Our data controller manages all our business data, including data collected via the website and by email.
At Prospatek Ltd, your privacy is extremely important. If you have any questions about the privacy statement, the practices of this site, or your dealings with us, please Contact Us and let us know. Thank you.
Notification of Changes
Definitions of main GDPR terms
GDPR – the General Data Protection Regulation.
Data Controller – the person who determines the purposes and means of processing the personal data.
Personal Data – any information relating to an identifiable person, directly or indirectly identified.
Sensitive Personal Data – special categories of personal data: race, ethnic origin, political opinions, religious or philosophical beliefs, trade union memberships, genetic data, biometric data, health data, sexual orientation or sex life.
Data Processing – the capture, use and storage of personal data.
Lawful Basis for processing – There are 6 lawful bases for processing personal data detailed within GDPR. These are: Consent, Contract, Legal Obligation, Vital Interest, Public Task, Legitimate interest A lawful basis for processing must be assigned to each processing activity.
Privacy Statement – discloses how personal data is used within an organisation.
- By contacting us or contracting with us, consent is implied that we may use the personal data provided to reply to you and to provide services to you.
- Where we need consent to collect and process information for other reasons, you will be positively asked, such as for marketing purposes.
Information and Personal data we collect
When you initially contract for our services
- Name, business name, business postal address, mobile and landline phone numbers, email address.
- Depending on services provided: with your consent control panel access for domain names and email accounts and related systems, website control panel access, business information for the website content, details of transactions between us, images and video content.
- We ask only for the minimum personal data required to deliver and maintain agreed services to you.
When you order new services and renew existing services
- The current stored information will be checked against new data.
When information about our services is requested – Legitimate Interest
- The information is used to contact you, provide information, estimates, quotes and anything else relevant to the request.
How we use personal information
To provide services to you and manage our operations – Contract and Legal Obligation
- Process data relating to transactions between the company or individual, such as invoices, orders, payment details
- To contact you in respect of administration relating to the services and products we provide
- To subscribe to agreed third party services. This is always done in agreement with you.
- Your company data to enable website content to be added to your website.
Contact and interact with you with issues relating to your services – Legitimate Interest
- To keep you informed of innovations, requirements and updates relevant to the services we deliver to you.
- To contact you with suggested upgrades for your current service. This is distinct from marketing information
Safety and Critical Information – Legitimate Interest, Vital Interest
- To provide urgent, safety and important information relating to service provided directly or from a third-party provider
Marketing information – Consent
- To provide marketing information relating to a topic you have asked us to keep you informed about.
How we store and protect personal data
Data Storage and Transmission
- Physical and electronic safeguards are in place to protect electronic data.
- Data transmitted by email and when accessing the website is secure and encrypted.
- Electronic systems are kept up to date, with current security and anti-virus software in place.
- NOTE: it is important that user ID’s and passwords provided to access any our systems are kept secure.
How long we keep personal and business data
- We will not keep personal data longer than necessary, in line with current and future legal requirements.
- Anonymised data relating to a company may be retained for a longer period, with personal data removed.
- Data relating to website setup and management is retained for 6 years following the cancellation of a website.
- You can contact us to request information we hold about you. We will need to verify your identity before releasing the information.
- You have the right to object to the use of personal data by us, and ask for it to be deleted if there is no legitimate reason for us to keep it.
- There are legal and accountancy reasons why data we hold must be retained. This will be 7 years from the end of the financial period of the last transaction, unless required by current or future law to keep it for a longer period.
Sharing personal data with other organisations
We do not sell, share, or rent information to others for market research or commercial purposes, other than to deliver legitimate services to customers and on the website. We may disclose personal information as follows:
- With third party service providers, sub-contractors and agents to enable us to provide contracted services and maintenance.
- With third parties for third party software monitoring, website use analytic data.
- To comply with applicable law.
This website takes precautions to protect our users’ information.
- Data communication between your browser and our server is encrypted using an SSL certificate validated with the domain name. A padlock icon appears in your browser indicating a secure connection.
- Security software is installed to reduce the risk of un-authorised access to the website.
- The “IP Address” of a website visitor is considered personal data. Tracking software such as Google Analytics has the IP address anonymized.
- For the website security software to function and block suspicious access, the IP address is used. This is considered a Legitimate Interest, as it protects not only the website but other website uses. The only IP addresses accessible are those blocked by the system for exceeding limits of access considered to be potential security risks. The person behind the IP address cannot be identified.
- This website is not currently e-commerce enabled. We do not collect personal data for any type of ordering purpose.
- This web site may contain links to other sites. Please be aware that Prospatek Ltd is not responsible for the privacy practices of such other sites.
- We encourage our users to be aware when they leave our site to read the privacy statements of each and every web site that collects personally identifiable information.
- This privacy statement applies solely to information collected by Prospatek Ltd.