×

Good News - Thanks to our engineers' efforts, all email issues have been solved.

1. Purpose and Overview

This policy covers how we treat personal information and the standards you can expect from us. We are committed to safeguarding your privacy and to complying with UK Data Protection legislation and GDPR.

2. What is personal information?

Personal information is information about you that is personally identifiable such as your name, address, email address, or phone number as well as other information that may not otherwise be publicly available.

3. What personal information do we collect?

3.1 IT Services

Personal and company information will be collected by soVision IT on the uptake of most kind of IT services that we provide. This information is collected to enable the support or management of your environment and to enable us to provide services. Information collection varies on a customer to customer basis, however will almost certainly include:

  • Company information sometimes including all members of staff.
  • Detailed infrastructure information, including usernames and passwords for access purposes.
  • Details of third party software support services that are used to enable us to contact these third parties when required.
  • Billing information.
  • If automated payments are to be processed, payment details.

3.2 soVision IT website

You can access parts of soVision IT’s website without using any registration process or providing any personal information. For parts that do require registration, during the user registration process, we will collect certain information that we need to provide you with services. The mandatory information we require at this stage will be your name, a telephone number and an email address. We may ask for other details, such as your organisation’s name and address, but registration can be completed without providing these details. We will also collect personal information from you if you complete any other forms featured on this site or if you contact us requesting specific information or provide us with feedback. Financial information that is collected is used to verify, identity and to bill either you or your company for products and services, as applicable.

When you use soVision IT’s website we automatically collect certain technical and routing information about your visit so we can continuously improve what and how the site delivers. For example, we may log the Internet Protocol (IP) address of your computer and measure your browsing patterns when on this site. This information is held in aggregate form and is not matched with your personal information so no individual user is identified.

4. Use of cookies

We use cookies to identify you when you visit soVision IT’s website to build up a demographic profile.

A cookie is a small piece of information sent to your web browser by a web server and can only be read by the server that gave it to you. It cannot be executed as code or used to deliver viruses to your computer. It does allow us to record your password and preferences when you register as a user and therefore to present you with a personalised view of our site.

Most browsers are initially set to accept cookies. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it.

5. Who will have access to personal information?

We do not rent, sell or share personal information about you with other people or non-affiliated organisations except to provide services you’ve requested or when we have your permission, or under any of the following circumstances:

  1. i) In response to subpoenas, court orders, or as otherwise required by legal process, or to establish or exercise our legal rights or defend against legal claims;
  2. ii) We believe it is necessary to share information for us or the appropriate authorities to investigate, prevent or act regarding suspected illegal or fraudulent activities, potential threat to personal or physical safety, violations of our terms of use or as otherwise may be required by law;

iii) Information is transferrable due to our acquisition or merger with another company. In this event you will be notified by email prior to transfer.

6. Confidentiality and security

We limit access to personal information about you to employees who we believe reasonably need to meet that information to provide products or services to you or to do their jobs.

We have physical, electronic, and procedural safeguards that comply with regulations to protect personal information about you.

6.1 Right to be informed & Right of access

You have a right under GDPR legislation to see what information we hold about you and how we process this information, subject to certain conditions.

If you want to exercise these rights, you should make an application to us in writing. We may ask you to provide us with sufficient information so that we can be sure of your identity. We also reserve the right to make a charge of a reasonable fee for providing you with the information you are requesting if a request is excessive or repetitive.

If you would like to proceed with a request to see what data we hold about you and how it is processed, please write to us at the address within the contact us section of this policy.

6.2 Right of rectification

You have a right under GDPR legislation to request the rectification of information we hold about you and how we process this information, subject to certain conditions.

If you want to exercise this right, you should make an application to us in writing. We may ask you to provide us with sufficient information so that we can be sure of your identity. This request will be actioned within one month, or up to two months if the request is complex in nature.

If action is not taken in response to a request for rectification, soVision IT will explain why this is the case. If you are unsatisfied with our response, you then have the right to complain to the supervisory authority and to a judicial remedy.

6.3 Right of erasure

You have a right under GDPR legislation to request the erasure of some or all information we hold about you, subject to certain conditions, listed below:

  • Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
  • When the individual withdraws consent.
  • When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
  • The personal data was unlawfully processed (ie otherwise in breach of the GDPR).
  • The personal data must be erased to comply with a legal obligation.
  • The personal data is processed in relation to the offer of information society services to a child.

If you would like to proceed with a request for the erasure of some or all of your data, please write to us at the address within the contact us section of this policy. In some circumstances, soVision IT may refuse to comply with the erasure request. This may be due to one or more of the following reasons:

  • To exercise the right of freedom of expression and information;
  • To comply with a legal obligation for the performance of a public interest task or exercise of official authority.
  • For public health purposes in the public interest;
  • Archiving purposes in the public interest, scientific research historical research or statistical purposes; or
  • The exercise or defence of legal claims.

6.4 Right to restrict processing

You have a right under GDPR legislation to request the restriction of processing of some or all information we hold about you, subject to certain conditions, listed below:

  • When an individual contests the accuracy of the personal data, the processing will be restricted until the accuracy of the personal data has been verified.
  • Where an individual has objected to the processing (where it was necessary for the performance of a public interest task or purpose of legitimate interests), and soVision IT is considering if legitimate grounds exist to override the request of the individual.
  • When processing is unlawful and the individual opposes erasure and requests restriction instead.
  • If soVision IT no longer need the personal data but the individual requires the data to establish, exercise or defend a legal claim.

