DS4A Limited are committed to respecting and protecting the privacy of anyone using our site and / or services, and the confidentiality of any information that you provide us with. The purpose of this statement is to set out how we use any personal information that you may provide us with.
Meanings & Abbreviations
DPA - UK Data Protection Act
GDPR - European Union General Data Protection Regulation
UK - United Kingdom
EU - European Union
US - United States of America
PSFP -Privacy Shield Framework Principles
ICO - Information Commissioners Office
2FA - Two Factor Authentication
We / Us - DS4A Limited, Company No. 06417612
Data Protection Act 1998 (‘the Act’)
We are registered under the Data Protection Act and comply with the Act in all our dealings with your personal data.
We comply with the General Data Protection Regulations comply with the regulations in all our dealings with your personal data.
Controllers and Procesors
DS4A Limited is a data Controller and / or data Processor
Purpose of Processing
The purpose of processing is for one or all of the following:
The provision of contracted services and their reasonable administration for clients, suppliers and employees.
The operation of billing and other finance systems for clients, suppliers and employees.
The provision of client, supplier and employee data to third parties for the provision, operation and maintenance of those services, administration and other systems that could be reasonably expected to be operated by us in the provision of services, purchasing and employment.
Collection, Use and Storage of personal information
In general you can visit our website without telling us who you are and without revealing any information about yourself. If, however, you use our site or services you will need to register and you will be asked to provide certain information such as your contact details. We will store this data and hold it on computer or other media.
We may use information that you provide:
To register you with our website and to administer it.
To provide our services to you that you have contracted with us to provide.
For assessment and analysis, e.g. marketing, customer and product analysis, to enable us to review, develop and improve our services.
If you do not want us to use data in this way, or for marketing purposes, please tick the relevant box situated on the form on which we collect your data. We will never pass your personal data to third parties other than in as far as is needed to fulfill our contract for services with you, or where we are required by regulation or law.
We may disclose your personal information to third parties:
In the event we sell or buy any business or assets, in which case we might disclose your personal data to the prospective buyer or seller but only if this was absolutely required.
If we are under a legal duty to disclose or share your personal data in order to comply with or meet any legal obligation or order of a court.
By providing us with personal information you will be consenting for us to process that data to enable us to provide our services to you under a contract for service, contract of employment or request for services or goods. You may with draw consent for processing in as far as the law allows. However should the withdrawal of consent affect our ability to provide services, employment or purchase services or goods you acknowledge that we will have the right to cease to provide such until we have adequete consent to allow us to do so. You acknowledge that cessation of provision due to withdrawal of consent will not be a breach of contract to provide you with service or goods, employment or purchase of goods and services.
Storage of data
Unless stated elsewhere all personal data will be stored within the UK, or one or more countries comprising the EU, and some limited services such as VOIP and related services may store personal data in the US. All data stored with the UK & EU will be subject the requirements of the DPA and GDPR. When stored in the US the requirements of the DPA and GDPR will be fulfilled under the PSFP implemented by those third parties required to process and control data for the provision of contracted services and their administration.
Duration of Data Storage
DS4A will store date for no longer than is reasonably required to provide contracted services, administration or employment functions.
It most cases we will delete most personal data within 60 days of termination of contracted services or employment. We will retain data for longer where regulation or law requires us to do so.
Where personal data is held within data backup and archival systems, this data will be deleted within 180 days after termination of services or employment. We will retain data for longer where regulation or law requires us to do so.
Accuracy of Data
We provide self service systems to manage and update your personal data. This may include, but is not limited to your name, address, contact information such as email and telephone numbers, payment methods and payment information. These self service systems also include the ability to add and terminate services. You are the supplier and maintainer of such infromation. This can be done via your account portal which can be accessed with the username and password you created during the service sign-up process.
The client account portal can be found by going to: https://servicehub.ds4a.co.uk
Some of our cookies are used to simply collect information about how visitors use our website and these types of cookies collect the information in an anonymous form.
To find out more about cookies, including seeing what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
If you do not wish to accept cookies from our website, please leave this site immediately and then delete and block all cookies from this site. Alternatively, you may opt out of receiving information from us by e-mail, telephone, fax or post. Our phone number is (details), or you can e-mail us on (details).
We endeavour to take all reasonable steps to protect your personal information. We do this in a number of ways.
Store data on systems and within software applications that either encrypt data at rest or use username and password combinations to control access to such systems and applications. We have put in place a system to ensure passwords meet a minium security criteria such as their length, types of characters and mix of case.
It is your responsibility to ensure the security of such passwords. Should you believe a password has been compromised you must change the affected password using the self service systems we provide.
We provide a number of systems that allow for the provision of 2FA. We would recommend that these are used where provided and advise you that your data security may be diminished if you choose not to implement such security measures.
Whilst we will take all reasonable steps to protect your data, we cannot guarantee the security of any data that you disclose online and we will not be responsible for any breach of security unless this is due to our negligence or wilful default.
To help ensure security and system stability we protect forms with Google reCaptcha. When you enter infromation into a form field data is passed to Googles reCaptcha API to determine if submissions are being automated.
By entering data into a form and pressing the 'Search', 'Submit', 'Sign-In', 'Enter' or similalry titled form button you understand some personal data will be passed to Googles reCaptcha API and by presing the relevent button you confirm you agree to to such transfer and processing of your data. If you do not agree, do not press the relevent button.
You have the right to ask us not to process your personal data for marketing purposes. We will aim to inform you before collecting your data if we intend to use your data for such purposes or we intend to disclose your information to any third party for such purpose. You can exercise your right to prevent this happening by checking certain boxes on the forms we use to collect your data.
You have the right to see personal data (as defined under the Data Protection Act) that we keep about you upon receipt of a written request and payment of the relevant fee. This fee is limited by law to a maximum of £10 (correct as at December 2016). Any request should be sent to:
The Data Protection Officer
See our 'Contact Us' section for our correct postal address.
You have the right to complain if you think we are handling your data contrary to the DPA or GDPR. In the first instance we would recommend you engage with us to resolve any issues you may have. You can do so by contacting us as above for Data Subject Access Requests.
You may complain directly in the UK to the ICO. Their website contains details about how to do this and can be found here: https://www.ico.org.uk
The ICO in the UK has a very informative website (https://www.ico.org.uk) and also has a telephone help-line. They are the body responsible for information regarding and enforcement of the DPA and GDPR in the UK. We would recommend that for further unbiased information about DPA and GDPR you refer to the resources they make freely available via their website or telephone help-line.