Network Consolidation & Infrastructure Services Ltd
Network Consolidation & Infrastructure Services Ltd (N-CIS) is a privately owned IT consultancy and support company. We take your Personally Identifiable Information (PII) and your data in general very seriously.
N-CIS is issuing this statement in response to the new General Data Protection Regulations (GDPR) that come into effect on the 25th May 2018. For the purposes of GDPR N-CIS is a Data Processor for our clients .
The information contained in this statement is intended to help you understand what information we collect, how we collect it, how it is used and how to get your information updated should your circumstances change in the future.
What personal information do we collect?
As part of providing a contracted or ad-hoc support function, we may require users’ usernames and passwords, including those associated with email accounts. We may also need home/personal phone numbers, depending on the areas of support required..
How we use your information
N-CIS collects your information to enable us to provide a managed service. This is primarily a business to business service but, in some cases, a personal/home email address and/ or personal mobile/home telephone number may be required to contact a business client who is working from home.
How long will we keep your data?
We will keep the data for the duration of providing a managed support service to you.
How long certain personal data will be kept beyond this point will depend on specific business sector data retention requirements, for example HMRC requires businesses to keep accounts for up to 7 years. We will look to keep your data for no longer than required.
Why do we need to collect and store your information?
Having to ask a person/authorised contact for these details every time they are required risks security breaches and time delays when providing services to our clients, particularly if the required contact is on holiday or unwell. Verbally having to read out a password over the phone also risks others overhearing.
Recording of communications
We may need from time to time to record telephone conversations for specific permissions. N-CIS will also keep a record of any emails we feel are relevant to the provision of our support function. All information stored will aid with future training, ensuring that we maintain a high level of service It will also help protect us against fraud and ensure we are compliant with the GDPR regulations.
Will N-CIS share your data?
Should it be required for the provision of our support function, we will pass your data to on to relevant partners that provide you with a service through us. Any third parties that we do share your information with are obliged under the same GDPR legislation to keep your data secure and to only use that information to fulfil the service that they are charged to undertake. We may also pass on limited information to contractors should there ever be a need.
If N-CIS needs to pass on your personal information to any other third party we will contact you by email, explaining the reason why the third party needs your information, and requesting your specific written consent. The only time this will not happen is if we are legally required not to. We may also pass on your data to external agencies, including law enforcement agencies to help prevent crime.
Keeping your data secure
We use industry best practice data security measures, including ensuring our IT data is encrypted when backed up off site or password protected on our servers. We have regular backups to ensure that no data is lost. All personal information sent to third party providers is shared via secure websites. N-CIS is committed to keeping your data safe and complying with the new GDPR regulations.
Your rights as a data subject
As a data subject you have certain rights which are listed below with a brief explanation. These can be requested either verbally or in writing and we have 1 month to provide you with the information that is requested.
The right to be informed. Individuals have the right to be informed about the collection and use of their personal data.
The right of access. You have the right to access your personal data that we hold.
The right of rectification. You have the right for inaccurate information to be rectified or incomplete data to be completed. It is vitally important that we keep your information up to date so please inform us immediately if any of your personal information changes.
The right of erasure. This is better known as the right to be forgotten. This is not absolute, in certain circumstances, for example when complying with legal obligations
The right of restriction. You have the right to request the restriction or suppression of your personal data. When processing is restricted, we are permitted to store your data, but not use it.
The right of portability. This allows you to obtain and reuse your personal data for your own purposes across different services. It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability.
The right to object. This gives you the right to object to the processing of your personal data in certain circumstances. You have an absolute right to stop your data being used for direct marketing.
The right to refuse automated decision making . This protects you from companies that process your data using automated systems only i.e. without human intervention.
You also have the right to complain directly to N-CIS at firstname.lastname@example.org or directly to the Information Commissioner’s Office (ICO). Please visit their website for further information, www.ico.org.uk