Synthesis IT Ltd is a technology and telecommunications services business, providing technology solutions and consultancy to business users. This Privacy Notice explains how we collect and use information about you and tells you about your privacy rights and how the law protects you.
Our Privacy Notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. We take our privacy obligations seriously and aim to always act in a fair and transparent manner. We will likely need to change this Notice from time to time and will do so by updating the published copy on our website.
Synthesis IT Ltd will act as the data controller when collecting data about you (when you use our website and services) and will be responsible for your personal data. If you have any questions about this Privacy Notice or how we use your personal data, please contact us at firstname.lastname@example.org.
- In specific circumstances we will request your consent to collect and use your data, for example when signing up for a newsletter or wanting to be kept informed of our business briefings and other events.
- When you engage us to provide services, we will need certain information in order to fulfil our services to you.
- Legal compliance: we may be required by law to collect certain data about you.
- In specific circumstances we will use your personal data to pursue our legitimate interests and will do so in a manner which might reasonably be expected as part of running our business and in a way which does not materially impact your rights and freedoms.
- When we meet with you face-to-face; correspond with you by telephone, email or post; or interact with you at social or business networking events.
- When you submit an enquiry to us via our website.
- When you interact with us through social media channels.
- Where you have been introduced to us by a third party to whom you have given consent for your data to be provided.
- Where you have consented to your data to be shared publicly.
- Where you use our website and technical services.
Depending on the type of interaction you have with us, we collect a variety of personal data about you, including:
- Identity information such as your first name, last name, title, date of birth and gender.
- Contact information, including your address, telephone number, mobile number and email address. This will usually be your business contact information, but where you have consented, may include non-business contact information such as your home address.
- Business information such as your job title, department and manager.
- User information, such as the username and password assigned to you to access your organisation’s systems, our portals and our technical solutions.
- Social media information, such as your social media usernames and handles.
- Your preferences for marketing and other communications from us.
- Personal information you provide us (e.g. your nickname; hobbies and interests; partners and children’s first names).
- Asset information, including the serial numbers and device IDs of any equipment you have been issued by your organisation or you have engaged us to support.
- Product information, including any other information we need to gather in order to deliver products and services you buy from us.
- CCTV data: if you visit our site, your image will be captured as part of our security controls.
- Technical data such as your IP address, browser type and version, operating system and platform (when you connect to our services).
- Website usage data, including analytics data from providers such as Google about how you use our website.
We aim to keep your data accurate and current so please keep us informed if any of your data changes.
We do not collect or process special category data, for example your race, ethnicity, religion, trade union membership, philosophical and political beliefs, any genetic or biometric data, your health or information about your or sexual orientation.
We will only use your personal data when the law allows us to do so. Most commonly will use your personal data for the following reasons:
- To provide you with the goods and services you purchase from us. We use our contractual obligation as the lawful basis.
- To send you surveys and feedback requests to help improve our services. We do this as part of our legitimate interest.
- To respond to your enquiries, communications, survey results and complaints. We may do so as part of a contractual obligation, a legal obligation or our legitimate interest.
- To notify you of any changes to the products and services we provide you. We do this as part of our legitimate interest.
- To notify you of any service outages or other events that may impact your usage of our services. We do this as part of our contractual obligations.
- To notify you of any changes to our terms of business or policies and notices, such as this Privacy Notice, as required by law. We do this as part of our legal obligations.
- To notify you of any events, new services or promotions by email, phone and through our website. Where we are communicating with business employees, we will do this as part of our legitimate interest otherwise we will do so with your consent. In all cases you are free to opt out from hearing from us at any time.
- To notify you of any events, new services or promotions by post. We do this as part of our legitimate interest and you are free to opt out from hearing from us at any time.
- To personalise our communications with you. We maintain close relationships with those we do business with and we want our relationship with you to be personal and friendly. We may tailor our communications with you, for example by addressing you by your nickname or by making reference to your hobbies and interests. We only do this with your consent.
