Privacy Policy

IT-MK Limited provide Small Business IT Support and technical consultancy services. Exclusively to SME’s and Charities.

Paperwork and Waterman Pen

This Policy explains when and why we collect personal information about our members, people who use our website and anyone else who we collect data from. It explains how we use this data, the conditions under which we may disclose it to others and how we keep it secure

Any questions regarding this Policy and our privacy practices should be sent by email to info@it-mk.co.uk or by writing to 10 Wren Close, Towcester, Northampton, NN12 6RD, or by telephone to our Membership Team on 01908 880 677. For the purposes of the Data Protection Act 1998 and the General Data Protection Regulations (GDPR), IT-MK acts as a Data Controller.

How do we collect information from you?

We may receive your information from a third party who has an associate relationship with IT-MK offers IT-MK. In such circumstances those parties (corporate and / or individual) will be subject to strict non-disclosure agreements and contractual agreements.

What information is collected from you?

The personal information we collect from you or a third party is the minimum required to provide you with the service requested, and we only pass your information to third parties for the fulfilment of the service requested and, in the manner, outlined in this policy. We may receive your information from a third party who has an associate relationship with IT-MK offers IT-MK. In such circumstances those parties (corporate and / or individual) will be subject to strict non-disclosure agreements and contractual agreements.

Information

We will collect your name and contact details (phone number, address, email), contact preferences and your interests and preferences for the fulfilment of the service or product requested. Aside from security bulletins we do not utilise or effect mailing lists. We may also request your bank or payment card details to pay for the service you have requested.

Website Users

We not collect your IP address to collate information on pages viewed.

Other ways we may receive your information

If you send us your employment details either unsolicited or in response to a job application, we will store your name, email address and CV for the period of consideration. Your details will then either be destroyed or we will contact you with a specific privacy policy for interview purposes.

If you submit a question via our online contact forms, your name, email address and comments will be stored.

If you post on our social media, the data will only be stored on the service providers’ site and not held by IT- MK.

If you contact IT-MK through email without use of the website, the content of the email will be stored.

How is your data used?

To maintain records to fulfil our contractual obligations

To take payment for our services

To notify you of changes to our levels and services, or to our terms and conditions or privacy policy

To notify you of information relating to updates and news of policy or news relating to the work of IT-MK which may be of interest to you

To maintain the services provided by us.

To provide you with additional services specifically requested by you.

The legal basis for processing your data

Under GDPR, the main grounds that we rely upon to process your data are:

To comply with a contractual obligation. This may include name, address, email address, date of and, payment details.

For the purposes of legitimate interests. This includes responding to requests or enquires from you, to provide you with any information via any medium (both electronic and non-electronic) or services which you have expressed an interest in. You can ask us to change your preferences at any time - see the section entitled ‘Managing your data and preferences’ below.

We may also be obliged by law to disclose your data to a regulatory body or law enforcement agency.

Who has access to your data?

IT-MK will not sell your data to third parties and will only share your data with associates (corporate and / or individual) in order to assist IT-MK to perform its contractual duties and / or complimentary professional services. We will not pass your details to any third party for direct mailing purposes.

IT-MK Service Providers

To provide our range of services, we use third parties to process and manage some of these benefits. In all cases, we only provided the necessary data to these third parties to enable them to perform their role. For example, when we use a payment processor to take payment for a membership or service, we don’t need to pass them details of your gender, so we will not.

· Payment processors – we use payment processers to securely take payment for our services, and to manage repeat payments and financial reporting.

· Data Managers – we use third parties to provide services to securely store the data for operational and back up purposes.

· Providers of benefits and products – some of the services are provided by third parties.

Managing your data and preferences

We will contact you by email for information directly related to your relationship with us including payments. For any other information you can choose how you want us to contact you and what information you receive.

You can request any information you receive from us to be changed at any time via email, or by contacting us by one of the methods outlined at the beginning of this Privacy Policy.

In addition, you have certain rights concerning your data that we hold:

Right to be informed

You have the right to ask questions about the data we hold. This Privacy Policy provides all the information about what data we collect, why we collect it and what we do with it. During your visit to the website you may see additional information explaining why we ask for certain pieces of data at point of collection.

Right of access

You have the right to ask us what data we hold about you. On receipt of a valid request, which may include validating your identity, we will provide all the data we hold about you within one calendar month.

Right of rectification

You have the right to ask us to correct any of your data which is incorrect or requires to be updated, we will do this within one calendar month of receipt of a valid request, which may include verifying your identity and we may request proof of the correct data.

Right to erasure

You have the right to request that IT-MK erase your data, we will process such requests within one calendar month of receiving a valid request, which may include verifying your identity. There may be circumstances when we are unable to erase all data – either due to a legal obligation to retain your data (including legitimate interest), or because we are contractually obliged to provide you with a product or service. If this is the case, we will explain this in our response to the request.

Right to restrict processing

You have the right to request that IT-MK restrict the processing of your data in some circumstances. This may be due to a dispute over the accuracy of the data or when you have exercised your right to object (below) and IT-MK are considering the request. Rights to restrict processing are therefore usually temporary in nature and will be assessed on receipt of a valid and authenticated request. It may not always be possible to restrict processing either due to a legal obligation to retain your data (including legitimate interest), or because we are contractually obliged to provide you with a product or service.

Right to data portability

You have the right to request IT-MK to transfer the data held about you to another organisation. Although this concept works well between providers of similar services such as banks and building societies, IT-MK provides a unique service to their members and it is unlikely the data requested, or the system requirements of the receiving organisation would be the same as IT-MK. However, we will consider any such request on receipt of a valid and authenticated request and will provide you with a written response.

Right to object

Your right to object to your data being processed mainly concerns direct marketing and limiting data processing based on legitimate interests.

You can change your direct marketing preferences by emailing us as noted above. If you consider that some of the data held is no longer required for legitimate purposes, we will consider this within one calendar month of receipt of a valid request, which may include verifying your identity.

Rights related to automated decision making including profiling

We have included this right for completeness, however IT-MK does not use your data for any automated decision making or profiling purposes.

How long we hold your data for?

We will only hold your data for as long as needed to for the purpose we have collected it.

Data is kept for a period of 7 years after the end of your membership or end of any relationship with

IT-MK involving / including the processing of your personal information.

Use of 'cookies'

We do not collect cookies.

Links to other websites

Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.

In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third party site.

Children’s Data

We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information. However, we cannot have any contractual relationship with anybody under 18 years of age.

Transferring your data outside of Europe

As part of the services offered to you by IT-MK, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures, in so far as is reasonable, and are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy. Currently all third parties that we share data with are covered by European data regulations or Privacy Shield in the US.

If you use our services while you are outside the EU, your information may be transferred outside the EU to provide you with those services.

Updates to this policy

We keep our privacy policy under regular review. The latest version of this policy was published on 24th May 2018.



Back