Altodigital Networks Ltd
Data Privacy Notice
Version 1.4 November 2019
Our Contact Details
Name: Data Protection Officer
Address: Altodigital Networks Ltd
93 Vantage Point
Phone Number: 01384 404660
Email Address: firstname.lastname@example.org
Altodigital Networks Ltd is the controller for the personal information we process, unless otherwise stated.
For general enquiries please use the Contact Us page on our website.
The type of information we have
We currently collect and process the following types of information:
- Personal identifiers including name, contact details, address, job role, business name
- Additional personal information if you are applying for a job with us including previous employment and details of education and training
- Products and services that you have expressed an interest in
- Personal identifiers associated with web browsing activity when using our website
How we get the information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:
- To provide information about our products and services
- To fulfil a contract with have with your business
- You have applied for a job with us
We also receive personal information indirectly, from the following sources in the following scenarios:
- From data brokers and professional organisations that provide verified business contact details for companies that might be interested in our products and services. We will also supplement this information with publicly available data
- An employee of ours gives your contact details as an emergency contact or a referee
- Website usage data from cookies is fed into analytics services which tells us about your visits to our website
As we provide IT services to a range of organisations, we routinely support and maintain IT systems that may contain personal information relating to the employees, suppliers or customers of those organisations. In these circumstances we are acting as a Data Processor for our customer and are bound by the contract we have with that organisation.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
- Your consent
Note; you are able to remove your consent at any time. You can do this by contacting email@example.com
- We have a contractual obligation
- We have a legitimate interest
What we do with the information we have
We use the information that you have given us for the following reasons:
- In order to contact you about products and services we think you would be interested in
- To process an order you or your business has placed with us
- To provide support and maintenance related to the products or services you or your business has purchased from us
- To deal with an enquiry you have made
- To process a job application you have made with us. Note if you are successful in your application, we will require additional personal information to allow us to act as your employer. This will be set out in your Employment Contract and Job Offer.
In addition, we will carry out the following data collection and processing activities.
If you contact us by phone, we will record the phone number you are calling from (if it’s not withheld). We hold a log of the phone number, date, time and duration of the call, and if you call our contact centre, we will record the call itself. We hold this information for 90 days. We use this information to understand the effectiveness of our services and to improve how we operate. We may also use the number to call you back if you have asked us to do so, if your call drops, or if there is a problem with the line. We record calls made to the contact centre for training or quality assurance purposes.
Third party processors
We may share the information we have collected with our sub-contractors and suppliers who help us run our business and deliver services. These organisations are acting as data processors or as joint data controllers with us and includes:
- Logistics companies and suppliers who deliver products to you on our behalf
- Product and service suppliers we use to help us deliver our service to you such as consumable suppliers, device manufacturers, software vendors, other IT service providers, finance and leasing companies
- We also use a marketing company to help deal with enquiries we receive via the website and to send details of promotions we are running.
We have contracts in place with our data processors and joint controllers. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct. We will only share the minimal amount of information necessary to enable them to carry out the contract they have with us.
Profiling and automated decision making
We categorise all our customers based on the sector their organisation operates in and its geographic region. As a result, a profile for each individual will be populated with this information along with any preferences and expressions of interest in specific products and services. We then use these profiles to help better target marketing campaigns or exclude you from such communications.
If you have successfully applied for a job with us we may require an enhanced DBS check depending on the role. This is because some of our customers work with children or other vulnerable groups. If this applies to you it will be communicated along with the Offer Letter.
How we store your information
The information we collect is securely stored within UK data centres.
In addition, with the help of a UK based marketing company, we use a US based company for marketing activities. They process business contact details and marketing preferences which are stored in various overseas locations managed by the supplier who have signed up to the EU-US Privacy Shield.
Unless specified, we keep your contact details and records of your interactions with us for up to six years after the last transaction. We will then dispose of your information by securely removing it from our applications and any backups. We will also shred any printed documents.
If you apply for a job with us but are unsuccessful, we will keep your details for 6 months to review and improve our recruitment practices.
How we secure your information
We are certified to ISO/IEC 27001:2013 and as a result have completed a risk assessment of all of our information collection, storing and processing activities including those of our suppliers. We have implemented a comprehensive set of organisational and technical controls to mitigate these risks including but not limited to ensuring policy is in place and is being followed, data is encrypted in transit and at rest where appropriate, physical and network security is in place to protect processing facilities, software is kept up to date, malware protection is in place, removable media is restricted, systems are configured to minimise exposure, user access is managed, staff are vetted, trained and made aware of new threats, monitoring is in place and incidents are identified and responded to.
Data about children
We do not provide services directly to children or proactively collect their personal information. However, we are sometimes given access to IT systems that may contain information about children while supporting or maintaining an IT system. The information in the relevant parts of this notice applies to children as well as adults.
Our website uses various cookies. A cookie is a small file of letters and numbers that we put on your computer if you agree. These cookies allow us to distinguish you from other users of our website, which helps us to provide you with a good experience when you browse our website and allows us to improve our site. The cookies we use are "analytical" cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the site when they are using it. This helps us to improve the way our website works, for example by ensuring that users are finding what they are looking for easily.
Your data protection rights
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at firstname.lastname@example.org if you wish to make a request.
How to complain
You can also complain to the ICO if you are unhappy with how we have used your data or responded to a request.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
Changes to this notice
We strive to keep the information in this Privacy Notice up to date and accurate. Here is a summary of the changes we have made in the current and previous versions.
Approved and published
Revised wording to be consistent with our updated Data Protection Policy
Internally reviewed and minor corrections made
Updated contact details and added details about children’s data
Added more details about what is being processed and why