We are compliant with the new 2018 GDPR Regulations
If you have any questions regarding data we hold, or wish to exercise any of your rights outlined below then please consult our business details here to get in touch
Zen Computers Ltd, 53 High Street, Glastonbury, Somerset UK
Registered Company No. 10923948
Vat Registered 284728955
Telephone : 01458 899845
Email : firstname.lastname@example.org
About the information we store
What information do we store ?
Why do we store this information ?
We store this information solely for the purposes of providing our service to you. Whether this is a sale, repair or other IT service. We keep this information to provide a continuity of service to you and also for the purposes of record keeping.
Who do we Share this information with ?
Occasionally during the course of providing a service, some basic details maybe shared with a third party. This is only ever done to fulfill our contract with you when a third party is required to do this.
What do we do with you information ?
Your personal information is stored in our secure server and basic contact details are printed out and signed by you for the purposes of record keeping. These are securely filed at our work premises purely for accounts and record keeping
How long do we hold your information ?
We will keep you details indefinitely, if you wish them to be deleted then please contact us and let us know.
How can you access your information ?
If your account was created online then you access this by logging in. If received in store then please contact us and we can provide access.
Is my information used for marketing or profiling ?
We do not currently use any information for these purposes. Should this change we would always inform you and seek your consent to use your personal information in this way.
Your Information and Your Rights
Regarding the information we hold about you, you have the following rights :
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object;
- and the right not to be subject to automated decision-making including profiling.
In order to exercise any of these rights then please use contact us and we will deal with your request promptly
We only hold personal data necessary for fulfilling our contract with you. For Example depending on the type of service or purchase you have made, we will take name and contact details to fulfill our service to you. Also this data is kept for the purposes of keeping records and implementing any warranty claim or further service required.
Where any personal details are taken for the purposes of marketing or non contractual contacts, you will always be asked clearly if you give consent for your data to be used for non contractual purposes, like newsletters or mail outs.
When we ask for your consent we will always do so in a clear manner. Specifically asking if we can use your personal information for a single purpose. For example so you can receive mailouts or newsletters.
The GDPR regulations set a high standard for this granular approach, and where your consent has been previously given, will will only apply it to the specific reason it was given.
Data Security and Breaches
We take protection of all our data very seriously. Your data is never written down or passed on. All our servers are secured and password protected. Where important financial data is used we utilize SSL certificates and card payment details are never stored on our systems. On our websites we utilize industry leading payment gateways like Paypal, who handle this data directly and adhere to strict rules regarding i’s use and storage.
When payments are taken in our shop, details are never written down. We use a Worldpay card processing machine to transmit and process payments immediately with no need to store any of the data electronically. Card receipts are kept in a locked drawer until being taken off site and strored securely for record keeping purposes.
We are PCI compliant, meaning we are signed up to a stringent policy in how we handle payment data. This assessment is made every 12 months to ensure we are keeping handling data properly.
In the event of a data breach we will inform the ICO within 72 hours, as required by the GDPR regulations. Where possible we will also inform any persons affected by the data breach.
Privacy by Design
In the spirit of the new GDPR regulations, and although not required for a company our size, we have appointed a Data Protection Officer. The DPO will perform impact assessments and ensure the data we hold is relevant to ongoing contracts with our customers.
The DPO will also oversee the fulfillment of your rights regarding your data and respond to any of your requests regarding it in a timely manor.
The DPO will also oversee that all our employees are made aware of our privacy policies and also that suppliers or connected companies are GDPR compliant.
You can email our dpo at email@example.com or use our usual contact details below.