you are an agent or representative of a customer or supplier of Contedia. We shall retain your data only for as long as necessary in accordance with applicable laws.
On the closure of your employer’s account, we may keep your data for up to 7-years after you have cancelled your services with us. We may not be able to delete your data before this time due to our legal and/or accountancy obligations. We may also keep it for research or statistical purposes. We assure you that your personal data shall only be used for these purposes stated herein and that any personal data which is no longer required and considered excess and unnecessary will be deleted, whilst an absolute minimum may be retained, as per the above requirements.
Who has access to your personal data?
Here is a list of all the ways that we may use your personal data and how we share the information with third parties. For clarity, we have grouped them into the specific products and services that we offer:
- Domain Names
We process your data for administration, billing, support and the provision of services. Your data (Registrant) may be sent to the domain registrar outside of the EEA, but only as a result of your wish to purchase such services, which require this information to be held on record.
- SSL/TLS Certificates
We process your data for administration, billing, support and the provision of services. Additionally, to provide details of the certificate owner to the certificate authority for its authentication and use. Owner data is provided to a certificate provider, which is outside the EEA.
- Website and Domain Name Hosting, Managed, Dedicated Servers and Virtual Servers
We process your data for administration, billing and the provision of services. Additionally, we maintain hosting and server account connection details for day-to-day management and support of the services. Only those employees of Contedia who have a direct requirement to use these details during the fulfilment of our contract with our customer have access to these.
- Email Hosting
We process your data for administration, billing, support and the provision of services. Additionally, to provide customer domain and user account connection details and use email addresses to provide the service. Only those employees of Contedia who have a direct requirement to use these details during the fulfilment of our contract with you or you as an employee of our customer have access to these. Where we provide Microsoft 365 services, the user data is shared with Microsoft in the EEA. Microsoft Exchange email shares data with third-party infrastructure in the EEA.
- Websites, Web Applications, Bespoke Software and Custom Applications
We process your data for administration, billing, the provision of development, maintenance and support services. Additionally, we maintain website, content management system (CMS), application/app and database user account connection details. Only those employees of Contedia who have a direct requirement to use these details during the fulfilment of our contract with our customer have access to these.
- Computer Hardware and Software
We process your data for administration, billing, the supply and installation or configuration, maintenance and support services. Additionally, we maintain user and administrator account connection details. Only those employees of Contedia who have a direct requirement to use these details during the fulfilment of our contract with our customer have access to these. Your data (as user or owner of the hardware or software) may be sent to the manufacturer, or an agent thereof, outside of the EEA, but only as a result of your wish to receive in or out of warranty maintenance or support.
- Third Parties
For the avoidance of doubt, we do not and never shall freely provide nor sell your personal data to third-parties for marketing or advertising purposes. We work closely with a number of third-parties (including business parties, service providers and fraud protection services) and we may receive information from them about you. These third-parties may collect information about you including, but not limited to, your IP address, device-specific information, server logs, device event information and location information.We use their features within our website, however, in some instances, they may be acting as data controller and they will have their own privacy policies, which we advise you to read.We may pass your personal data to third-parties for the provision of services on our behalf (for example processing your payment, registering a software product or domain name or to provide support to equipment and services they manage or provide etc.).However, we will only ever share information about you that is necessary to provide the service and for which we have specific agreements in place, which ensure your personal data is secure and will not be used for any marketing purposes.
We may share your information if we are acquired by a third-party and therefore your data will be deemed an asset of the business. In these circumstances, we may disclose your personal data to the prospective buyer of our business, subject to both parties entering into appropriate confidentiality undertakings.
Similarly, we may share your personal data if we are under a duty to disclose data in order to comply with any legal obligation or to protect the rights, property, or safety of Contedia, our customers, or others. This includes, but is not limited to, exchanging information with other companies and organisations for the purposes of fraud protection, credit risk reduction and dispute policies.
However, we will take steps with the aim of ensuring that your privacy rights continue to be protected and only necessary data is shared.
In preventing the use or processing of your personal data, it may delay or prevent us from fulfilling our contractual obligations to you or your employer. It may also mean that we shall be unable to provide our services or process the cancellation of your service.
You have the right to object to our use of your personal data, or ask us to delete, remove or stop using it if there is no need for us to keep it. This is known as your right to be forgotten. There are legal and accountancy reasons why we will need to keep your data, but please do inform us if you think we are retaining or using your personal data incorrectly.
Our Privacy and Data Protection Notice shall be made clear to you at the point of collection of your personal data.
You can request to view, edit or delete the personal data we hold about you by emailing email@example.com or telephoning and speaking to our Data Protection Officer. You can also make choices about Contedia’s collection of your data and how we use it by visiting the ‘Opt-in’ page on our website, which can be found at here.
You have the right to ask us not to process your personal data for marketing purposes. If you choose not to receive marketing communications from us about our products and services, you have the option to do so by leaving the marketing communication methods tick boxes empty and submitting the Opt-in form, as above. You may also contact us by any other means and make your preferences know to us. This action will override any previous preferences we held on record for you.
We will not contact you for marketing purposes unless you have given us your prior consent.
Accessing and updating your data
Contedia will endeavour to maintain your data and keep it up to date. You should ensure we are made aware of any changes to the information you know we hold, such as surname, email address, phone numbers etc. By failing to do so it may delay or prevent us from providing any products or services.
You have the right to access the information we hold about you. Please email your requests to firstname.lastname@example.org so that we can obtain this information for you.
Links to other sites
Contedia may provide links to third-party websites. Since we do not control those websites, we encourage you to review the privacy policies of these third-party websites. Any information that is supplied on these sites will not be within our control and we cannot be responsible for the privacy policies and practices of these.
Where we store your personal data
We store and protect the personal data we collect using methods that include strong passwords and password policies and encryption in transit and at rest, if appropriate.
All information you provide to us is stored on our secured servers within the EEA. From time to time, your information may be transferred to and stored in a country outside the EEA in relation to provision of the services. The laws in these countries may not provide you with the same protection as in the EEA; however, any third-party referred to above outside of the EEA has agreed to abide by European levels of data protection in respect of the transfer, processing and storage of any personal data. By providing your data to us, you agree to this transfer and storage, but we will ensure that reasonable steps are taken to protect your data in accordance with this notice.
As the transmission of information via the internet is not completely secure, we cannot guarantee the security of your data transmitted to our site and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Any sensitive data (payment details for example) are encrypted and protected.
Where we have given you (or where you have chosen) a password, which enables you to access certain parts of our website or your own I.T. and software systems, you are responsible for keeping the password confidential and secure. We ask you not to share any password we have supplied with anyone.
We agree to take reasonable measures to protect your data in accordance with applicable laws and in accordance with our Terms and Conditions of Business.
In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.
Please e-mail any questions or comments you have about privacy to us at email@example.com