Issue Date: 26–JUN–2023
This Privacy Notice tells you what to expect in relation to personal information about you which is collected, handled and processed by NVOY Technologies.
NVOY Technologies of 30 Crown Place, Earl Street, London EC2A 4EB
We acknowledge and agree that any personal data of yours that we handle will be processed in accordance with all applicable data protection laws in force from time to time in particular the UK and EU General Data Protection Regulations (“GDPR”) and the Data Protection Act 2018.
What information do we collect?
NVOY Technologies provides Managed IT Services for fast growing companies.
In order to provide these services we need to collect personal information about yourself and (where applicable) your organisation. The information that we need to collect will include but is not limited to:
Contact details: your name, organisation, email address, and telephone number, so that we can contact you in response to an enquiry you make via our Site or in relation to the services that we have from time to time agreed to provide to you. This information is processed under the lawful basis of Legitimate Interest.
Correspondence: we collect any additional personal data that you may provide to us from time to time if you contact us by email, letter or telephone, through our Site, or by any other means. This information is processed under the lawful basis of Legitimate Interest.
Who we collect personal data about:
We collect the personal data of:
- Potential customer Contractors
How do we use the personal details you provide us:
To provide you with the products and services you have requested.
We use your personal data to accept you as a new, existing, or returning customer to provide you with the services you have requested in accordance with our Terms of Business.
To send you communications, including, in relation to changes to our Terms of Business
We use the contact details you have provided to us so that we can communicate with you about the services that we provide, including to let you know about major changes to those services or to our Terms of Business between us or to any related information.
If you have provided your consent or we otherwise have the right to do so, we may use your contact details to send you direct marketing and keep you informed of promotional offers by email, SMS, post or telephone relating to our services.
You can unsubscribe from our direct marketing at any time by contacting us at firstname.lastname@example.org
To maintain our records and improve data accuracy
Like any business, we process personal data in the course of maintaining and administering our internal records. This includes processing your personal data to ensure that the information we hold about you is kept up to date and accurate.
To respond to enquiries, complaints and disputes
We use the personal data we hold about you to help us respond to any enquiries or complaints you have made, or deal with any dispute which may arise in the course of us providing our products and services to you, in the most effective manner.
To investigate, detect and prevent fraud and comply with our legal obligations
In certain circumstances, we use your personal data only to the extent required in order to enable us to comply with our legal obligations, including for fraud detection, investigation and prevention purposes. This may require us to provide your personal data to law enforcement agencies if they request it.
When do we share personal data?
We may disclose your personal data if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to protect the rights, property, or safety, of our business, our customers or others. This includes, in specific cases, exchanging information with other organisations for the purposes of fraud protection.
We do not share or sell your data with third parties.
Where do we store and process personal data?
How do we secure personal data?
NVOY Technologies takes data security seriously and uses the appropriate technologies and procedures necessary to protect the personal information that it holds about you.
- to protect data against accidental loss
- to prevent unauthorised access, use, destruction or disclosure
- to ensure business continuity and disaster recovery
- to restrict access to personal information
- to conduct privacy impact assessments (where necessary) in accordance with the law
- to train staff on data security
How long do we keep your personal data for?
We retain your personal data for no longer than is necessary for the purposes(s) for which it was provided. What this means in practice will vary between different types of data.
When determining the relevant retention periods, we take into account factors including:
- legal obligation(s) under applicable law to retain data for a certain period of time;
- statute of limitations under applicable law;
- potential or actual disputes; and
- guidelines issued by relevant data protection authorities.
Where you are a client of NVOY Technologies, personal data will be retained for the duration of the contract and for a further seven years after the contract ends.
Where you have made an enquiry to NVOY Technologies, personal data will be retained for as long as it is necessary to respond to that enquiry and for a further period of two years from the date of the response in order for us to provide you with additional information about our services after which time it is destroyed. You may withdraw your consent to receiving this additional information at any time during that period.
Therefore, we will securely erase your personal data from our systems when it is no longer needed. Paper-based information is securely shredded and disposed of, and electronic information is digitally destroyed and a certificate of destruction is obtained (where applicable).
Your rights in relation to personal data
- Rights to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights.
- Right of access
You have the right to obtain access to your personal data (if we are processing it) and certain other information (similar to that provided in this Privacy Notice).
- Right to rectification
You are entitled to have your personal data corrected if it is inaccurate or incomplete.
- Right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms; enable you to request the deletion or removal of your personal data where there is no compelling reason for us to keep using it.
This is where the personal data is no longer necessary for the purpose for which it was originally collected or processed it for; and we are relying on consent as the lawful basis for holding your data, and you withdraw your consent or where we are relying on legitimate interests as the basis for processing, your data and you object to the processing of your data, and there is no overriding legitimate interest to continue this processing. There is no right to erasure for data collected under the lawful basis of Contract or Public Task where that purpose remains.
- Right to restrict processing
You have the right to ‘block’ or supress further use of your personal data in certain circumstances. When processing is restricted, we can still store your personal data, but may not use it further.
- Right of data portability
You have the right to obtain and reuse your personal data in a structured, commonly used and machine-readable format in certain circumstances where the lawful basis for processing the information is consent or for the performance of a contract; and the processing has been carried out by automated means. This right does not apply to paper-based files.
- Right to object to processing
You have the right to object to our processing of your personal data for our legitimate business interests or for direct marketing purposes.
- Right to withdraw consent to processing
If you have given your consent to us to process your personal data for a particular purpose (for example, direct marketing), you have the right to withdraw your consent at any time (although if you do so, it does not mean that any processing of your personal data up to that point is unlawful).
- Right to make a complaint to the data protection authorities
If you would like to exercise your data protection rights or if you are unhappy with how we have handled your personal data, please feel free to contact us at email@example.com
If you’re not satisfied with our response to any enquiries or complaint or believe our processing of your personal data does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO):
Information Commissioner’s Office
Tel: 0303 123 1113 (local rate) or 01625 545 745 Fax: 01625 524 510