Privacy Policy

Introduction

Your privacy and trust are important to us and this Privacy Policy (“Policy”) provides important information about how Converge Technology Ltd and GB Electronics Ltd trading as GBE Converge (“Company” “we” or “us”), handle personal information. This Policy applies to personal information which we process in the course of doing business including information processed through the Company’s website and the services we provide (collectively, our “Services”).

Please read this Policy carefully and contact us if you have any questions about our privacy practices or your personal information choices.

It is important that you check back often for updates to this Policy. If we make changes we consider to be important, we will let you know by placing a notice on the relevant Services and/or contact you using other methods such as email.

Effective Date: 25th May 2018

This Policy was last updated on: 18 May 2018

Purpose of the processing

We may process personal information about you in different ways depending on our relationship with you.

Please expand the section below which most closely identifies your relationship with us:

1.0    Customers and Employees of Customers

We will collect and store personal information including contact details of our customers and their employees so that we can provide our Services in accordance with our contract with you. We will also retain that information and any information relating to the contract between us for a period of six years following completion of the contract(s) between us so that we can review our performance if any complaints or issues arise after completion of the contract.

The information we collect and store may include (but not limited to)

  • User names & Passwords
  • IP address information
  • Asset details (make/ model/ serial number)
  • Site plan layouts
  • Email and telephone contact information

We are processing this information on behalf of your employer (our customer) in order to provide them with the Services. You should therefore contact your employer for further information about how we process your information on their behalf.

In the course of providing technical support to you, we may sometimes have incidental access to data that is located on your system. This data may contain information about you, your organisation’s employees, clients/customers, partners, or suppliers. This Policy does not apply to our access to or handling of this information; the conditions regarding the handling and processing of that data is covered by the terms and conditions between you and us.

Unless you request us not to do so, we may also contact those employees of the customer who are involved in the delivery of the contract an individual basis about similar services which we offer, this contact may be made by telephone, e-mail or post.

We will only do this if we believe that you would reasonably expect us to contact you in this way. We will not send you general marketing information as part of a group mailing, e-mailing or telephone campaign unless you have consented to be contacted in this way.

If you require your contact information to be removed from our system, Destruction of Documentation is detailed within QAP001 Control of Documented Information which is available on request, compliance@gbeconverge.com

2.0    You are a Supplier or an Employee of a Supplier to us.

We will collect and store personal information including contact details of our suppliers and those employees of the supplier who are involved in the delivery of the contract so that we can receive your services in accordance with our contract with you. We will also retain that information and any information relating to the contract between us for a period of six years following completion of the contract(s) between us so that we can review your performance if any complaints or issues arise after completion of the contract.

We may also contact you about new business opportunities for us to work together with you and to keep you informed of our activities. We will only do this if we believe that you would reasonably expect us to contact you in this way and that such processing does not an impact on you in a way that would make this processing unfair.

We will not send you general marketing information as part of a group mailing, e-mailing or telephone campaign unless you have consented to be contacted in this way.

3.0    You are a Third Party with whom we are in Contract During the Delivery of Services to our Customers or the Possible Delivery of Services to Prospective Customers

We will collect and store personal information including contact details of third parties with whom we are in contract during the delivery of Services to our customers or discussions relating to Services to prospective customers. We process that information because it is in our legitimate interests to do so in order for us to be able to perform our contracts for our customers or tender for work from prospective customers. We believe that you would reasonably expect us to process your personal information in this way and that such processing does not an impact on you in a way that would make this processing unfair. Where your personal information is kept as part of a file relating to the performance of a contract with one of our customers, we will also retain that information and any information relating to that contract for a period of six years following completion of that contract(s) so that we can review the file if any complaints or issues arise after completion of the contract.

Where your information is stored in our contacts database but is not kept in a customer or supplier file, we carry out a review of our contacts database every 2 years when we consider whether or not we still have a legitimate interest to keep your contact information. Where we consider that we no longer have a legitimate interest to keep your contact information we will delete it.

Where you have provided to us services in order to complete a contract(s) and your working ethic or quality of services provided is of a poor standard, following internal review by the Operations Team & Contracts Director your details may be deleted from our system prior to the expected term of 6years. Should you wish to re-engage with us you will be required to complete an Approved Contractor Questionnaire QAP006-1 and shall be assessed on an ongoing basis to ensure same failings do not reoccur.