- To identify potential new business opportunities and markets. This includes identifying organisations that may benefit from our goods and services and collecting the identity and contact information of decision-makers. We do this as part of our legitimate interest.
- To improve our website. We collect data about your usage of our website so that we can identify where improvements can be made. We do this as part of our legitimate interest.
- To protect our systems from fraud and other illegal activities. This includes using your data to verify your identity. We do this as part of our legitimate interest.
- To protect our premises and assets from crime. We operate CCTV to record images to keep our premises secure. We do this as part of our legitimate interest.
- To comply with the law. We may disclose your information to regulatory bodies and law enforcement agencies. We do this as part of our legal obligations.
We do not utilise any automated decision making or profiling.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
As an IT solution provider, we have expertise in securing data and ensure that all data that we collect about you is stored using appropriate technical and organisational measures. Only authorised individuals have access to your data and where they do they must use passwords and another form of physical identification. We monitor our systems for possible vulnerabilities and attacks, and we carry out regular scans and penetration tests to validate our measures.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Where data is outside of our defined retention periods we will remove the data either through secure destruction means or by anonymising the data such that it cannot be used to identify you.
We sometimes need to share your personal data with trusted third parties. Examples of third parties with whom we might share your data include:
- Delivery organisations in order to ship goods to you.
- Direct marketing companies who help us communicate with you.
- Technology providers who help us deliver our website and our technical solutions.
- Google and other search/social media platforms. We do this on the basis of your acceptance of cookies on our website.
- Our accountants and other professional advisers.
When we share your personal data we work with our third parties to ensure your personal data is kept safe and your privacy is respected and protected at all times. We will only provide the information they require to fulfil their specific services. Where required we will enter into contractual arrangements with them and stipulate:
- They will only process your personal data for the exact purposes we specify with them.
- They have appropriate technical and organisational measures to protect your personal data against accidental, unauthorised or unlawful processing, destruction, loss, damage, alteration or disclosure.
- They do not process your data outside of the European Economic Area without our agreement.
- That unauthorised individuals will not have access to your personal data.
- That they will co-operate with us in relation to any complaint made by you or in responding to any of your rights that you may exercise.
- That they will securely destroy any data we supply upon termination of our agreement with them.
We do not sell your personal data or share it with third parties for their own purposes.
We only store your personal data within the European Economic Area (EEA) and where possible within the United Kingdom (UK), but if we are required to store your data or use a third-party processor outside the EEA, we will ensure your data receives the same protection as if it were stored or processed within the EEA. We will notify you by updating this Privacy Notice and by writing to you, either by post or by email, if we will transfer personal data outside of the EEA.
- Access the personal data we hold about you, free of charge in most cases.
- The correction of your personal data when incorrect, out of date or incomplete.
- The deletion of the data we hold about you, in specific circumstances; for example, when you withdraw consent or object, and we have no legitimate overriding interest, or once the purpose for which we hold the data has come to an end.
- A computer file in a common format (CSV or similar) containing the personal data that you have previously provided to us, and the right to have your information transferred to another entity where this is technically possible.
- Restriction of the use of your personal data, in specific circumstances, generally while we are deciding on an objection you have made.
- That we stop processing your personal data, in specific circumstances; for example, when you have withdrawn consent, or object for reasons related to your individual circumstances.
- That we stop using your personal data for direct marketing (either through specific channels, or all channels).
- That we stop any consent-based processing of your personal data after you withdraw that consent.
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
You may find links to third party websites on our website. These websites should have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
We hope we have provided you with enough information to help you understand how we use your personal data. If you have any further questions, please contact us:
- by email at email@example.com
- by phone on +44 (0)191 2704370
- by post at Amron House, Borough Road, North Shields, Tyne and Wear NE29 6RN
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. You can contact them by calling 0303 123 1113, or online at www.ico.org.uk/make-a-complaint.
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.
This Privacy Notice is effective from 29th April 2021 and was last reviewed on 29th April 2021.