General Data Protection Regulation (GDPR)
Who we are and our details?
CloudCall365 are market-leading VoIP business telephone system suppliers. Our company details can be found on our website www.CloudCall365.co.uk. Full details can be found in the footer of our home page. There is also a page called “Contact Us.” Where you will find our contact information at the bottom of the page.
GDPR will apply to all EU states from the 25th May 2018.
CloudCall365 has always complied with data protection laws and regulations surrounding the use of personal data. However, GDPR means we are having to change publicly our policies. This document outlines what we have implemented to ensure we are fully compliant with the new regulation.
What does GDPR change?
The GDPR includes the following rights for individuals:
Breach notification will become mandatory. Where a data breach is likely to “result in a risk for the rights and freedoms of individuals”, this must be done within 72 hours of first having become aware of the breach. Organisations will be required to notify their customers, after first becoming aware of a data breach.
Right to Access
Part of GDPR is the right for any individual the right to access their personal data and supplementary information. This individual also should be aware of and be able to verify the as to whether or not personal data concerning them are being processed, where and for what purpose. Furthermore, the controller shall provide a copy of the personal data, free of charge, in an electronic format.
Right to be forgotten
GDPR provides individuals with the right to request the erasure of personal data concerning them, also known as “the right to be forgotten”. The controller, employee or organisation will be obliged to erase personal data relating to an individual if the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed. The conditions for erasure include, the data no longer being relevant to original purposes for processing, or a data subjects withdrawing consent.
To comply with GDPR, we provide an opt-in box either on our website or via an email we have sent you. The CloudCall365 the controller/ shall be able to demonstrate that the data subject has consented to process of his or her personal data. Companies are no longer able to use long illegible terms and conditions. The request for consent must be given in an intelligible and easily accessible form, with the purpose of data processing attached to that consent.
GDPR data portability regulations give the right for any individual to access the personal data concerning them, which they have previously provided in a ‘commonly use and machine-readable format’ and have the right to transmit that data to another controller.
Data Protection Officers
GDPR requires an organisation to appoint a data controller who states how and why Personal Information is processed. Please email our data controller at dataprotectionofficer@CloudCall365.co.uk. Our data controller ensures that processors abide by the law and our processes governed by GDPR.
Collection of Personal Information & Opt-Out
At CloudCall365 we are committed to protecting and respecting your privacy. As a visitor to our site www.CloudCall365.co.uk, you can engage in many activities that may require you to enter Personal Information. The choice to opt out of communications is available during the sign-up process and on our website contact forms. When you order products or services from our organisation we may collect the following Personal Information from you:
Contact information such as:
- Full name
- Company name
- Job title
- Job description
- Telephone number
- Fax numbers
- Email address
- Web address
- Bank account number & Sort Code
We specifically note that CloudCall365 does NOT store raw credit-card details.
As is true of most websites, when you use CloudCall365, we may also collect certain information, such as browser type, operating system, and the Internet Protocol (IP) address of your computer. We use these environmental variables to facilitate and track your use of our website and its services. CloudCall365 uses the information to better understand the needs of our visitors, troubleshooting, data analysis, testing, research, statistical, security and survey purposes. We may also use such information to deliver relevant marketing communications to the data subject which may be of interest.
How we may use your Personal Information
CloudCall365 may collect information about an individual or company in order to provide our services, comply with our legal obligations, and to improve our products and services. We may use your information in the following ways:
- Send you order/renewal confirmations.
- Process orders that you have submitted.
- Collect monthly direct debit payments for services.
- Prevention of fraud.
- Respond to customer service requests, questions and concerns.
- Send you requested product or service information.
- Keep you informed about special offers and services.
- To improve our site, services and offerings.
- Obtain your views or comments on the services we provide.
- Notify you of changes to our services.
Protection of your Personal Information
The Personal Information that you provide in connection with the use of our website resides on secure web servers that only selected CloudCall365 personnel have access to via passwords which are changed on a regular basis. We take every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place. If you have any questions about security on our website or how we protect Personal Information, you can send an email to us at dataprotectionofficer@CloudCall365.co.uk or write to us at the following address: DPO, CloudCall365, 1 The Broadway, Andover, Hampshire, SP10 2JF. We will respond to your request within 30 days of receipt of the request
Access to your Personal Information, Portability & Deletion
Right to access request and correct
This is your right to access, correct and request a copy of the information that we hold about you and why we are processing this information. If you would like a copy, please email or write to us at the following address: DPO, CloudCall365, 1 The Broadway, Andover, Hampshire, SP10 2JF. We will respond to your request within 30 days of receipt of the request.
You have the right to data portability allowing you to obtain and reuse your personal data for your own purpose across different services. Data Portability allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
(a) The processing is based on consent or on a contract, and
(b) The processing is carried out by automated means.
You’re Right to be forgotten
You have the right to have your Personal Information erased, however in doing so we may not be able to continue to provide the expected service delivery, at your request data will be erased within 20 working days. Should you wish for us to completely delete all information that we hold about you: Email: dataprotectionofficer@CloudCall365.co.uk. If you would prefer to contact us in writing: DPO, CloudCall365, 1 The Broadway, Andover, Hampshire, SP10 2JF.
Transferring your information outside of Europe
As part of the services offered to you through this website, the information which you give to us may be transferred to countries outside the European Union (“EU”). Personal data in the European Union is protected by the General Data Protection Regulation (GDPR) but some other countries may not necessarily have the same high standard of protection for your personal data. Where this might be the case, we will take every precaution to make sure the right security measures are taken so that your privacy rights continue to be protected as outlined in this policy.
Sharing your Personal Information
We only retain your information for as long as your service is active or legally required. The data we store is required to comply with our legal obligations, resolve disputes, and enforce our service agreements. We are required by law to store data for a minimum or maximum duration. Should you have any questions regarding our data retention or wish to delete your account, please contact our data controller at dataprotectionofficer@CloudCall365.co.uk.
It is possible that we may automatically gather information regarding your computer for our services as you browse. Some of the data we include are browser type, device type, and average time spent on our website, page or pages viewed, and the Internet Protocol (IP) address used to connect your computer to our site. We do this to improve services we offer, to improve our company marketing, analytics, and provide efficient site functionality to users.
Your consent applies to our website: www.CloudCall365.co.uk.
Links to other websites
Our website may contain links to other websites which may differ from those of CloudCall365. However, once you have used these links to leave our site, we do not have any control over external sites. Therefore, we cannot be responsible for the protection and privacy of any of your Personal Information submitted to any of those sites.
Social media widgets
We would like to send you future information about our services which may be of interest to you. If you have consented to receive marketing, you may opt out at any point as set out below. You have a right at any time to stop us from contacting you for marketing purposes. You do not need to demonstrate grounds for your objection. To opt out please email: dataprotectionofficer@CloudCall365.co.uk or write to us at the following address: DPO, CloudCall365, 1 The Broadway, Andover, Hampshire, SP10 2JF.