DS4A Limited are committed to respecting and protecting the privacy of anyone using our site and / or services, and the confidentiality of any information that you provide us with. The purpose of this statement is to set out how we use any personal information that you may provide us with.

Meanings & Abbreviations

DPA - UK Data Protection Act

GDPR - European Union General Data Protection Regulation

UK - United Kingdom

EU - European Union

US - United States of America

PSFP -Privacy Shield Framework Principles

ICO - Information Commissioners Office

2FA - Two Factor Authentication

We / Us - DS4A Limited, Company No. 06417612

 

Data Protection Act 1998 (‘the Act’)

We are registered under the Data Protection Act and comply with the Act in all our dealings with your personal data.

We comply with the General Data Protection Regulations comply with the regulations in all our dealings with your personal data.

Controllers and Procesors

DS4A Limited is a data Controller and / or data Processor

Purpose of Processing

The purpose of processing is for one or all of the following:

The provision of contracted services and their reasonable administration for clients, suppliers and employees.

The operation of billing and other finance systems for clients, suppliers and employees.

The provision of client, supplier and employee data to third parties for the provision, operation and maintenance of those services, administration and other systems that could be reasonably expected to be operated by us in the provision of services, purchasing and employment.

Collection, Use and Storage of personal information

In general you can visit our website without telling us who you are and without revealing any information about yourself. If, however, you use our site or services you will need to register and you will be asked to provide certain information such as your contact details. We will store this data and hold it on computer or other media.

We may use information that you provide:

  • To register you with our website and to administer it.

  • To provide our services to you that you have contracted with us to provide.

  • For assessment and analysis, e.g. marketing, customer and product analysis, to enable us to review, develop and improve our services.

If you do not want us to use data in this way, or for marketing purposes, please tick the relevant box situated on the form on which we collect your data. We will never pass your personal data to third parties other than in as far as is needed to fulfill our contract for services with you, or where we are required by regulation or law.

We may disclose your personal information to third parties:

  • In the event we sell or buy any business or assets, in which case we might disclose your personal data to the prospective buyer or seller but only if this was absolutely required.

  • If we are under a legal duty to disclose or share your personal data in order to comply with or meet any legal obligation or order of a court.

Consent

By providing us with personal information you will be consenting for us to process that data to enable us to provide our services to you under a contract for service, contract of employment or request for services or goods. You may with draw consent for processing in as far as the law allows. However should the withdrawal of consent affect our ability to provide services, employment or purchase services or goods you acknowledge that we will have the right to cease to provide such until we have adequete consent to allow us to do so. You acknowledge that cessation of provision due to withdrawal of consent will not be a breach of contract to provide you with service or goods, employment or purchase of goods and services.

Storage of data

Unless stated elsewhere all personal data will be stored within the UK, or one or more countries comprising the EU, and some limited services such as VOIP and related services may store personal data in the US. All data stored with the UK & EU will be subject the requirements of the DPA and GDPR. When stored in the US the requirements of the DPA and GDPR will be fulfilled under the PSFP implemented by those third parties required to process and control data for the provision of contracted services and their administration.

Duration of Data Storage

DS4A will store date for no longer than is reasonably required to provide contracted services, administration or employment functions.

It most cases we will delete most personal data within 60 days of termination of contracted services or employment. We will retain data for longer where regulation or law requires us to do so.

Where personal data is held within data backup and archival systems, this data will be deleted within 180 days after termination of services or employment. We will retain data for longer where regulation or law requires us to do so.

Accuracy of Data

We provide self service systems to manage and update your personal data. This may include, but is not limited to your name, address, contact information such as email and telephone numbers, payment methods and payment information. These self service systems also include the ability to add and terminate services. You are the supplier and maintainer of such infromation. This can be done via your account portal which can be accessed with the username and password you created during the service sign-up process.

