Privacy Notice
Introduction
This notice tells you what to expect when Locktel Ltd uses your personal data.
It does not provide exhaustive detail of all aspects of our collection and use of personal data, but we are happy to provide any additional information or explanation needed.
Any requests for this should be sent to mydata@locktelltd.co.uk.
This privacy notice applies to information we collect about:
Visitors to our websites;
Those who make an enquiry about our services through this website;
Links to other websites
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last updated on 28th April 2020.
Who is Locktel Ltd?
Locktel Ltd (Locktel) is a limited company registered in England & Wales No 10382781 and our registered address is:
156 Viglen House, Alperton Lane, London, HA0 1HD, UK.
Locktel is committed to protecting and respecting your privacy and our use of personal data on this website is aimed at helping us achieve these aims and to provide our customers with the best service we can.
Contacting Us
If you have any questions or concerns about our personal data policies or practices, please contact us at the address above or:
Email: mydata@locktelltd.co.uk
Telephone: +44 (0) 113 345 2253
Your Rights
The European Union’s General Data Protection Regulation provides you with certain rights. A good explanation of them (in English) is available on the website of our National Privacy Regulator, the Information Commissioner’s Office.
In the UK you have rights as an individual under the Data Protection Act 2018 which you can exercise in relation to the information we hold about you.
You can read more about these rights here – https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/
Right to Information and Access
You have the right to know whether Locktel Ltd is processing your personal data and to have access to the personal data we may have about you.
You may also request information about: the purpose of the processing; the categories of personal data concerned; who we might have shared the data with; what the source of the information was (if you didn’t provide it directly to us); and how long it will be stored for.
Reasonable access to your personal data will be provided at no cost upon request made to mydata@locktelltd.co.uk.
To make sure we do not disclose your information to someone else, we may ask you to provide information to confirm your identity. This may include asking you to provide identification documents.
If access cannot be provided within 30 days, we will provide you with a date when the information will be provided.
If for some reason access is denied, we will provide an explanation as to why access has been denied.
Right to Correct
You have a right to correct the information we hold about you if it is inaccurate. Where we need to investigate the accuracy of the data, you have the right to request we restrict our use of that data.
Right to Erasure
You may request that we erase the data we hold about you; but this is not an absolute right and is subject to exceptions. Where we have a lawful reason to retain your data even when you request we delete it, you have the right to restrict our use of your data to that reason only.
Right to Object to the use of your Personal Data for Direct Marketing
We will use your contact information to keep your business informed by email about relevant products and services or news about the work we do.
We do this as part of our Legitimate Interest in promoting our services to your business or employer rather than to you as an individual, but you have the right to opt out of our use of your personal data for our legitimate interests. Please contact us if you wish to do so.
Right to not be Subject to Automated Decision Making
You have the right to object to a decision which has been made solely by automated reasons. Essentially, this right allows you to request that the decision is reviewed by a human. We do not use any automated decision-making tools but please contact us if you require any more information on how this right may apply to you.
Right to Data Portability
When technically feasible, we will—at your request—provide your personal data to you or transmit it directly to another controller in a commonly used, machine readable format e.g. csv.
Right to Complain
You have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how we use your personal data.
In the UK this is the Information Commissioner’s Office – www.ico.org.uk/concerns.
The reasons we can lawfully use your data
We only use your personal data when we have a lawful basis to do so.
Data Protection legislation sets out a number of these, but the ones we most commonly use are:
Consent
In some situations, we collect and use your personal data with your consent.
Performance of a Contract
In most cases, we need to use your personal data in order to provide the service you have asked us for (or to allow others to do so on our behalf).
Legal Obligation
If the law requires us to, we may need to collect and process your data.
For example, to maintain our proper accounts and fulfil our reporting obligations to HMRC.
Legitimate Interest
We may use your personal data to pursue our legitimate businesses interests in a way which might reasonably be expected as part of running our business as long as it does not materially impact your interests, rights and freedoms.
These legitimate business interests can include:
Enhancing, modifying, personalising or otherwise improving our services and communications for the benefit of our clients;
Understanding how people interact with our websites;
Determining the effectiveness of our marketing and communications.
This can also apply to uses which are in your interests and those of others such as those which:
Identify and prevent fraud or other illegal activity;
enhance the security of our network and information systems.
