Privacy Policy
Date: 27th May 2018
Privacy Statement
We recognise the importance of protecting your personal information and we are committed to safeguarding your privacy. Our privacy policy ensures we protect the trust you place in us when you provide us with your personal information. This policy reflects the spirit and content of the General Data Protection Legislation. We understand that individuals are concerned about privacy and so have instituted policies intended to ensure that their personal information is handled in a safe and responsible manner.We will process all Customer Data strictly on behalf of our customers in accordance with our contractual agreements with them and/or as required or permitted by law. We process data in relation to Services and treat it in accordance with the terms of the contractual agreement with you. The data that resides on our system, customer or third-party systems to which we are provided access to perform services, including cloud environments, test environment, development and production environments, in order to perform any of the services, including but not limited to Consultancy and training, Professional services, Support services, Hosting, IT and Administrative operations, Technical services and Managed services. We use Customer Information for marketing purposes to make our Customers aware of product upgrades. We also send relevant business communications and support related information to keep you informed about our services and business updates. The Personal Data we collect from Customers and Prospective Customers will be used for updates regarding products and services. Our legal basis for processing your Personal Data is for product upgrades and updates to existing customers for products and services you currently use. We do not collect or process special categories of Personal Data (as defined in GDPR) for marketing activities. If we need to contact you, our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions. Moreover, the information you provide will be subject to rigorous measures and procedures to minimize the risk of un-authorised access or disclosure.
Retention Period for data storage
We will process and store Personal Data for marketing purposes for as long as you are a customer of Aston Solutions and use our products and services. However, if you choose to opt-out of communications, we will remove your details from our database.
Website
We collect and use your Personal Data to provide you with information and advice about products or services that you may request using the Contact Form on the website. If you choose to get in touch with us using the Contact Us form on our website, we will retain your data for 12 months in order to communicate with you. We may retain personal data for longer periods where required by applicable law or regulation or to establish, exercise or defend our legal rights as provided for in the data protection legislation.
Data Sharing
We may pass your Personal Data on to:
1. Third-party service providers contracted to us in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide you on our behalf, such as cloud storage. When they no longer need your data to fulfil this service, they will dispose of the details in line with our procedures. If we wish to pass your sensitive Personal Data (as defined in the GDPR) onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.
2. Law enforcement or other government and regulatory agencies or to other third parties as required by, or in accordance with, the applicable law or regulation.
Customer Data Security
We deploy and maintain appropriate security measures across all our services in order to protect Customer Data from unauthorised disclosure, loss or destruction. However, we expect our customers and their end users to access the services within a secure environment and notify us of any misuse or loss of integrity. If you believe that your password has been misused or compromised, please change it immediately and notify us as soon as possible. Information security is an integral part of our business. We have robust policies and processes to ensure our commitment to security.
Data Subject Rights
Right to Access -At your request, we can confirm what information we hold about you and how it is processed. You can contact us via email or telephone. We will aim to respond to any requests for information promptly and within the time limits required by the data protection legislation and other applicable law. Please note that you will be required to verify your identity in order to receive the information.
Right to Rectification -You may update your data by contacting Aston Solutions via email or telephone. Subject to applicable law and regulations and applicable checks, we will update our records based on the accurate information provided by you.
Other Rights -In addition to the rights specified above, you also have other rights such as a right to erasure, right to restrict processing, and right to data portability.
If you wish to exercise any of these rights, please contact us via email or telephone.
Complaints
We work hard towards establishing an efficient data protection compliance framework within our organisation and comply with our obligations towards processing Personal Data. However, if you have any questions or concerns regarding this Privacy Statement or if you want to complain about our use of Personal Data, please contact us at support@astoncare.co.uk. You also have the right to lodge a complaint directly with the supervisory authority (Information Commissioner’s Office).
Disclaimer
We reserve the right to change, modify, add or remove parts of this Privacy Statement in line with any update in our processes or in compliance with any new applicable regulation