GDPR 2018 Privacy Notice – Every Cloud SP Ltd
This document refers to personal data. Personal data is defined as information concerning any living person (a natural person who hereafter will be called the Data Subject) that is not already in the public domain.
The Data Protection Act (DPA), Privacy and Electronic Communications Regulations (PECR) are already in operation in the UK.
However, the EU General Data Protection Regulation (GDPR) came into operation from May 25, 2018. This regulation is far more extensive, EU-wide and seeks to protect and enhance the rights of Data Subjects. These rights cover the safeguarding of personal data, protection against the unlawful processing of personal data and the unrestricted movement of personal data within the EU. It should be noted that GDPR does not apply to information already in the public domain such as Companies House data.
Every Cloud SP is pleased to provide the following GDPR information:
Who We Are
At Every Cloud SP Ltd, we are committed to devise and deliver healthcare and safety solutions throughout the world in terms of viral, bacterial and fungal protection to the general public, healthcare and care workers, centralized national healthcare providers, pandemic relief organizations, the sports and leisure industries, domestic appliances and toiletries and the aviation and air conditioning industries. We enable our clients to protect themselves from both environmental and pathogenic impacts in an environmentally sustainable manner.
Every Cloud SP uses the information collected from you to provide improvements to our service and provision efficiency, improve our costs and to make direct telephone contact and to email you as is appropriate. All Every Cloud SP’s e-mail communications are encrypted through the use of Office 365. This information is collected from you at the point of engaging in and then delivering our service arrangements with you.
We do not use the information we collect from you for the purposes of marketing and/or PR, unless specifically approved by you. Every Cloud SP does not sell your data.
Under GDPR, Every Cloud SP acts both as a “Data Controller” and a “Data Processor”. The Data Controller is a legal person who determines the purposes for which the data is processed and the way this is done. The Data Processor is the person who processes the personal data on behalf of the data controller. Every Cloud SP acts on your instruction and will work diligently to ensure that the whole process is, and remains, fully GDPR compliant.
Personal data may be collected about you from the forms, agreements and surveys you complete, from records of our correspondence, e-mails and phone calls. Please note that no details of your visits to Every Cloud SP’s website, including but not limited to personally identifying information like Internet Protocol (IP) addresses are collected or monitored by Every Cloud SP.
Every Cloud SP’s website does not utilize cookies, where “cookies” are defined as string of information that a website stores on a visitor’s computer and that the visitor’s browser provides to the website each time the visitor returns.
Any information Every Cloud SP holds about you and your business encompasses all the personal data and any financial transactions including any third-party information we have obtained about you from public sources and our distribution network.
Legal Basis for Processing and Personal Data
To meet Every Cloud SP’s contractual obligations to you.
Through agreeing to this Privacy Notice you are consenting to Every Cloud SP’s processing your personal data for the purposes outlined. You can withdraw consent at any time by emailing email@example.com or us, see complaints (below) for full details.
Every Cloud SP may on occasions pass your Personal Information to third parties exclusively to process work on its behalf. SPS requires these parties to agree to process this information based on our instructions and requirements consistent with this Privacy Notice and GDPR. Every Cloud SP only passes on the information gained from your engagement with Every Cloud SP with your consent. However, Every Cloud SP may disclose your Personal Information to meet legal obligations, regulations or valid governmental request. Every Cloud SP may also enforce its Terms and Conditions, including investigating potential violations of its Terms and Conditions to detect, prevent or mitigate fraud or security or technical issues; or to protect against imminent harm to the rights, property or safety of Every Cloud SP, its Producers, its Distributors, its clients and/or the wider community.
Every Cloud SP will process personal data throughout the Term of any financial arrangement between yourself and Every Cloud SP and/or yourself and any Producer and/or Distributor that Every Cloud SP has introduced you to.
Every Cloud SP will also continue to store the personal data needed for six years after the financial arrangement has expired in order to meet any legal obligations. After that period, all personal data will be deleted.
Data is held in the United Kingdom using different (multiple) servers located in Rochdale.
All data is held on a secure storage platform provided by Microsoft through Office 365 with storage at Cardiff, Durham and London. Every Cloud SP does not store personal data outside the EEA.
Your Rights as a Data Subject
At any point whilst Every Cloud SP is in possession of or processing your personal data, all Data Subjects have the following rights
- Right of access – You have the right to request a copy of the information that we hold about you.
- Right of rectification – You have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – In certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – Where certain conditions apply you have a right to restrict the processing.
- Right of portability – You have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – You also have the right not to be subject to the legal effects of automated processing or profiling.
In the event that Every Cloud SP refuses your request under “Rights of Access”, we will provide you with a reason why we have refused access. You have the right to legally challenge that refusal.
Every Cloud SP can confirm, at your request, what information it holds about you and how it is processed.
You Can Request the Following Information
- Identity and the contact details of the person or organisation (Every Cloud SP) that has determined how and why to process your data.
- Contact details of the data protection officer, where applicable.
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of SPS or a third party such as one of its Producers and Distributors, information about those interests.
- The categories of personal data collected, stored and processed.
- Recipient(s) or categories of recipients that the data is/will be disclosed to.
- How long the data will be stored.
- Details of your rights to correct, erase, restrict or object to such processing.
- Information about your right to withdraw consent at any time.
- How to lodge a complaint with the supervisory authority (ICO).
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
- The source of personal data if it wasn’t collected directly from you.
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
Access to your Personal Data
In order to request and gain access to your personal data that Every Cloud SP holds, suitable identification will be required from you.
Every Cloud SP will accept the following forms of ID when information on your personal data is requested
- A copy of your driving licence, passport, birth certificate and a utility bill not older than three months
- A minimum of one piece of photographic ID listed above; and
- A supporting document is required.
If Every Cloud SP is dissatisfied with the quality of the information provided, then further information may be sought before personal data can be released.
All requests should be made to firstname.lastname@example.org or by writing to us at the address further below.
In the event that you wish to make a complaint about how your personal data is being processed by Every Cloud SP or its Producers and Distributors, you have the right to complain to Every Cloud SP’s Managing Director. If you do not get a response within 30 days you can complain to the ICO.
The details for each of these contacts are:
Every Cloud SP Ltd, attention of the Managing Director, 24 Albury Drive, Norden,
Rochdale, Lancashire. OL12 7SX. Telephone +44 (0) 7734062958 or email
ICO Wycliffe House, Water Lane, Wilmslow, SK9 5AF or email: https://ico.org.uk/global/contact-us/email/