If soVision IT have disclosed the personal data in question to third parties, we will inform them about the restriction on the processing of the personal data, unless it is impossible or involves disproportionate effort to do so.

6.5 Right to object

Wherever possible, soVision IT will inform their customers and prospective customers of the right to object at the point of first communication.

You have a right under GDPR legislation to object to the processing of some or all information we hold about you, subject to certain conditions, listed below.

Individuals have the right to object to:

  • Processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority - including profiling
  • Direct marketing - including profiling
  • Processing for purposes of scientific/historical research and statistics.

soVision IT will stop processing personal information with immediate effect if the right to object is invoked unless:

  • soVision IT can demonstrate compelling legitimate grounds for the processing, which override the interests, rights and freedoms of the individual.
  • The processing is for the establishment, exercise or defence of legal claims.

7. Breach Management

7.1 Identification and Classification

soVision IT have put in place procedures that will allow any staff member to report any information/data security breach.

  • We ensure that all staff are aware to whom they should report such a breach.
  • Having such a procedure in place will allow for early recognition of the breach so that it can be dealt with in the most appropriate manner.
  • Details of the breach will be recorded accurately according to procedure, including the date and time the breach occurred, the date and time it was detected, who/what reported the breach, description of the breach, details of any ICT systems involved, corroborating material such as error messages, log files, etc.
  • In this respect, staff are made fully aware as to what constitutes a breach. In respect of this policy a breach maybe defined as the unintentional release of customer confidential or personal information/data to unauthorised persons, either through the accidental disclosure, loss or theft of the information/data.

7.2 Containment and Recovery

Containment involves limiting the scope and impact of the breach of data/information. If a breach occurs, soVision IT will:

  • Decide on who would take the lead in investigating the breach and ensure that the appropriate resources are made available for the investigation.
  • Establish who in the affected organisation/s need to be made aware of the breach and inform them of what they are expected to do to assist in the containment exercise.
  • Establish whether there is anything that can be done to recover losses and limit the damage the breach can cause.

7.3 Risk Assessment

In assessing the risk arising from any security breach, soVision IT will consider what would be the potential adverse consequences for individuals, i.e. how likely it is that adverse consequences will materialise and, in the event of materialising, how serious or substantial are they likely to be. In assessing the risk, the following points will be considered:

  • What type of Information/data is involved?
  • How sensitive is the information/data?
  • Are there any security mechanism’s in place (e.g. password, protected, encryption)?
  • What could the information/data tell a third party about the individual/s?
  • How many individuals are affected by the breach?

7.4 Notification of Breaches

  • All information/data breaches are reported to soVision IT’s Information Security Manager. The ISM will complete a Security Incident Report.
  • Where it is deemed the breach is likely to result in a high risk to individual’s rights and freedoms, soVision IT will notify the Information Commissioners Office within 72 hours.
  • Where it is deemed the breach is likely to result in a high risk to individual’s rights and freedoms, soVision IT will notify the affected customer/s within 96 hours. This will include a copy of the completed security incident report if requested by the affected individuals.
  • soVision IT document all breaches of information security, even if they don’t all need to be reported.

7.5 Evaluation and Response

  • After any information/data security breach a thorough internal review of the incident will occur. The purpose of this review is to ensure that the steps taken during the incident were appropriate and to identify areas that may need to be improved.
  • Any recommended changes to policies and/or procedures should be documented and implemented as soon as possible thereafter.

8. Email messages

We send regular updates by email to customers, website registered users and subscribers telling them about new products and services available from soVision IT.

If you do not wish to receive information about our products and services or the products and services offered by our affiliated organisations, please tick the appropriate box on the registration form or use the unsubscribe link we provide with all such communications at any time.

9. Links

The site contains articles with links to other sites. We are not responsible for the privacy policies or the content of such web sites.

If you have a question about the privacy policy of those web sites, please contact them directly.

10. Public forums

You are advised that any information disclosed via discussion forums, message boards and/or news groups available on or via this site becomes public information and you should exercise caution when deciding to disclose your personal information.

11. Notification of changes

By using this site, you consent to this privacy policy. If this policy is changed or updated in any material sense whether because of a change in the law or our internal policy, or both, we will publish a notice of the same on this site.

12. Contact Us

If you have any queries concerning this Privacy Policy, your personal information or any questions on our use of the information, please contact us:

Data Compliance,

soVision IT Ltd,

Avon House,

Avon Mill Lane,

Keynsham,

Bristol,

BS31 2UG

United Kingdom.

13. Policy Review

The Policy will be subject to review whenever any relevant technological or regulatory changes occur and will, as a minimum, be formally reviewed on an annual basis.

Subscribe to our mailing list

Our offices are strategically located in Midsomer Norton and Keynsham and are ideally positioned to serve business in Bath , Bristol and the Southwest.

© Copyrights soVIsion IT 2016. All rights reserved.

Line Business Services Ltd and soVision IT Ltd, Avon House, Avon Mill Lane, Keynsham, Bristol BS31 2UG. Line Business Services Ltd is a Company registered in England No. 5599751. soVision IT Ltd is a Company registered in England No 10714018