GML Privacy Notice
Effective 25th May 2018
We are GML Networking Technologies. Our main office is based at: Mumford Buildings, 27-29 Thorpe Road, Kirby Cross, Essex, CO13 0LT. We provide ICT services to business and domestic users.
Throughout this notice, ‘we’ and ‘us’ refers to GML Networking Technologies.
GML Networking Technologies are committed to protecting personal data within the guidelines of the General Data Protection Regulation.
This Privacy Notice explains the nature of personal data we may collect when you interact with us. It also explains how we’ll handle that data and the rights you have over it.
The legal bases we rely upon to process data
The General Data Protection Regulation requires us to ‘process personal data lawfully, fairly and in a transparent manner in relation to individuals’.
In order to do this, we process personal data on the following bases:
We rely on the lawful basis of contract when we need to process someone’s personal data to either fulfil our contractual obligations to them, or because they have asked us to do something for them prior to entering into a contract, for example providing a quotation.
Note that, in this context, a contract does not have to be a formal signed document, or even written down, as long as there is an agreement which meets the requirements of contract law. Broadly speaking, this means that the terms have been offered and accepted, you both intend them to be legally binding, and there is an element of exchange (usually an exchange of goods or services for money but can be anything of value).
We rely on the lawful basis of legitimate interests where we use personal data in ways that would be reasonably expected as part of running our business, and which have a minimal privacy impact on an individual.
Where we are processing your data on this basis you can request that we stop processing for reasons connected to your own individual circumstances.
We rely on the lawful basis of legal obligation where the processing of data is necessary for compliance with a legal obligation to which we as the controller are subject.
When we collect your personal data
We may process your personal data:
- When you ask us to provide ICT services.
- When we use you as a supplier of goods / services.
- When you are employed by us or are in contact with us regarding prospective employment.
- When you interact with us via any method of communication.
- When you visit GML offices.
What personal data we collect
During the course of your relationship with us we will need to collect data. The nature of our work is varied so the following is not an exhaustive list, but the most common types of personal data we process are as follows:
- Names, addresses, and telephone numbers.
- Records of usernames, passwords, email addresses, MAC addresses, IP addresses and ports.
- Records of your interactions with us.
- Bank account / debit card / credit card details.
- CCTV footage around the GML offices, our car park and the footpaths / road outside the premises.
- Incoming and outgoing telephone conversation recordings.
How we use your data and why
- To carry out work requested by you now and in future support tasks, in order to complete the job(s) accurately, efficiently and cost effectively.
- To process orders made by you, following a quotation acceptance.
- To respond to you, following an enquiry.
- To process payments.
- To send you information relating to your account with us, for example invoices and account statements.
- To provide security for our clients and staff.
- To clarify the content of telephone conversations and facilitate staff training.
How we protect your personal data
We take data security very seriously, and we understand how much this matters to you.
We treat your data with the greatest of care and take a wide range of appropriate steps to protect it.
How long we keep your data for
When we collect your data we keep a permanent record of this for the purpose of recurring business.
You can exercise your rights under the General Data Protection Regulation and ask us to delete, restrict or rectify your personal data.
Who we share your personal data with and why
We only share your personal data with third parties when we are providing you with goods/services on that third party’s behalf – for example our Internet Service Provider, to provide you with a Broadband connection.
In these instances, we only provide the third party with the information they need to provide the specified product/service. When using these third parties you are using them under their own terms and conditions.
Your rights over your personal data
You can contact us at any time regarding your personal data.
Please write to ‘The Data Protection lead’ at: GML Networking Technologies, Mumford Buildings, 27-29 Thorpe Road, Kirby Cross, Essex, CO13 0LT, email us at: firstname.lastname@example.org or telephone us on 01255 851999, asking to speak to our data protection lead.
- You can object to the processing of your personal data, your ‘right to object’.
- You can ask for access to the personal data we hold about you, usually for no fee, your ‘right of access’.
- When data is incorrect, out of date or not complete you can ask for it to be rectified, your ‘right to rectification’.
- You can ask for your personal data to be erased or restricted, your ‘right to erasure’ and your ‘right to restrict processing’.
- You can request that your data is moved, copied or transferred to another IT environment, the right to ‘data portability’.
In certain circumstances it may not be appropriate to fulfil your request. If this is the case we will explain to you the reasons why, and your next steps.
If you feel that we have not handled your data correctly or are not happy with how we have responded to you regarding our use of your personal data, you can make a complaint to the Information Commissioner’s Office by calling them on: 0303 123 1113. Alternatively, go online to www.ico.org.uk/concerns.