The client account portal can be found by going to: https://servicehub.ds4a.co.uk

Cookies

We collect information directly from you in a number of ways. One way is through our use of ‘cookies’. Most websites use cookies in order to make them work, or to work more efficiently, as well as to provide information to the owners of the website. They help us to understand how our customers and potential customers use our website so we can develop and improve the design, layout, content and function of the site. Cookies are small text files that are placed on your computer’s hard drive by websites that you visit. They save and retrieve pieces of information about your visit to the website – for example, how you entered the site, how you navigated through the site and what information and documentation was of interest to you. This means that when you go back to a website, it can give you tailored options based on the information it has stored about you on your last visit.

Some of our cookies are used to simply collect information about how visitors use our website and these types of cookies collect the information in an anonymous form.

Where there is a login process relating to buying products or services from us we may also use cookies to store personal registration information so that you do not have to provide it to us again on subsequent visits.

The rules about cookies on websites have recently changed. If you are uncomfortable with the use of cookies, you can disable cookies on your computer by changing the settings in the preferences or options menu in your browser. You can set your browser to reject or block cookies or to tell you when a website tries to put a cookie on your computer. You can also delete any cookies that are already stored on your computer’s hard drive. However, please be aware that if you do delete and block all cookies from our website, parts of the site will not then work. This is because some of the cookies we use are essential for parts of our website to operate. Likewise, you may not be able to use some products and services on other websites without cookies.

To find out more about cookies, including seeing what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.

If you do not wish to accept cookies from our website, please leave this site immediately and then delete and block all cookies from this site. Alternatively, you may opt out of receiving information from us by e-mail, telephone, fax or post. Our phone number is (details), or you can e-mail us on (details).

Security

We endeavour to take all reasonable steps to protect your personal information. We do this in a number of ways.

Store data on systems and within software applications that either encrypt data at rest or use username and password combinations to control access to such systems and applications. We have put in place a system to ensure passwords meet a minium security criteria such as their length, types of characters and mix of case.

It is your responsibility to ensure the security of such passwords. Should you believe a password has been compromised you must change the affected password using the self service systems we provide.

We provide a number of systems that allow for the provision of 2FA. We would recommend that these are used where provided and advise you that your data security may be diminished if you choose not to implement such security measures.

Whilst we will take all reasonable steps to protect your data, we cannot guarantee the security of any data that you disclose online and we will not be responsible for any breach of security unless this is due to our negligence or wilful default.

reCaptcha

To help ensure security and system stability we protect forms with Google reCaptcha. When you enter infromation into a form field data is passed to Googles reCaptcha API to determine if submissions are being automated.

By entering data into a form and pressing the 'Search', 'Submit', 'Sign-In', 'Enter' or similalry titled form button you understand some personal data will be passed to Googles reCaptcha API and by presing the relevent button you confirm you agree to to such transfer and processing of your data. If you do not agree, do not press the relevent button.

The terms of use and privacy statement in relation to this data can be viewed here:

https://www.google.com/intl/en/policies/privacy/

https://www.google.com/intl/en/policies/terms/

 

Your rights

You have the right to ask us not to process your personal data for marketing purposes. We will aim to inform you before collecting your data if we intend to use your data for such purposes or we intend to disclose your information to any third party for such purpose. You can exercise your right to prevent this happening by checking certain boxes on the forms we use to collect your data.

You have the right to see personal data (as defined under the Data Protection Act) that we keep about you upon receipt of a written request and payment of the relevant fee. This fee is limited by law to a maximum of £10 (correct as at December 2016). Any request should be sent to:

DS4A Limited.

The Data Protection Officer

See our 'Contact Us' section for our correct postal address.

You have the right to complain if you think we are handling your data contrary to the DPA or GDPR. In the first instance we would recommend you engage with us to resolve any issues you may have. You can do so by contacting us as above for Data Subject Access Requests.

You may complain directly in the UK to the ICO. Their website contains details about how to do this and can be found here: https://www.ico.org.uk

Further Information

The ICO in the UK has a very informative website (https://www.ico.org.uk) and also has a telephone help-line. They are the body responsible for information regarding and enforcement of the DPA and GDPR in the UK. We would recommend that for further unbiased information about DPA and GDPR you refer to the resources they make freely available via their website or telephone help-line.

Dated: 10/05/2018