To support compliance with the GDPR, the Board of Directors of Cloud A2K has approved and supported the development, implementation, maintenance and continual improvement of a documented personal information management system and policies.
All Employees of Cloud A2K are expected to comply with this policy and with the management systems that implement this policy. All Employees and appropriate external parties, will receive specific training. The consequences of breaching this policy are set out in our disciplinary policy and in contracts and agreements with third parties.
COOKIES & PRIVACY NOTICE – CUSTOMERS
At Cloud A2K we are working hard to serve our customers better. Looking after the personal data you share with us is of utmost importance.
This policy explains the what, how and why of the information we collect when you visit our website or you use our Services. It also explains the different ways we use and disclose that information. We want to make it clear that we take your privacy extremely seriously. We will never sell your data for sales or marketing purposes.
If we make changes to this notice we will notify you by updating it on our website. Cloud A2K will be what is known as the ‘Data Controller’ of the personal data you provide to us, and we will sometimes refer to ourselves in this notice as “we” or “us”. By Data Controller, this means Cloud A2K determines the purposes and way in which any personal data is, or will be, processed.
In the following sections we aim to answer any questions you have, but if we do not, please do get in touch by writing to us the following address:
The Data Protection Officer, Cloud A2K, Cadline House, Drake Avenue, Staines-upon-Thames, Middlesex, TW18 2AP
Or by emailing us at firstname.lastname@example.org, quoting Security and Privacy Enquiry.
WHAT INFORMATION DO WE COLLECT, WHEN AND WHY?
1. WHEN DO WE COLLECT YOUR PERSONAL DATA? −
- When you interact with any of our websites, social media or apps.
- When you contact us by any means with enquiries, complaints, purchases, phone calls, emails etc.
- When you enter prize draws, competitions or choose to complete a survey or form.
- When you book any kind of appointment or meeting with us or book to attend an event.
- When you’ve given a third-party permission to share with us the information they hold about you.
- When Cloud A2K’s suppliers and partners share information with us about the product you have purchased.
- We collect data from publicly available sources, when you have given your consent to share information or where the information is made public.
- When you visit one of our offices or training centres.
2. WHAT SORT OF PERSONAL DATA DO WE COLLECT?
Depending on how you engage with us we will require some if not all the following information:-
- Full Name
- Company Name
- Contact Numbers
- Email Address
- Previous purchase information
- Payment Card information
- Bank Details
As an existing customer if you have purchased goods using a credit or debit card, or we have taken these details for a payment authorisation, we will securely collect and store this payment card information.
When you apply for a credit account, we obtain information about your business from third party credit reference agencies. We do not currently perform credit checks on individuals.
3. HOW DO WE USE YOUR INFORMATION?
We want to give you the best possible customer experience. One way to achieve that is combining the data we have about you. We may then use this aggregated information to offer you promotions, products and services that are most likely to interest you.
−What are the General Data Protection Regulations (GDPR)
The GDPR set out a number of different reasons for which a company may collect and process your personal data, including:
- Contract – your personal information is processed in order to fulfil a contractual arrangement such as purchasing software or renewing a Subscription.
- Consent – where you explicitly agree to us using your information in this way.
- Legitimate Interests – this means the interests of Cloud A2K in managing our business to allow us to provide you with the best products and service in the most secure and appropriate way.
- Legal Obligation – where there is statutory or other legal requirement to share the information.
Below are some examples how we will use your personal data based on the new GDPR guidelines.
|What We Use Your Personal Information For||THE GDPR Basis||Our Explanation of Cloud A2K’s Legitimate Interests|
|Contact you via sales and marketing activities such as calls, emails and other types of communications||· Legitimate interests||Developing products, services, applications and designs that attract and retain customers. Improving customer interaction with our sites.|
|Storing payment cards||· Consent||N/A|
|Process your orders||· Fulfilling a contract||N/A|
4. WHO WE SHARE YOUR INFORMATION WITH AND WHY
Cloud A2K do not disclose any personal information obtained about you to third parties except when we need to in order to complete a transaction.