We may also contact you about new business opportunities for us to work together with you and to keep you informed of our activities. We will only do this if we believe that you would reasonably expect us to contact you in this way and that such processing does not an impact on you in a way that would make this processing unfair.

We will not send you general marketing information as part of a group mailing, e-mailing or telephone campaign unless you have consented to be contacted in this way.

4.0    You are a Prospective Customer or an Employee of a Prospective Customer

We will collect and store personal information including contact details of people who we might do business with as a supplier or a customer. We may collect this information from you, when you contact us (including through this website) or from a mutual contact. We will only collect contact information from your website or another third party website if we have identified you specifically as someone who may be interested in receiving a Service from us or delivering goods or services to us.

We may contact you about new business opportunities for us to work together with you and to keep you informed of our activities.  We believe that you would reasonably expect us to process your personal information in this way and that such processing does not an impact on you in a way that would make this processing unfair. Where your information is stored in our contacts database but is not kept in a customer or supplier file, we carry out a review of our contacts database every 2 years when we consider whether or not we still have a legitimate interest to keep your contact information. Where we consider that we no longer have a legitimate interest to keep your contact information we will delete it.

We will not send you general marketing information as part of a group mailing, e-mailing or telephone campaign unless you have consented to be contacted in this way.

5.0    You are an Employee

Employees should refer to the Company Staff Handbook (QAP007-7), Personnel Files Policy GBECPF100 and GDPR Policy GBECGDPR100 for further information about our privacy policy in respect of employees.

6.0    We have Received your Information from a Third Party

If we have received your personal information from a third party, for example your employer or service provider, that third party will be the controller in relation to that personal information and we will be processing it on their behalf. You should therefore contact that third party to review their privacy policy.

Your Relationship with us is not Covered by any of the Above.

We may hold your contact details and personal information as a result of an interaction between you and one of our employees. We believe that you would reasonably expect us to process your personal information in this way and that such processing does not an impact on you in a way that would make this processing unfair.  We carry out a review of our contacts database every 2 years when we consider whether or not we still have a legitimate interest to keep your contact information.

7.0    Personal Information We Hold

We will store contact information and the contents of any correspondence between us. We may also record or take notes during telephone calls and meetings which we will store on any applicable file.

We would not normally process sensitive information relating to a customer or employee of a customer, for example, relating to your health, religious belief or sexuality. If that information is relevant to the services we are providing or receiving from you, then we will agree with you at the time whether we can process that information.

Some of our services provide data and document storage as an integral part of the product or solution offering. Documents and data stored by our customers may contain personal information in business and personal tax forms, payroll and financial data, and legal and litigation-related documents, for example. Any information stored by or on behalf of our customers is controlled and managed by and only made accessible to those customers or others our customers may authorise from time to time. Our access to this information is limited to the Company personnel who require access in order to provide our Services or for any other critical business reason.

We may be required to use and retain personal information for legal and compliance reasons, such as the prevention, detection, or investigation of a crime; loss prevention; or fraud. We may also use personal information to meet our internal and external audit requirements, information security purposes, and as we otherwise believe to be necessary or appropriate: (a) under applicable law; (b) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities; (c) to enforce our terms and conditions; and (d) to protect our rights, privacy, safety, or property, or those of other persons.

The company and our third-party providers set and use cookies and similar technologies to store and manage user preferences, deliver targeted advertising, enable content, and gather analytic and usage data. For further information, please see our Cookie policy below.

8.0      Cookies Policy

To make the company site (www.gbeconverge.com) work correctly, we sometimes place small data files called cookies on your device. This is considered a standard procedure and most big websites do this too.

What are cookies?

A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.

How do we use cookies?

Google Analytics, which uses cookies to help us analyse how our visitors use the site. Find out more about how these cookies are used on the  Google Privacy site (https://support.google.com/analytics/answer/6004245)

9.0      When we share Personal Information

The Company shares or discloses personal information when necessary to provide Services or conduct our business operations as described below. When we share personal information, we do so in accordance with data privacy and security requirements. We may occasionally share non-personal, anonymised, and statistical data with third parties. Below are the parties with whom we may share personal information and why.

