Privacy & Data Security Policy

Scope

This policy applies to the information we collect when you use one or more of our services, or when you otherwise engage with us, including, but not limited to:

• when you visit our website
• when you contact us for assistance
• when we connect with you as a prospective client or as a client
• when we connect with you as a user of a client’s IT system in order to provide our services
• when you use one of our services, for example Concise Managed Service, Concise Protect, Concise Managed Firewall
• when you attend client or prospective client events
• when you meet us at third party events, gatherings or meetups.

Information collection and processing

We primarily collect personal information that is necessary for us to provide our services to clients. We will also collect personal information in the ordinary course of running our business, including through the receipt of communications such as emails, website enquiries and telephone calls.

When we refer to “personal information”, we mean individually identifiable information that alone or when in combination with other information may be used to readily identify, contact, or locate a specific person.  This information may include:

• First name, last name, email address, job title, phone numbers.
• Preferences information such as notification and marketing preferences.
• Company and billing information such as billing address, headquarters address and place of work.

We do not consider personal information to include information that has been anonymised.

By providing personal information to us, you agree that we can communicate with you regarding security, privacy, and administrative issues relating to your use of our services.

Other data

We collect personal data that you submit to us via our website or third-party tools including, for example, when applying for a job via our website or requesting support in relation to one of our services.

Analytics and logs

We collect analytics and log information when you use our website to improve our products and services.

IP Addresses and cookies

A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is usually a small piece of data sent from a website and stored in a user’s web browser while a user is browsing a website. When the user browses the same website in the future, the data stored in the cookie can be retrieved by the website to notify the website of the user’s previous activity. Cookies are not viruses, spyware, or trojans that cause harm to your machine.

Our website uses a variety of cookies to help improve the quality of your experience:

• Essential & Functional Cookies
  Without these cookies certain functions of our website would not work, such as login, registration and password areas.
• Analytics Cookies
  These cookies monitor how visitors use our website. This helps us to improve the customer flow and provide additional resources for popular pages.
• Third Party Cookies
  These are cookies dropped onto your device by other websites, for example, if we host a video on YouTube.com and embed that on our site, when you click play YouTube drops a cookie onto your device, so it knows you have watched it. We do try, wherever possible, to only allow third-party cookies to be dropped onto your device from websites we trust.
• Session Cookies
  If you have arrived at any of our websites by clicking on a banner advertisement for one of products or services, a session cookie may be used. This cookie contains an identification number for the advertisement that you clicked on, and it helps us determine which of our adverts attracts the most visitors.
• Persistent Cookies
  In order to better understand how our sites are used, we may also use persistent cookies along with other information collected in our servers' files (e.g., IP Address, referring URLs, etc.). Such information is not combined with information from any other cookie. Cookies may be delivered in a first-party or third-party context.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical / performance cookies or targeting cookies.

Device related information

We may also collect device related information from a user’s device(s), including information such as an IP address, operating system, the date and time of use of our services, the date and time of an event on the client’s IT systems, system logs, and technical attributes about the device or a web browser.

Where we store your personal information

All information you provide to us is stored on our secure servers within the EU. We take all appropriate measures to ensure data is treated securely and in accordance with this policy. We have adopted physical, technological, and administrative procedures to safeguard and secure the data we process. We enforce least privilege access policies for our employees on all data. Our Chief Information Security Officer is responsible for maintenance and operation of all information technology risk management programs, security controls and activities.

Retention

We retain your personal information needed to provide our services only so long as we have a valid business purpose, in accordance with applicable law and our client agreements. We may retain aggregated and anonymised information indefinitely.

Information Sharing

We will not sell or rent your personal information. However, we may share or disclose your personal information as follows:

• We may provide your information to our business partners, vendors or service providers who perform functions on our behalf in line with our service agreements.
• In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
• As required by law, government officials, or other third parties pursuant to a subpoena, court order, or other legal process or requirement applicable to our company.
• When we believe, in our sole discretion, that the disclosure of personal information is necessary to prevent physical harm or financial loss.
• To report suspected illegal activity or to investigate violations of our agreements.

Children’s privacy

Our services are not directed towards minors. We do not knowingly collect information from children under the age of 13.

If you have reason to believe that a child under the age of 13 has provided information to us through our websites or services, please contact us and we will delete that information from our databases.

Accessing and updating your information

If you are a user of a client’s IT system, we may record your personal information in our client database. To correct or amend this information, please contact servicedesk@concise.co.uk. To request deletion of this information, you should direct your query to your employer.

If you wish to request access to, correction, or deletion of personal information you have submitted through our websites, you can contact us at legal@concise.co.uk. We will respond to your request within 30 days.

Changes

We may amend this policy from time to time. When there are changes we will update this page.

Contact us

If you have any questions about our Privacy Policy, please contact Nadine Southern by emailing legal@concise.co.uk

Nadine Southern
Concise Technologies Limited
2 Royal Court
Gadbrook Park
Northwich
Cheshire
CW9 7UT

Effective Date

This Privacy & Data Protection Policy became effective on 21st May 2018.