You have the right to object to our processing of your personal data for our Legitimate Interests at any time. Please contact us if you have any further questions about our use of your data in our legitimate interests.
When do we Collect your Personal Data?
When you visit our website.
When you enquire about our services;
When a third-party such as your employer gives us your information in connection with a project they want us to work on;
When you engage with us on social media;
When you contact us by any means with queries, complaints etc;
What Happens if you Don’t Give us your Data?
The information on our website is available without giving us your personal data.
However, some personal data is needed so we can supply you with the services and information you have requested.
For example, when you complete our contact form to enquire about our services, we need at least your name and email address to be able to respond to you.
What Personal Data do we Collect, Why and How do we Use it?
We only collect the personal data we need to provide you with the services you have asked us to.
Contact Information
To begin with, this is normally your name and preferred contact method such as email address and telephone number.
How We Use It
We use this information to keep in touch with you and provide the services you have asked us to e.g. to give you more information about our contracting services.
We may also use your contact information in connection with the management and administration of a project you or your employer have asked us to work on.
People who Contact us via Social Media
If you send us a private or direct message via social media the message will be stored by the social media platform you use to contact us. We will normally delete the message after around three months, but your copy will be retained until you delete it and we urge you to read the relevant platform’s privacy notice for more information about their use of your personal data before you use it to contact us.
Biographical Information
Most of the information we gather is about your business and its needs in connection with our services; but we may also gather relevant information about you which could include personal information such as your role and job title.
How We Use It
We gather this information to help manage our relationship with your business in order to maximise the value you get from your relationship with us.
Sometimes the information will be provided by your employer as part of their discussions with us e.g. in providing us with contact details for and information about the members of staff best placed to work alongside us on a project.
Financial Information
We record information about your business’s budget for the services you have asked us to provide. While this information is about your business it may be classed as personal data if you are a sole trader or partnership.
How we use it
We mainly use this information in order to enter into a contract with you (i.e. provide you with our services); but we also use it in order to maintain proper business records and meet our legal reporting obligations such as those to HMRC.
Your Contacts with Us
Details of your contact with us online, by email, telephone, or through the postal service. Your contact details including social media username(s).
How we use it
To respond to your queries and complaints. We need to use the information we hold about you to respond. We may also keep a record of your contacts with us to inform any future communication with you. We do this on the basis of our contractual obligations to your business and our legitimate interests in providing you with a good level of service and understanding how we can improve our service based on your experience.
Combining the data we hold about you
We want to give you the best possible service. One way to achieve that is to get the richest picture we can of who you are by combining the data we have about you.
We then use this picture to offer you improved information about other products and services that are most likely to interest your business or employer.
e.g. We may combine information that you provide to us with publicly available information such as that from LinkedIn, Companies House or your company’s press releases to better understand your business and how Locktel’s services may assist you.
We do this as part of a legitimate interest in understanding our clients and providing the highest levels of service as this allows us to tailor our services and promotions and to let you know about services which are likely to be of interest to you based on which services you have used in the past and/or information which is publicly available about your business and its activities.
Sensitive (or Special Categories) Data
This is data about your racial or ethnic origin, health data, sex life or sexual orientation, political opinions or affiliations, religious or philosophical beliefs, genetic or biometric data.
We do not ask for or need any of this type of data as part of our services.
The Data of Children
This website is aimed at people over the age of 18.
We do not attempt to solicit or knowingly receive information from children under 18 using this website.
Technical Data that Identifies You and How You Use www.locktelltd.co.uk
Your IP address, login information, browser type and version, session ID, time zone setting, browser plug-in types, geolocation information, operating system and version.
The pages you visit, the path you take through our site, page load times, errors you receive, how long you stay on our pages, what you do on those pages, how often, details of jobs viewed or applied for and any search terms you entered etc
This information is normally gathered using cookies in your web browser. Learn more about our use of cookies and similar technologies.
How We Use It
We use this information for a number of purposes related to providing the services you ask us to provide e.g. the ability to send us a message online or to remember your cookie settings.
We also use this information in our legitimate business interests such as improving and personalising our website or to protect our business from fraud and other illegal activities.
How We Protect your Personal Data
We take the privacy of our customers and the security of their data seriously. With this in mind we maintain physical, technical and administrative safeguards.
