Customer Privacy Statement
Version 1.4 Revised 24/5/2018
Boffins Computer Workshops is committed to the principles of data protection embodied in the European GDPR regulations. This statement is designed to inform individuals and customers about the personal information that Boffins collects, how that data is used, where it is processed, how you may opt out of your data being used, how to contact us about your data, and how we protect it.
1. Data Controller and Data Processor
Boffins Computer Workshops is both Data Controller and Data Processor as defined in the GDPR Regulations. As a small business with limited collection and processing of personal data, Boffins has decided not to appoint a Data Protection Officer. You may, however contact any of the Directors of the company, at the registered address below, to discuss your data and exercise your rights.
2. Collection and Processing of Personal Data
Boffins may collect, store, and process personal data (e.g. name, logon name, job function, location(s), email addresses, and details of conversations and work performed) in their files and computer systems for the purpose of:
- Performance of our contract with our Customer
- Providing IT support to the Customer and its users
- Legitimate business correspondence
- Providing information about products and services offered
Boffins has a legitimate business reason to collect and hold this data. In other cases, we will request your consent for the processing of personal data that you give us. Your refusal to provide data or allow us to process your data may hinder or prevent us from providing the goods or services that you require from Boffins.
Boffins treats personal information as confidential and will not sell, exchange, transfer outside the company’s control, or give your data to any other company for any reason without your consent other than for the purposes specified below:
- To comply with the law or protect our rights, property, or safety
- To trusted sub processors for the purposes listed above, where that sub processor has agreed to confidentiality and data protection terms equivalent to our own.
Boffins does not collect or process credit card information. Boffins does not perform any profiling of personal data nor automated decision making using personal information. Your data will always be kept within the UK.
3. Data Retention
The personal information that we collect is retained only for as long as it is required for the purposes listed in clause 2 above or for a period specifically required by law or regulation that Boffins is obliged to comply with.
If you request us to delete your personal data we may retain such data to the extent necessary and for as long as necessary for our legitimate business interests, the performance of our contractual obligations, or as required by law.
Following the retention period, Boffins will anonymise or securely destroy your personal data in order to prevent loss, theft, misuse, or unauthorised access.
4. Data Security and Protection
Boffins implements many security measures and best practice processes to secure and protect your personal data including:
- All personal data stored on our own systems is secured by user authentication with strong passwords
- All personal data backed up on cloud servers is secured using encryption
- All Boffins’ systems are protected by up to date anti-virus software
- All Boffins’ systems are protected by advanced firewalls at the network perimeter
- All Boffins’ systems are regularly patched
- All inbound and outbound email is scanned for SPAM and viruses
- All Boffins employees have signed contracts that include confidentiality agreements
5. Contacting Boffins
You may contact Boffins using any of the following methods:
By Post: Boffins (Wycombe) Ltd, Thame House, Thame Road, Haddenham, HP17 8HU
By Phone: 01844 291110
By Email: firstname.lastname@example.org