Our Privacy Policy

(Effective 25 May 2018)

Introduction

This is the privacy policy for The Computer Clinic, (hereafter known as “TCC”, “us” or “we”)

The privacy of your information is very important to us and we ensure that we only hold the minimal information we require in the course of offering and providing our services to you.

The only information we capture on the website is from the “Contact” form, and only if you choose to contact us using that method.

Cookies are used as part of Google Analytics, to help us understand how our customers are finding us and optimising their web experience. We have a cookie acceptance banner to highlight this which requires explicit acceptance as well as access to more information about cookie use.

A link to a third party website that provides more information on the use of cookies and how to configure your browser if you don’t wish to allow cookie use.

Personal data Acquisition (Web Site Contact)

If you use the “contact” form on the website, we will capture the information you supply and submit to us. The information is sent to us as an email from the website with no tracking or identifying information about you other than the information you choose to give, in the information boxes provided:

• Your Name

 Your email address

• Your Telephone No.

• Your message

Personal Data Acquisition (Telephone)

We acquire the following personal data from telephone calls we receive requesting our services, once it’s agreed to proceed with a visit from us to provide our professional services:

• Your Name

• Business Name (if applicable)

• Your address

• Your email address

• Contact Telephone No.

 

Data Retention Purpose

Personal data is only acquired and held to facilitate contact to enable the provision of the service and aftercare. Thereafter it is only held for the purpose of  “legitimate Interest” i.e. the statutory recording of  business transactions for HMG, HMRC and any relevant authorities, up to a period of 7 years, as required by law.

Data Processing

Once the work is complete, your email address may be requested and used for invoice delivery and follow-up communication relating to the work completed. This personal information held by TCC is limited to that shown in the acquisition section above.

The processing of that information is limited to the creation of invoices, the mailing or emailing of invoices and inclusion in our customer contact list for necessary contact during the period of work and follow-up customer care, following work completion.

Data Retention Security

Electronic records are held on our access controlled, encrypted  office systems to provide the maximum protection for our customers’ data.

Where personal details are synced onto TCC owned mobile devices on other OS platforms, they will be protected by PIN and/or Biometric access controls.

Our mobile devices are automatically wiped after  unsuccessful access attempts or can be remotely wiped by ourselves if we need to secure a missing device.

Data Sharing

TCC will not share any customer data, unless it is necessary to fulfil the work required with a third -party and only after explicit consent has been obtained from the customer. TCC do not sell, share or otherwise make available any information to any third-party for any other purpose.

Data Access Requests

All requests made by our customers shall be serviced withour undue delay and in any event shall not take longer than the statutory one calendar month. The return of  the requested information shall be by the same method by which it was requested.

Any request for data correction or removal shall be completed and acknowledged as soon as is reasonable and within the statutory period.

We will hold a copy of all information requests and amendment correction notifications and the associated response.

Breaches and Reporting

Where a reportable breach of personal data occurs which results in a risk to the rights and freedoms of those individual or organisations, the ICO shall be notified.

The report shall detail:

• a named POC within “The Computer Clinic” business;

• the nature of the breach;

• the categorisation and the approximate numbers of individual data records affected;

• a description of the measures proposed or undertaken by The Computer Clinic ;

• a description of any mitigation measures.