Privacy Policy

At Connect we are committed to protecting and respecting the privacy of our clients, their callers and anyone else we encounter in the course of our business. In compliance with the General Data Protection Regulation (GDPR), we recognise the need to ensure that any personal data that we may collect is properly protected and that we are transparent and responsible in the way we handle it.

The following privacy policy applies from 2nd March 2020.

  1. What we do with personal data

We use personal data to provide our clients and their callers with our services. That includes:

  • Delivering callers’ information to our clients, as requested by both those parties;
  • Providing our clients with billing information and reports;
  • Using data analytics to improve our website, products/services, marketing, customer relationships and experiences;
  • Legal, regulatory or business reasons such as assisting with crime and fraud prevention.

All of these are carried out in compliance with the General Data Protection Regulation (GDPR).

  1. How long we hold data for?

We retain clients’ information while they remain a client and after they have left us.  We retain caller information while the relevant client has a service with us and after they have left us

We use clients’ information to provide them with the products and services they have selected.  We use callers’ information to allow us to provide our service to our clients; to allow us to provide and support invoices to our clients; and archiving and statistical purposes.

For example, we might need to sort out disagreements, stop fraud and abuse, prove that a client had an account with us or follow our legal obligations. Or the police may need it as evidence. We may also keep information about how our clients use our services.

In each case, the length of time that we need to keep the information may be different but, in compliance with the General Data Protection Regulation (GDPR), we will only keep the information for as long as we need it.

  1. Who do we share personal data with and why?

We sometimes share information. This is always done in compliance with the General Data Protection Regulation (GDPR) and includes the following situations:

  • In the course of providing our service, we will deliver information given to callers to the client for whom we answered that call. We do this because the nature of our service is that we collect information on our clients’ behalf;
  • With partners, suppliers, agents and subcontractors who help us deliver the products and services our client has chosen to use;
  • When the client or caller have provided consent;
  • When we have legal or regulatory requirements such as a request from the competition authority, law enforcement agency or a credit reference agency.
  1. What data do we hold?

We collect information in four ways:

  1. Directly from our clients, in taking instruction from them or within application or registration forms. In respect of this information, Connect is a Data Controller;
  2. Direct from callers, in speaking with them on behalf of our clients. In respect of this information, Connect is a Data Processor;
  3. From the services our clients use, such as the call transfers and emails requested by our clients;
  4. We may collect information from 3rd parties, such as information from credit reference agencies, fraud protection agencies and webchat software such as Smartsupp.com.

These are all carried out in compliance with the General Data Protection Regulation (GDPR).

  1. What rights do you have?

Under the terms of the General Data Protection Regulation (GDPR), you have the right to:

  • To be informed about how we use your personal data (the purpose of this Privacy Policy Notice);
  • To update your personal data. You can update or amend your information by contacting our Customer Service Team;
  • To ask us to delete your personal data. However, there may be circumstances where we are legally entitled to retain it, for example to allow us to provide, invoice and evidence our service;
  • To get a free copy of your personal data. A subset of your data (limited to data that you have provided to us) is available in a machine-readable format if required;
  • To object to the processing of your data and have it restricted. There may be circumstances where you ask us to restrict the processing of your information, but we are legally entitled to refuse that request, for example to allow us to provide, invoice and evidence our service;
  • To review some automated decision-making or profiling (automated processing to determine certain things about you);
  • The right to make a complaint to the Information Commissioner (www.ico.org.uk) if you think that any of your rights have been infringed by us.
  1. Our marketing policy.

In compliance with the General Data Protection Regulation (GDPR), we ensure that we provide our clients with choices regarding certain personal data uses, particularly around marketing and advertising.

  • We may use our clients’ contact, technical or communications data to form a view on what additional services might be of interest to them.
  • Clients, former clients and companies or individuals who have approached us to enquire about our services may receive marketing communications from us unless they have explicitly requested that we do not send them marketing communications;
  • Clients can ask us to stop sending marketing messages to them by contacting us at any time.
  • We will never give our clients’ personal data to a third party for marketing unless they have expressly given us their permission to do so;
  • In the course of providing our services, we collect information from individuals who have called our clients. We do this under the instruction of our clients and with the permission or at the request of the caller.  We will never give the personal data of anyone who calls any of our clients to a third party for marketing unless they have expressly given us their permission to do so.  Similarly, we will never ourselves use the personal data of anyone who calls any of our clients to carry out any marketing activity unless they have expressly given us their permission to do so;
  1. How do we ensure data is secure?

A key requirement of the General Data Protection Regulation (GDPR) is security of data.  Connect is committed to keeping data secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

We use a variety of security technologies and procedures to help protect data from unauthorized access, use or disclosure.  These include but are not limited to the use of: encryption, password protection, firewalls and software designed to combat viruses and other malware.

All data is encrypted via SSL when transmitted between our servers and your browser.

We do not store any payment or credit card information on our servers. The data is encrypted and securely stored by our payment processing partners, Sagepay (www.sagepay.co.uk) and SmartDebit (www.smartdebit.co.uk).  Both of these partners are subject to the General Data Protection Regulation (GDPR).  Please review their Security Policies & Procedures for more information.

  1. Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

  1. Cookie Policy

Cookies are small text files stored on your device when you access most websites on the internet.  By continuing to use our website, you agree to the use of cookies as described in our Cookie Policy.

Currently across all Connect’s web sites and customer portals we make use of cookies to help manage our websites and to improve the visitor experience, as well as provide us with information about how our websites are used so that we can make sure we meet our clients’ and other visitors’ expectations. 

Connect uses Google Analytics to provide us with an overview of traffic trends throughout our sites using such analytics software. These trends may include information such as your chosen browser, whether you are accessing using a smartphone or laptop, which pages you visited, etc. No personal or identifiable information is collected or used.  For further information about Google Analytics please see http://www.google.com/analytics/learn/privacy.html

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies although this may prevent you from taking full advantage of the website.  Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. For more information about how to do this, and about cookies in general, you can visit http://www.allaboutcookies.org.

  1. Contacting Connect

If you would like more information or would like to raise any queries with us in relation to your information under the terms of the General Data Protection Regulation (GDPR), you can contact us by writing to the Data Protection Officer at:

Data Protection Officer

Connect Communications Services Ltd
Suite 72, Pure Offices,
4-5 Lochside Way,
Edinburgh
EH12 9DT

  1. Changes to this Privacy Notice

We may change this privacy policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy was lasted updated on Tuesday, 15th May 2018.

  1. Resolving Privacy Issues

In the event of a data breach, in compliance with the General Data Protection Regulation (GDPR), we will report the breach to the Information Commissioner’s Office, where feasible, within 72 hours of becoming aware of the breach.

If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, we will also inform those individuals without undue delay.

We will keep a record of any personal data breaches, regardless of whether we are required to notify.

We will always try our best to resolve any data privacy issue you may have. You have the right to refer any data privacy issue to the Information Commissioner’s Office at any time.

 

Page Last Updated: February 10th, 2023

CONTACT US