Where we collect personal data via our website, we will be upfront about it and it will be obvious to you that you’re providing personal data and how we will be using it.
Our website uses our own CMS (content management system) hosted on our own servers.
2.1 Google Analytics
When someone visits our website (https://www.storminternet.co.uk) we make use of the Google Analytics service to collect standard information about visitors to the sites and their behaviour (e.g. what pages they viewed). The data provided by Google Analytics is anonymised and in no way enables us to identify individual visitors, however, Google Analytics will place a cookie on your device to enable the service. For more information about how Google Analytics cookies work on websites visit: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
We provide a LiveChat service via our website. The service is provided by ProvideSupport (https://www.providesupport.com). You are only required, initially, to provide a name to use the service, but if you provide further information either at the signing in stage or during the live chat this information will be recorded. A transcript of the chat session is emailed to Storm Internet for the purposes of quality control. We may also keep an anonymised version of the chat session for analysis purposes. The third-party provider of this service does not store your data once they have been emailed the transcript.
2.4. Online forms
If you fill out one of our contact forms on our website a notification email is sent to the relevant team within Storm Internet, but the data you supply is stored within a database on the same private server network as our website. As our site uses SSL (https) any data you submit is encrypted on its way to the database.
2.5. Online orders
When you place an order via our website we will ask for your name, address, contact information and other information relevant to the order. This information will only be used for the purposes of delivering the services we are providing; however, data may be shared with third party service providers for the purposes of delivering the service (e.g. your details will be shared with a domain registry for the purposes of registering a domain).
Where your data is stored on our own servers, it is stored on our own server hardware. This hardware is co-located, in the UK, at the ISO27001 RapidSwitch/Iomart data centre in Maidenhead, with backups stored in the Everest data centre (also ISO27001 certified) in Reading. None of your data is stored or transferred outside the UK and therefore not transferred outside the EEA.
We manage the security of our services and therefore your data ourselves. More information about how we manage the security of our services can be found in our GDPR statement https://www.storminternet.co.uk/gdprstatement
All the data we hold on a customer is available via our Customer Portal (https://portal.storminternet.co.uk). Personal information is shown under the "Contact Details" section and can be edited here too. Services that we provide to are shown under "Active Services" and all invoice payments are available under the "Billing & Invoices" section. Support Ticket conversations and transactions can be viewed under the "Support" section of the Portal.
We use our own system for delivering our email newsletters, run on our own servers. As noted above we make use of a tracking cookie to track the way our newsletters are read.
Every time you receive our email newsletter we will include a link to enable you to unsubscribe should you wish to stop receiving them. We honour such requests.
If you call our support helpline, we will already have your information stored in our customer database. We may use this information to verify your identity before helping with your enquiry. We will update our records with details of your query and how it was resolved.
If you call our sales line, we will ask for the minimal information we need to provide any information relating to your call. The details will be stored in our CRM for the purposes of following up with you further to the discussion; if you become a customer your details will be stored in our support database.
Any emails we receive are stored locally on our computers within our email client. Access to them is protected via Windows User accounts and we also use Windows Encryption. We also scan the email for viruses when it arrives on our servers and again before it is delivered to our local computers.
We use a third-party provider, Hootsuite, to manage our social media accounts. We primarily use Hootsuite for the purposes of sharing our marketing messages across our social media platforms (the ones supported by Hootsuite). However, from time to time we may make use of additional Hootsuite functionality which allows us to use Hootsuite to collect together certain aspects of your personal data available to us via our connections on social media. More information about this functionality in Hootsuite can be found here: https://hootsuite.com/legal/privacy#customer-content
When someone joins our team, we will only collect and ask for personal information that is required for being an employee. We will keep these records during your employment and for up to 6 years after termination of your employment. We will also keep your payroll records up to 7 years. If we record working time records, we retain these for 2 years and any immigration check information for 2 years. All the information will be stored, within our systems, securely.
If you send us application forms or your CV, we will keep the information for as long as we’re considering your application. If you become an employee, the information will be added to your personnel file and kept in line with our policy on keeping employee records. If your application is unsuccessful we will delete the information after 6 months unless you consent to us retaining them for any longer (for example for any future opportunities). All the information will be stored, within our systems, securely.
Unless stated elsewhere in this document or in our terms of services we only store the data necessary to provide the services we provide to you. We will keep this data for as long as it is lawful for us to do so (this may be for as long as you are a customer or because of a legal obligation to retain the information, whichever is the longest).
The only third-party processor we use is our accountants who are provided with minimal contract information for the purposes of managing our business accounts. They only use the data within their systems for this purpose and will not use your data for any other purpose.
Under current data protection legislation in the UK, you have rights as an individual which you can exercise in relation to the data we store and process about you. You can find more information about your rights on the Information Commissioner’s website: https://ico.org.uk/for-the-public/
If you want to make a complaint about the way we are processing your data, you can contact us, using the contact details below. You also have the right to complain to the Information Commissioner’s Office: https://ico.org.uk/concerns
12.2. How to withdraw consent and object to processing
Where we are processing your data and needed to ask your permission to do so, you are able to withdraw your consent at any time. If you wish to stop receiving our marketing emails you can do so, by clicking on the “unsubscribe” link at the bottom or the email. Otherwise, you can contact us, using the contact details below.
If you wish to raise concerns about the way we are processing your data and would like to raise an objection, then please email us via [email protected] with your concerns.
12.3.Keeping your data up to date
It is important that any of your data that we process is kept up to date. We will from time to time ask you to verify your contact details but if you wish to update any information we hold about you, please contact us using the contact details below.
12.4. Erasure of your data (the “right to be forgotten”)
Under some circumstances you may request us to delete your data from our systems. Where this is possible (e.g. we don’t have any legal purpose for continuing to process your data) we will erase it from our systems.
If you wish to exercise your right to be forgotten by our services, please contact us via the contact details below.
Your right to portability allows you to request a machine-readable export of the data you supplied to us and associated service logs (where we store them). Please contact us, using the contact details below, if you wish to receive a CSV export of your data (this will be data available via our Customer Portal (https://portal.storminternet.co.uk))
12.6. Access to your data
You have the right to ask us about what data we hold about you, how we process it and provide you with a copy of the information, free of charge and within one month of your request.
To make a request for any personal information we hold and process about you, we would prefer it if you could put it in writing or in an email to the addresses below. We will need to verify your identity before providing the information and where necessary may contact you further to ensure we understand what data you are requesting.
Alternatively, if you are a customer, you may find the information you need by access your account on our Customer Portal (https://portal.storminternet.co.uk).
We do not share any personal data with any third parties unless it is lawful for us to do so or if we are required by law to do so.
For more information about your data rights and privacy or data protection in general visit the Information Commissioner’s Office website: https://ico.org.uk
Salim Benadel, 1 Canal View, Wharf Farm, Eynsham Road, Witney, Oxfordshire. OX29 4DB
Email: [email protected]
Tel: 0800 817 4727
Version 1.1 (Last edited 26/03/2018)