top of page

 

Privacy Policy

 

Scope

​

This policy sets out the basis by which any personal data collected from or provided to Hosted Connections Limited (“Hosted Connections Ltd”, “we”, “us”, “our”) by you, the data subject, will be processed. We are committed to protecting and respecting the privacy of our associates, employees, clients and any users of our services. Please read this privacy policy carefully so you understand our views and practices regarding your personal data and how we will treat it.

 

Understanding GDPR

​

To understand GDPR as it relates to data storage and data protection, it is useful to understand the following basic terminology:

 

Data subject

​

A citizen of the EU who is identifiable by their personal data. This may include a consumer making an online purchase, a user on an IT resource system, a citizen accessing online services and so on: any individual providing personal information to use some type of services.

 

Processor

​

A commercial business like a cloud service provider that acts as a contractor to a controller, i.e., another business serving EU citizens that captures sensitive data on individuals. Examples include application hosts, storage providers, and providers of cloud services like backup.

 

Right to be forgotten

​

The right of every EU citizen “to have his or her personal data erased and no longer processed.” Individuals may request the deletion of all their personal data stored on a controller’s servers and/or on their system management system.

 

Controller

​

A business operating within the EU — or outside of the EU but dealing with EU residents — that captures sensitive data about EU residents during its operations. This include a provider accepting online orders, addressees, and payment information from consumers, this also extends to customer records for any service-related request.

 

Personal data

​

"Any information relating to an identified or identifiable natural person.” This is more broadly defined by the EU than other governments, and includes the EU citizen’s name, email address, social media posts, physical, physiological, or genetic information, medical information, location, bank details, IP address, cookies, cultural identity, etc.


Contact Details

​

Hosted Connections Limited is a company registered in England and Wales (Registration number 9484304) whose registered address is 42 High Street, Flitwick, Bedfordshire, MK45 1DU. The Hosted Connections Data Protection Officers contact details can be found at the end of this document.

 

Responsibilities

​

The Data Protection Officer (DPO) is responsible for ensuring that this privacy policy is made available to all data subjects prior to us processing their personal data. All our employees or associates who interact with data subjects are responsible for ensuring that this privacy policy is drawn to the data subject’s attention and their consent to the processing of their data is secured.

 

Privacy Policy

 

Who are we?

​

We are a communications company which specialises in Telecommunications, Connectivity and IT services. We provide Hosted and On-premises PBX systems, analogue and fibre connectivity, analogue lines, number routing, provisioning and porting. We provide support to all products we offer.

 

Cookie and analytical data

​

Hosted Connections do not capture any cookie or analytical data from their website.

 

What personal information do we collect and why do we do it?

​

Unless otherwise stated, the information we process is in relation to our employees, associates and clients only. This information is provided directly to us by the data subject with their permission. We hold no other personal information

​

Special Category Data

​

We also process a small amount of special category information, with regards to our employees and those associates that are contracted to Hosted Connections Limited. This is limited to:

 

Financial information: This is used initially to set up the payment for employees and contracted associated.

 

Although we do not hold any additional special category information, as part of some client contracts, there may be instances where we will have visibility of such information. If this is the case the information will be captured within each specific contract. Where there is a requirement to store and protect such information, it shall be documented accordingly. We are committed to protect all information provided to us, with all special category data compartmented and secured accordingly.


Purpose this information is held, processed, used and disclosed

​

  • To maintain our accounts and records to support and manage our employees and shareholders.

  • To carry out obligations arising from any contracts entered into between you as the associate and us.

  • In order to comply with any applicable law and regulatory requirements

  • Where data is contractually required for processing, Hosted Connections Limited may processes data without consent in order to fulfil contractual obligations (bank details to process salary)

 

Our legal basis for processing for the personal data

 

We shall ensure that processing remains lawful to the extent that:

 

  • The data subject has given consent to process their data for specific purposes detailed above

  • The processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract

  • Processing is necessary for compliance with legal obligations to which the controller is subject, this could include for the purpose of detecting crime, fraud and in order to comply with any other applicable law.

​

Consent

 

Where our processing is based on consent, our controller shall be able to demonstrate that the data subject has consented to the processing of their personal and special category data.

 

Consent is required for us to process both personal and special category data, but it must be explicitly given. Where we are asking you for special category data we will always tell you why and how the information will be used and stored.

 

By consenting to this privacy policy, you are giving us permission to process your personal data specifically for the purposes identified.

 

You may withdraw consent at any time by contacting our Data Protection Officer and stating:

 

“I, [data subject name], withdraw my consent to process my personal data from Hosted Connections Ltd. Hosted Connections Limited no longer has my consent to process my personal data for the purpose of [specify legitimate reason of processing personal data], which was previously granted”.

 

Once received we shall adhere to the data protection requirements and cease processing your information in line with Article 6, 1 a-f of the lawfulness of processing principle.

 

Where there is a contractual obligation to process personal information all data processing is carried out in accordance with the handling requirements detailed within
each specific contract, with deletion and return of personal data captured as part of the contract.

 

Disclosure

 

Hosted Connections Limited WILL NOT pass on your personal data to any third parties without first obtaining your consent.

 

Retention period

 

We implement a Retention, Review and Disposal (RRD) process for all our information not just personal data.

 

For the purpose of process personal data, the following applies:

 

  • Our staff/employees, and any contracted associates, data we will be retained during the term of their employment and for 7 years thereafter.

  • Our associates not contracted through us, CV’s shall be removed after a 12-month period, with each associate given the option to update their CV or removed their personal information altogether.

  • For information provided as part of the “leave us a message” contact/customer information, the request of name, email, phone and message are only retained to allow a response to the data subject. This information is only retained for a maximum of 30 days and then removed from the Hosted Connections system.

​

If there is a business requirement to retain the “leave a message” information, i.e. services are requested and/or a contract agreed, then the information will be retained and agreed as part of that contract.

 

At the end of the agreed retention period your information will be securely and confidentially destroyed.

 

Where there is contractual obligation to process personal information, the retention period of this information will be in line with the contract specification. All personal information will be deleted or returned as per the requirements captured within each contract.

 

Data Security

 

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or access in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees who have a business need to know. They will only process your information on our instructions, and they are subject to a duty of confidentiality.


Your rights as a data subject

 

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

​

  • Right of access – you have the right to request a copy of the information that we hold about you.

  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.

  • Right to be forgotten – in certain circumstances, you can ask for the data we hold about you to be erased from our records.

  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.

  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.

  • Right to object – you have the right to object to certain types of processing such as direct marketing.

  • Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.

  • Right to judicial review: in the event that Hosted Connections Limited refused your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in the complaint’s clause below.

 

Complaints or concerns

 

If you wish to exercise your rights or raise a complaint or have any concerns with the way we have handled your personal data, you can contact us through:

​

Hosted Connections Data Protection Officer

Marks Mews

2a Castle Lane

Bedford

MK403XD

​

Email: info@hostedconnections.co.uk

bottom of page