PRIVACY NOTICE

 

Introduction

Bold Communications Ltd is a company registered in the UK which develops, supplies and supports monitoring systems.  Bold is committed to protecting the privacy and security of your personal information, and to meeting its data protection obligations under the General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018.  The purpose of this privacy notice is to make you aware of how and why we will collect and use your personal information and to advise that we are required by law to provide you with the information contained in this privacy notice.

This policy applies to:

(i) all those who visit our website, whether requesting information or not
(ii) business customers (including e.g. distributors, installers, systems integrators, consultants and end-users);
(iii) suppliers

Please read this notice carefully and feel free to contact Bold if you need any further details or clarification by phone on 01392 364777, email; info@boldcommunications.co.uk or by writing or calling at our office – 6, Harrier Court, Wescott Lane, Exeter EX5 2DR.


Data protection principles

Under the GDPR, there are six data protection principles that the Company must comply with. These provide that the personal information we hold about you must be:

1.    Processed lawfully, fairly and in a transparent manner.
2.    Collected only for legitimate purposes that have been clearly explained to you and not further processed in a way that is incompatible with those purposes.
3.    Adequate, relevant and limited to what is necessary in relation to those purposes.
4.    Accurate and, where necessary, kept up to date.
5.    Kept in a form which permits your identification for no longer than is necessary for those purposes.
6.    Processed in a way that ensures appropriate security of the data.

The Company is responsible for, and must be able to demonstrate compliance with, these principles. This is called accountability.

Personal Information

This notice applies to personal information collected and used by Bold.  ‘Personal Information’ means any  information which identifies you as an individual, recognised directly or indirectly. This may include your name, date of birth, sex, postal address, email address, phone number, login information and technical information provided to enable you to use our services.


How we use your personal information

We will use your personal information:

•    To provide you with goods and services
•    For account set up and administration
•    Personalise content of information provided
•    Delivering data about products, services, events and sector related information
•    To direct legal and financial information accurately
•    To enable us to complying with requests from you including if you exercise any of your rights as described in this notice
•    We will not provide your personal information to other organisations except in accordance with legal obligations or to exercise or defend legal claims
•    We will not sell, transfer or lend your data to any other organisation or entity outside the Bold group of companies.


Our need for you to provide your personal information

Without the personal information you have provided, we will not be able to conduct business with you or provide information you have requested.


How long your personal data will be kept

We will hold the personal data you have provided to us for the duration of the period we are delivering goods and services which you buy from us, and for a period of seven years following the date on which you cease to purchase goods and services from us.

If we purchase good or services from you, we will retain the personal data that you have provided to us for the duration of the period we purchase goods or services, and for a period of seven years following the date on which we cease to purchase goods and services from you.

If you have requested that we periodically provide you with information about our products, services, events and sector related activities, we will retain your data until you notify us that you no longer wish to receive this information.

We may retain your personal data for longer than seven years if there is a legal requirement to do so.


Where do we store and process personal data

We store and process personal data on secure information technology systems that are operated by us, or on our behalf by third parties.  Some data processing in relation to marketing and email services, and delivery of products ordered by you is carried out on our behalf by a third party. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this privacy policy and Data Protection law.

We make our best endeavours to ensure that your personal data is secure while data is being transmitted, however, the transmission of information via the internet is not completely secure and we cannot therefore cannot guarantee the security of your personal data transmitted to our site; any such transmission is at your own risk.  Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.

We have appropriate security measures in place in our physical facilities to protect against the loss, misuse or alteration of information collected from you. Where we have given you, or where you have chosen, a password which enables you to access certain parts of our web site, you are responsible for keeping this password confidential.  Your password should not be shared with anyone.

We limit access to your personal information to those employees, workers, agents, contractors and other third parties who have a business need to know in order to perform their job duties and responsibilities.

The Company also has in place procedures to deal with a suspected data security breach and we will notify the Information Commissioner’s Office, or other applicable regulatory authority, and you of a suspected breach where we are legally required to do so.


Transfer of your information out of the EEA

We may, from time to time, transfer your personal information to countries which are located outside the European Economic Area (EEA).  

Examples of circumstances where we might do this are:

•    Where we use a hosted Customer Relationship Management or Helpdesk system
 
However, we will not transfer your data outside the EEA unless we are satisfied that the country to which your data is being transferred has appropriate safeguards for your personal data and that you will have enforceable rights in those countries,   For example, we believe that transfer of personal data to Constant Contacts email marketing software is permissible because Constant Contacts is certified under, and complies with, the EU-US and Swiss-US Privacy Shields approved by the EU Commission so that you can transfer your data to us in compliance with the data transfer restrictions in the GDPR.


Your rights

Under the GDPR you have a number of important rights. These include the right to -

•    require us to correct any mistakes in your information which we hold
•    require the erasure of personal information concerning you in certain situations
•    receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format.  This is called making a data subject access request and it enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
•    object at any time to processing of personal information concerning you for direct marketing
•    object in certain other situations to our continued processing of your personal information

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner's Office (ICO) on individuals rights under the General Data Protection Regulation.


If you would like to exercise any of those rights, please:

•    email, call or write to Bold Communications Ltd using the contact details are set out above
•    let us have enough information to identify you  
•    let us have proof of your identity and address
•    let us know the information to which your request relates


Automated decision making

Automated decision making occurs when an electronic system uses your personal information to make a decision without human intervention.  We do not envisage that any automated decision making processes will be applied to the personal data provided by you, however, we will notify you in writing if this position changes.


Changes to our Privacy Policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.  This policy was last reviewed and updated: August 2018


Contact

If you have any questions, comments or requests regarding this Privacy Policy, we will be happy to answer them. Please contact

Data Security
Bold Communications Ltd
6 Harrier Court
Westcott Lane
Exeter EX5 2DR

Please address any questions, comments and requests regarding our data processing practices to us in this way in the first instance, remembering to include your name, address and postcode along with any correspondence reference you may have.

If you have any concerns regarding our processing of your personal data, or are not satisfied with our handling of any request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner's Office. Their address is:

First Contact Team
Information Commissioner's Office
Wycliffe House
Water Lane  
Wilmslow SK9 5AF