Cloud A2K works with a number of trusted suppliers, agencies and businesses in order to provide you the high quality goods and services you expect from us such as delivery companies, credit reference agencies, fraud prevention agencies, product technicians, distributors, vendors and market research companies amongst others.
Some examples of the categories of third parties with whom we share your data are:
Cloud A2K works with partners who supply products and services on our behalf. All partners will only hold the minimum amount of personal information needed to fulfil the orders you place or provide a service on our behalf.
Cloud A2K works with delivery partners. Again, we only pass limited information to them in order to ensure delivery of your items.
Cloud A2K works with businesses who support our website and other business systems.
Cloud A2K works with marketing companies who help us manage our electronic communications.
Cloud A2K works with trusted third party payment processing providers in order to securely take and manage payments.
Credit Reference Agencies
When you apply for credit with us we will make searches about you with credit reference agencies.
5. TRANSFERS TO THIRD COUNTRIES
Some of the information you provide to us may be transferred outside the European Economic Area to countries such as the US. This is a transfer to a “third country”. For example, Cloud A2K has a business relationship with RIB who provide us with products and some fulfilment and administrative services direct to you.
If you place an order with us and you are outside of the UK we will transfer the data that we hold on you to Cloud A2K in the UK.
Cloud A2K also works with suppliers and partners who may make use of cloud and/or hosted technologies.
6. KEEPING IN TOUCH WITH YOU
We want to keep you up to date with information about new product/technologies, special offers and services. Cloud A2K will not share your information with companies outside of Cloud A2K for their marketing purposes.
If you decide you do not want to receive this marketing information, you can request that we stop by writing to the Data Protection Officer at the address provided above, by emailing email@example.com, by calling Customer Services on 01784 419911 or by using the unsubscribe link within the email.
You may continue to receive mailings for a short period while your request is dealt with.
7. HOW LONG WE KEEP YOUR INFORMATION
We know how much data security matters to all our customers. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it.
If we collect your personal information, the length of time we retain it is determined by several factors including the purpose for which we use that information and our obligations under other laws.
- The regulations require us to hold your personal information for a longer period, or delete it sooner.
- You exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the GDPR policy.
- We bring or defend a legal claim or other proceedings during the period we retain your personal information, in which case we will retain your personal information until those proceedings have concluded and no further appeals are possible; or
- In limited cases, existing or future law or a court or regulator requires us to keep your personal information for a longer or shorter period.
8. WHAT ARE YOUR RIGHTS
You are entitled to request the following from Cloud A2K, these are called your Data Subject Rights and there is more information on these on the Information Commissioners website www.ico.org.uk
- Right of access –to request access to your personal information and information about how we process it.
- Right to rectification –to have your personal information corrected if it is inaccurate and to have incomplete personal information completed.
- Right to erasure (also known as the Right to be Forgotten) – to have your personal information erased. Contact Customer Services on 01784 419911.
- Right to restriction of processing – to restrict processing of your personal information.
- Right to data portability – to electronically move, copy or transfer your personal information in a standard form.
- Right to object – to object to processing of your personal information.
- Rights with regards to automated individual decision making, including profiling –rights relating to automated decision making, including profiling.
If you have any general questions about your rights or want to exercise your rights, please contact firstname.lastname@example.org
You have the right to lodge a complaint with a data protection regulator in Europe, in particular in a country you work or live or where your legal rights have been infringed. The contact details for the Information Commissioner’s Office (ICO), the data protection regulator in the UK, are available on the ICO website www.ico.org.uk where your personal information has or is being used in a way that you believe does not comply with data, however, we encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have.
9. COOKIE NOTICE
This notice is designed to help you understand what cookies are, how Cloud A2K uses them and the choices you have in regards to their use.
Should you need to contact us please write to:
Data Protection Officer Cloud A2K, Cadline House, Drake Avenue, Staines-upon-Thames, Middlesex, TW18 2AP
or via email@example.com quoting Security and Privacy Enquiry.