In May 2018, the EU General Data Protection Regulation (GDPR) replaces the existing 1995 EU Data Protection Directive (European Directive 95/46/EC). The below ifs Pure Cloud Solutions GDPR legislation and compliance policy.
Pure Cloud Solutions Ltd (PCS) focuses to comply with the applicable GDPR regulations as a data processor and controller. Working alongside its employees, suppliers, clients and their employees it will comply when the GDPR legislation takes effect on 25th May 2018.
How we collect Personal Information
We will obtain personal data about you, including but not limited to:
• Your name
• Postal address
• Telephone number(s) i.e. your contact details, whenever you complete an online form or make a telephone enquiry.
In general, all data required by PCS to offer you its products or services within the scope of and on the basis of the agreement concluded between Pure Cloud Solutions and you/your employer.
We collect and store information when you visit our website and, this may include using cookies and similar technologies to monitor site performance and build a profile of our users. When you interact with our services we may identify, for example:
• How many times you visit;
• What pages you go to within our website(s);
• Your IP address;
• The originating domain name of your internet provider;
• Identity of your browser or device.
Cookies do lots of different jobs. They help us understand how our website is being used, let you navigate between pages efficiently, and remembers your preferences. They also generally improve your browsing experience. Cookies also help ensure the marketing you see online is more relevant to you and your interests.
You can set your browser to block or disable cookies (see the ‘Help’ menu of your browser to see how). However doing this will mean certain personalised features of our websites can’t be provided to you and other parts may also not work properly.
How we use Personal Information
We use your personal information for the following purposes:
• To facilitate the provision of products and services you or your employer have requested;
• To help us identify you and any accounts you or your employer hold with us;
• Undertaking credit checks; (with your specific permission on each occasion)
• Research, statistical analysis and behavioural analysis;
• Customer profiling and analysing your preferences;
• Fraud prevention and detection;
• Billing and order fulfilment;
• Improving our services.
How we Disclose Personal Information
Pure Cloud Solutions does not and will not sell, rent or trade your personal information. We only forward your personal data to third parties; (i) in cases specified in these conditions, (ii) in accordance with the agreement concluded with you or your employer, and (iii) in the cases specified below:
• To third parties that process your personal data on our behalf (e.g., hosting partners);
• Third parties that supply products or services to you on our behalf within the context of your use of agreement with Pure Cloud Solutions, e.g. hardware suppliers, software suppliers, line installers, internet providers, mobile phone partners, cabling sub-contractors, our bank etc;
• To perform credit worthiness checks or record payment behaviour on our behalf (with your specific permission on each occasion);
• Public authorities, courts, police authorities and judicial services that request the data from us or when we are required to do so by law;
• Your employer – as the contract holder of your services;
• Any third party to which we assign our rights and obligations.
Access to your Personal Information
You have the right to request access to any personal data we may hold about you and, to ascertain the accuracy of that information. To apply for a ‘Subject Access Request’, an individual must:
• Make the request in writing to: Pure Cloud Solutions Ltd, Unit 6 The Pavilions, Amber Close, Amington, Tamworth, B77 4RP
• Supply information to prove who they are to eliminate risk of unauthorised disclosure;
• Supply appropriate information to help us locate the required information.
We allow you to challenge the data that we hold about you. Where appropriate, you may have the data; erased or rectified/amended. If your employer has an agreement where Pure Cloud Solutions has a responsibility to process your data, we request that you first discuss this with your employer.
We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems).
How we Secure Personal Information
Pure Cloud Solutions strictly protects the security of your personal information and honours choices for its intended use. We carefully protect your data from loss, misuse, unauthorised access or disclosure, alteration, or destruction. Your personal information is never shared outside the company without your permission, except under the conditions explained above. Inside the company, data is stored on secure servers that are housed in controlled environments to protect against loss, misuse or alteration of your information.
All countries in the European Economic Area (EEA), which includes the UK, have similar standards of legal protection for your personal information. We may run your accounts and provide other services from centres outside the EEA (such as the USA and India) that do not have a similar standard of data protection laws to the UK. We shall take all measures that could reasonably be required to ensure that your personal data is processed in accordance with applicable legislation.
Pure Cloud Solutions will only store your personal data for as long as is necessary for fulfilling the purpose for which the data was collected and for meeting legal, regulatory and/or internal requirements.
How we Retain Data
Pure Cloud Solutions would keep data on file for a period of 6 years unless otherwise stipulated. This would be hard erased after this time unless the data subject requests otherwise. Subjects have the right to request personal data on them in a portable format. Data subjects must request by letter stipulating what data they would like access to, and this will be processed within 10 working days. We would send confirmation of this either by email or letter (whichever is most appropriate). If data has been deleted, erased or otherwise irretrievable the subject will also be informed of this.
How we Delete Data
Pure Cloud Solutions aims to keep data on file for a period of 6 years unless otherwise stipulated. Data would be hard erased after this time unless the subject of the data requests otherwise or has been engaged with during this time. Data on them is necessary for archiving purposes in the public interest. Subjects of data have the right to be forgotten and erased from records upon request. Subjects must request their data by letter stipulating what data they would like erased and this will be processed within 10 working days. We would send confirmation of this either by email or letter.
Pure Cloud Solutions aim to deliver great service. We want to gain the trust of our employees and data subjects and aspire to treat data collected on them with integrity and respect. We would continue to improve and change operations where necessary to comply with new legislation.
Internally Pure Cloud Solutions review the systems in place and aim to improve this continuously. This statement aims to outline Pure Cloud Solution’s GDPR strategy and policies surrounding data control and processing.
This document is provided as of May 2018, for informational purposes to explain Pure Cloud Solutions stance on GDPR legislation and compliance. It is subject to change or removal without notice and an updated copy will always be available on our website.
Pure Cloud Solutions Ltd
Issue Date: 1st May 2018
Review Date: 25th May 2018