  • Within the Company: Our business is supported by a variety of people who are part of the Company’s teams and functions, and personal information will be made available to them if necessary for the provision of Services, account administration, sales and marketing, customer and technical support, and business and product development, for instance. All of our employees and contractors are required to follow our data privacy and security policies when handling personal information.
  • Our business partners: We occasionally partner with other organisations to deliver co-branded Services, provide content, or to host events, conferences, and seminars. As part of these arrangements, you may be a customer of both the Company and our partners, and we and our partners may collect and share information about you. The Company will handle personal information in accordance with this Policy, and we encourage you to review the privacy policies of our partners to learn more about how they collect, use, and share personal information.
  • Our third-party service providers: We partner with and are supported by service providers around the world. Personal information will be made available to these parties only when necessary to fulfil the services they provide to us, such as software, system, and platform support; direct marketing services; cloud hosting services; advertising; data analytics; and order fulfilment and delivery. Our third-party service providers are not permitted to share or use personal information we make available to them for any other purpose than to provide services to us.
  • Third parties for legal reasons: We will share personal information when we believe it is required, such as:

◦     to comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities;

◦     in the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings);

◦     to protect our rights, users, systems, and Services.

10.0  Where We Store and Process Personal Information

We take steps to ensure that the information we collect is processed according to this Policy and the requirements of applicable law wherever the data is located.

The Company has networks, databases, servers, systems, support, and help desks located in the UK. We collaborate with third parties such as cloud hosting services, suppliers, and technology support located around the world to serve the needs of our business, workforce, and clients. We take appropriate steps to ensure that personal information is processed, secured, and transferred according to applicable law. In some cases, we may need to disclose or transfer your personal information within the Company or to third parties in areas outside of your home country, but we will not transfer your data outside of the European Economic Area without your express written consent.

11.0  How We Secure Personal Information

The Company takes data security seriously, and we use appropriate technologies and procedures to protect personal information. Our information security policies and procedures are closely aligned with widely accepted international standards and are reviewed regularly and updated as necessary to meet our business needs, changes in technology, and regulatory requirements.

Two factor authentication (2FA) Used where possible on business systems both on Premise and Online
Password Controls Passwords for systems are controlled and stored centrally with security access to only permitted staff
Employee vetting All staff are security screened to BS7858 that may have to handle/ review or process information.
Physical Security Access to ours offices is secured with electronic access control and CCTV monitoring in place
Encryption We use disk encryption for portal data and  industry standard encryption technology for data encryption for data in transit and backups
Training Our staff are appropriately trained for the awareness of data protection and security

 

12.0  How Long We Keep Personal Information

We retain personal information for as long as we reasonably require it for legal or business purposes. In determining data retention periods, the Company takes into consideration local laws, contractual obligations, and the expectations and requirements of our clients. When we no longer need personal information, we securely delete or destroy it.

13.0  Your Right to Access and Correct Your Personal Information

We respect your right to access and control your information, and we will respond to requests for information and, where applicable, will correct, amend, or delete your personal information.

  • Access to personal information: If you request access to your personal information, we will gladly comply, subject to any relevant legal requirements and exemptions, including identity verification procedures. Before providing data to you, we will ask for proof of identity and sufficient information about your interaction with us so that we can locate any relevant data.
  • Correction and deletion: You have the right to correct or amend your personal information if it is inaccurate or requires updating. You may also have the right to request deletion or transfer of your personal information; however, this is not always possible due to legal requirements and other obligations and factors. Remember that you can update your account information by using the “Contact Us” option on our website.
  • Withdrawal of consent: If we are processing your personal information on the basis that you have given your consent to us processing that personal information, you have a right to withdraw your consent at any time by using the “Contact Us” option on our website.
  • Marketing preferences: To opt out of email marketing, you can use the unsubscribe link found in the email communication you receive from us or select the applicable email preference in your account settings. For other marketing preferences, you can use the “Contact Us” option on our website or let us know by telephone.
  • Filing a complaint: If you are not satisfied with how the Company manages your personal data, you have the right to make a complaint to a data protection regulator.

http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm

14.0  Children’s Privacy

Our Services are not directed to children under 13. If you learn that a child under 13 has provided us with personal information without consent, please contact us.

15.0  How to Contact Us

Please contact us with any requests related to your personal information.

We understand that you may have questions or concerns about this Policy or our privacy practices or may wish to file a complaint. Please feel free to contact us in one of the following ways:

Address:

Attn: Ian Phelps, Barnett Way, Barnwood, Gloucester, GL4 3RT

Telephone: 08451 220884

Email: hr@gbeconverge.com / compliance@gbeconverge.com

 

Read more
Read more