Under EU data protection laws, personal information may only be used where one of the following applies:
Generally, we will process data on one of the first two grounds listed above. If we are processing on the basis of consent, you will be presented with an opportunity to consent at the point where we collect your data. You may withdraw your consent at any time through the data preference centre (see further details below. If we are processing on the basis of our need to achieve a legitimate interest, the nature of that interest is set out below.
GForces uses Amazon Web Services, Inc. as its cloud platform provider. All data processed by GForces is stored on Amazon’s web servers in Ireland.
WHAT INFORMATION DO WE COLLECT?
If you visit our website
When someone visits www.netdirector.co.uk we use a third party service, Google Analytics, to collect standard internet log information (your IP address, browser, and type of device) and details of visitor behaviour patterns (where you joined our site from, the path you take through our site and where you leave). We do this for the legitimate business purpose of monitoring the number of visitors to the various parts of the site and engagement levels, which in turn enables us to make improvements. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
In addition, we may track users’ actions from time to time so that we can verify what changes have been made by what users. This is done to ensure that if any errors are made that adversely affect the software or website that we provide to you, we can quickly identify what changes have been made.
If you call our contact numbers
When you call GForces’ contact numbers we collect Calling Line Identification (CLI) information (which means we store the number you are calling from). We use this information for legitimate business purposes, i.e. to help improve the efficiency and effectiveness of our services. This information is stored for a maximum of 45 days within GForces NetDirector Call Manager Software.
If you email us
Any email sent to us, including any attachments, may be monitored by us for cybersecurity reasons. Email blocking software may also be used. GForces has a legitimate business interest in using your email address, and any personal data included in your message, to resolve and respond to any issues raised. Your email will be handled in line with our policies, depending on the nature of your enquiry.
We use a third party provider, ZenDesk, to supply and support our Customer Support system, which handles enquiries sent to a support inbox (e.g. firstname.lastname@example.org) This data is stored by ZenDesk in the EEA and sometimes the US. If the data is stored in the US it is done so under the EU-US privacy shield framework (which provides protections for an individual’s personal data when it is transferred from the EU to the US). The data is stored indefinitely by Zendesk. Your email may be shared within GForces so that your enquiry may be dealt with.
Emails sent to named individuals within GForces (e.g. email@example.com) will be stored on our systems indefinitely for the legitimate business purpose of resolving your enquiry and then checking how enquiries have been dealt with, but will not be processed for any other purposes. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
If you use our enquiry form(s)
When you submit information via our enquiry form, we collect your name, email address and telephone number. We need to collect this for the legitimate business purpose of processing your enquiry (we collect both email and telephone contact details in case we cannot reach you using one of these).
The form automatically creates a digital file for you in our Customer Relationship Manager (CRM) software, which is provided and hosted by a third party, Enable Technologies. Enable Technologies may access this data from time to time with GForces’ permission for fault investigation and resolution purposes. The digital file is stored indefinitely. We may use the data to contact you in the future where we have a legitimate interest in doing so (but you may ask for it to be deleted in accordance with the section below on your rights to manage your personal information).
If you use our LiveChat service
We use a third party provider, ZenDesk, to supply and support our LiveChat service, If you use the LiveChat service we will collect your name and email address if you provide this and any other personal information that you volunteer to us. This is used for the legitimate business purpose of handling customer enquiries in real time and then following up. The data is stored by ZenDesk in the EEA and sometimes the US. If the data is stored in the US it is done so under the EU-US privacy shield framework (which provides protections for an individual’s personal data when it is transferred from the EU to the US). The data is stored indefinitely by Zendesk. If you are new to GForces the personal data you include in your chat may also be used to create a digital file for you in our Customer Relationship Manager (CRM) software (see the section above for further information on data held on our CRM system).
If you work for a customer
Our customers provide us with names and contact details (email addresses and phone numbers) of people within their business who are involved in managing GForces products.
These details are stored within our NetDirector system for the legitimate business purpose of allowing access to our products. They are retained in the system until the customer chooses to delete them. At the end of the contract with the customer, GForces will delete the data from the NetDirector system.
The details are also stored indefinitely on our CRM system (see above) and used for the following legitimate business purposes:
If we contact you as part of an email campaign going to all our contacts, we may use a third party e-mail campaign provider. If the provider is based in the US, we will ensure that they are part of the EU-US privacy shield framework.
If you make a complaint to us
When we receive a complaint from a person we make up a digital file containing the details of the complaint and store it on our system. The file normally contains the identity of the complainant (together with any contact details provided) and any other individuals involved in the complaint.
We will only use the personal information we collect for legitimate business purposes, i.e. processing the complaint and checking on the level of service we provide.
We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for three years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
HOW CAN YOU MANAGE YOUR PERSONAL INFORMATION?
Under data privacy laws, you have the rights to:
Our online data preference centre helps you to exercise the rights that data privacy laws give you and control your personal information. It contains five separate forms, as set out below.
You can ask to see any personal information that we hold (known as a “subject access request”) by submitting the form on the “See your data” tab. Alternatively you may make a subject access request in writing, addressing it to our Data Protection Officer at the address provided below.
If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.
By completing the form on the “transfer your data” tab, you can ask us to provide your data to a third party. Again, this request may be made in writing to the Data Protection Officer.
You can ask us to delete the information we hold about you by completing the form on the “delete your data” tab (or by writing to the Data Protection Officer).
If we do hold information about you, you can also ask us to correct any mistakes by completing the form on the “Change your data” tab. Alternatively you may contact the Data Protection Officer at the address below.
On the “marketing preferences” tab, you can tell us how you would like us to send you marketing information, or ask us to stop marketing to you entirely. Just complete the form, or contact the Data Protection Officer at the address below.
Any data collected through the data preference centre is stored indefinitely so that we are able to demonstrate our compliance with data privacy laws.
DO WE SHARE YOUR PERSONAL INFORMATION?
Other than as outlined above (for example where we use third party service providers), we will not usually disclose personal data. However we may disclose your information to third parties in the following circumstances:
if we are under a legal or regulatory obligation to do so;
if we believe you are or may be a threat to safety, security, property, our rights or the rights of others; or
in a merger, acquisition, change of control, joint venture or other business combination involving GForces.
HOW CAN YOU MAKE A COMPLAINT ABOUT OUR USE OF DATA?
GForces tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
Any complaints should be addressed to the Data Protection Officer using the contact details below. If we fail to resolve your complaint to your satisfaction, you have the right to contact the UK Information Commissioner. For further information on how to do that, please go to the following webpage: https://ico.org.uk/concerns.
HOW CAN YOU CONTACT US?
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of GForces’ collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
FAO Data Protection Officer
G-Forces Web Management Ltd
Corbin Business Park