We secure access to our website using SSL encryption meaning that any information you give us through www.locktelltd.co.uk remains private and secure.
We restrict access to your personal data to those employees who need that information to perform their role and help provide services to you.
We provide training to all our employees about the importance of maintaining the confidentiality and security of your information.
Please contact us if you have any questions about the security measures we have in place.
How Long Will We Keep your Personal Data?
We’ll only keep your personal data for as long as is necessary for the purpose for which it was collected and to comply with applicable law or resolve disputes. This means we set retention periods for all the personal data we collect.
When that retention period has passed, your data will either be completely deleted in a secure manner or anonymised e.g. by aggregation with other data in a non-identifiable way for statistical analysis and service planning purposes.
How long we will keep your data for depends on the nature of the relationship we have with you. Please contact us if you would like more details, but some examples of data retention periods are:
Expressions of Interest
Where you have provided your personal details as part of an expression of interest in our services but have not become a client, we will retain your personal information for up to 3 years during which period we may contact you with developments we think may be of interest to you. We do this as part of our Legitimate Interest in promoting our services to your business or employer rather than to you as an individual.
After this period, we will remove your personal information although we may retain information about your business and its interactions with Locktel Ltd in an anonymised format in order to inform our business planning and research.
Clients
We keep the information you have provided for as long as we have an active business relationship with you in order to provide the services you have asked us to.
After our business relationship ends, we will retain your information and information about your business transactions with us for up to seven years to comply with our legal obligations such as those to HMRC.
After this point we retain details of your business’s relationship with us in an anonymised format in order to inform our business planning and research.
Who Do We Share your Personal Data with?
We do not reveal your personal data to third-parties unless:
you request or authorise it;
the information is provided to comply with the law (for example, to comply with a court order);
to protect our rights, property or safety, or the rights, property or safety of our employees or others. This includes exchanging information with law enforcement organisations for the purposes of the detection or prevention of crime; or
the information is provided to protect your health, safety or other vital interests or the health, safety or other vital interests of another; or
the information is provided to our sub-contractors, agents, vendors or service providers who perform functions on our behalf; or
to address disputes, claims, or to persons demonstrating legal authority to act on your behalf.
Examples of the Kind of Third Parties We Work With
IT, software and SaaS companies who support our website and other business systems.
These include Microsoft and DropBox who provide our business software and email, Sage who help us manage our business and accounting records and BigChange who provide our customer and job management software.
These companies are data processors for Locktel Ltd which means they only use your data in order to provide the technical services we ask them to.
Sharing Your Data with Third Parties for their Own Purposes:
We will only do this in very specific circumstances, for example:
We may, from time to time, expand, reduce or sell Locktel Ltd and this may involve the transfer of divisions or the whole business to new owners. If this happens, your personal data will, where relevant, be transferred to the new owner or controlling party, under the terms of this Privacy Notice.
Where Your Personal Data may be Processed
As part of our commitment to your Privacy, we usually opt to have your data stored in the UK or EU where possible.
However, sometimes we will need to share your personal data with third parties and suppliers outside the European Economic Area (EEA), such as the United States.
Locktel Ltd transfers personal data outside the EEA only:
to countries where there is an adequacy decision in place i.e. the EU has formally determined that there is a sufficient level of protection in place under that nation’s data protection laws; or
where the recipient is certified under an internationally recognised privacy framework which helps to ensure your protection; or
with your consent; or
to perform a contract with you; or
to perform a contract with another in your interests; or
to fulfil a compelling legitimate interest of Locktel Ltd in a manner that does not outweigh your rights and freedoms.
Any transfer of your personal data will follow applicable laws and we will always treat your personal information in line with the principles of this Privacy Notice.
This includes measures such as imposing contractual obligations on the recipient with respect to how they treat your data.
Protecting your Data Transferred to the United States
Many online services are reliant on US providers and/or servers which means many companies need to transfer your data to the US to provide the services and/or online functionality many people expect.
The United States has neither sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR.
The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and the European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.
Membership of the scheme is voluntary but, when choosing an infrastructure partner who transfers your data to the US, we select only those companies who are members of the EU-U.S. Privacy Shield
Along with the contractual and organisational measures we have in place, we believe this helps to ensure your rights and freedoms are protected as the Privacy Shield framework is recognised by the European Union (although this may be subject to challenge by the European Data Protection Board).