Data Policy Statement

Fathom Information Technology Ltd
Data Privacy Policy

 

  1. About this Policy

  • This policy explains when and why Fathom Information technology Limited, Ark Infrastructure Ltd and Fathom IT ( franchise ) Ltd , (“we”) collect personal information about our customers, how we use it and keep it secure and your rights in relation to it.
  • We may collect, use and store your personal data, as described in this Data Privacy Policy and as described when we collect data from you.
  • We reserve the right to amend this Data Privacy Policy from time to time without prior notice. You are advised to check our website (www.fathomit.co.uk) regularly for any amendments (but amendments will not be made retrospectively).
  • We will always comply with the General Data Protection Regulations (GDPR) when dealing with your personal data. Further details on the GDPR can be found at the website for the Information Commissioner (www.ico.gov.uk). For the purposes of the GDPR, Fathom Information Ltd will be the “controller” of all personal data we hold about you.

 

  1. Who are we?

  • Fathom Information Technology Ltd
  • 340 Manchester Road West Timperley WA14 5NH

 

  1. What information we collect and why.

Type of Information Purposes Legal Basis of Processing

Type of Information Purposes Legal Basis of Processing
Customer’s business name, name, address, telephone numbers, e-mail address. In order to contact the customer about any ongoing work being performed.

Therefore, we can book in future jobs and visits when requested by the customer.

For the purposes of our legitimate interests in operating the business.
Password(s) required to login to a customer’s computer or other I.T./mobile equipment When necessary we may be required to login to a customer’s device in order to undertake work requested by the customer on their equipment. For the purposes of our legitimate interests in operating the business.
Password(s) required to login to a customer’s email service or other software services. Therefore, we can undertake work that requires the ability to login to email or other software services in order to complete the work requested by the customer. For the purposes of our legitimate interests in operating the business.
Data backups from a customer’s computer or other I.T/mobile equipment. In order to complete jobs we may be required to back up some or all of a customer’s data from their device. For the purposes of our legitimate interests in operating the business.
User and password information relating to a customer’s Microsoft Exchange email service. We may administer a customer’s Microsoft Exchange email service.  In the event we do, we will hold user and password information in a service details document so we can administer the service as and when requested by the customer. For the purposes of our legitimate interests in operating the business.
User and password information relating to a customer’s domain registration. We may administer a customer’s domain name and DNS information.  In the event we do, we will hold user and password information in a service details document so we can administer the service as and when requested by the customer. For the purposes of our legitimate interests in operating the business.
User and password information relating to a customer’s web hosting service. We may supply a customer with a web hosting service.  In the event we do, we will hold user and password information in a service details document so we can administer the service as and when requested by the customer. For the purposes of our legitimate interests in operating the business.
User and password information relating to a customer’s cloud backup service. We may supply a customer with a cloud backup service.  In the event we do, we will hold user and password information so we can administer the service as and when requested by the customer. For the purposes of our legitimate interests in operating the business.

 

  1. How we protect your personal data.

  • We will not transfer your personal data outside the EEA without your consent.
  • We have implemented generally accepted standards of technology and operational security in order to protect personal data from loss, misuse or unauthorised alteration or destruction.
  • Please note, however, where you are transmitting information to us over the internet or via e-mail, this can never be guaranteed to be 100% secure.
  • We will notify you promptly in the event of any breach of your personal data which might expose you to serious risk.

 

  1. Who else has access to the information you provide us?

  • We will never sell your personal data. We will not share your personal data with any third parties without your prior consent (which you are free to withhold) except where required to do so by law or as set out in paragraphs 5.2 and 5.3 below.
  • We may pass your personal data to third parties who are service providers, agents and subcontractors to us for the purposes of completing tasks and providing services to you on our behalf. However, we disclose only the personal data that is necessary for the third party to deliver the service and we will have a contract in place that requires them to keep your information secure and not to use it for their own purposes.
  • We use a number of third party providers to supply services to customers. The providers and links to their Privacy Policies are set out below:
  • Microsoft for Microsoft Exchange Email and other Microsoft services https://privacy.microsoft.com/en-gb/privacystatement
  • Data Shepherd back up services http://www.datashepherd.co.uk/gdpr/
  • Livedrive for cloud backup services https://www2.livedrive.com/privacy-policy
  • Heart for web hosting and domain services https://www.heartinternet.uk/domain-names

 

  1. How long do we keep your information?

  • We will hold your “business name, name, address, telephone numbers & e-mail address” on our systems for as long as we continue to operate.
  • We will hold your device password information for as long as we are required to hold your device to work on.
  • When supplying administration services for Microsoft Exchange we will hold your login details for as long as we are required by yourself to administer the service.
  • When supplying domain administration, web hosting or cloud backup services we will hold your login information for as long as we continue to supply the service.
  • We will review your personal data every year to establish whether we are still entitled to process it. If we decide that we are not entitled to do so, we will stop processing your personal data except that we will retain your personal data in an archived form in order to be able to comply with future legal obligations e.g. defence of legal claims.

 

  1. Your rights

  • You have rights under the GDPR:
  • to access your personal data
  • to be provided with information about how your personal data is processed
  • to have your personal data corrected
  • to have your personal data erased in certain circumstances
  • to object to or restrict how your personal data is processed
  • to have your personal data transferred to yourself or to another business in certain circumstances
  • You have the right to take any complaints about how we process your personal data to the Information Commissioner:

 

https://ico.org.uk/concerns/

0303 123 1113

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

For more details, please address any questions, comments and requests regarding our data processing practices to support@fathomit.co.uk