Here at Genesis Business System we take the privacy of both the induvial, and the companies we work with very seriously. In order to protect your privacy, we comply with the UK Data Protection Act 2018 (DPA) and General Data Protection Regulation (GDPR, which also forms part of UK Law) which governs the fair and proper use of information about people and their fundamental right to privacy.
This Privacy notice tells you how we collect and use your personal information, your rights to access, amend or delete that information, and how we use it within Genesis Business Systems.
Genesis Business Systems LTD are a registered company in England and Wales, registration number 1923854. The registered office is Goulton Street, Hull, HU3 4DD. We are registered to the Information Commissioners Office (ICO), registration number Z573671X, and act as the data controller for the personal information we collect and process. Our designated Data Protection Officer is Mal Verity, who can be contacted at via the registered office, or [email protected]
More contact details can be seen here.
Most of the information we collect, and process is provided to us directly by yourselves for one or more of the following reasons:
We collect personal information regarding your name, company name, role within the company, company email, company phone number (including company mobile number), and company address. If we are proving you with quotes or invoices for services and products that you have requested, we may also gather information regarding your companies IT Infrastructure & Hardware, Software Use, Voice & Data Communications, Employee Numbers – and Access Requirements, along with any other information we may deem relevant to provision our services.
We process the personal information we have gathered in order to provide you with our products and services inline with our legal, statutory and contractual obligations.
We may also use your information to;
Under data protection law, you have rights to access, amend, restrict or delete personal information we hold about you as follows;
Right of Access – You have the right to ask for copies of all personal information we hold about you. This right always applies, but there are some exemptions, which means you may not receive all the information we process. You can find out more information here.
Right to Rectification – You have the right to ask us to amend any information that you think is inaccurate or complete any information that you feel is incomplete. More information can be found here.
Right to Erasure – You have the right to ask us to erase your personal information. This right is not absolute, and more information can be found here.
Right to Restriction of Processing – You have the right to restrict the processing of personal data in certain circumstances, where it does not prevent Genesis Business Systems meeting its contractual, statutory and legal obligations.
You have an absolute right to restrict Genesis Business Systems using your data for direct marketing purposes. This can be a complete restriction or just opting out of communication channels such as telemarketing. If you do object to this Genesis Business Systems must stop using your data.
Right to Object to Processing – You have the right to object to the processing of personal data in certain circumstances, where it does not prevent Genesis Business Systems meeting its contractual, statutory or legal obligations.
You have an absolute right to object to Genesis Business Systems using your data for direct marketing purposes. This can be a complete restriction or just opting out of communication channels such as telemarketing. If you do object to this Genesis Business Systems must stop using your data.
Right to Data Portability – This only applies to information you have provided us directly. You have the right to ask us to transfer this information to another organization, or give it to you, in a format that is accessible and machine readable. E.g. A CSV file.
If you wish to exercise your rights you may contact us at any time via the following link. We have a duty to respond to your request within 1 calendar month from the day after we receive your request.
Any data that is provided to us for provision of products, services, or quotes, is only kept for as long as is necessary for us to meet our legal, statutory and contractual obligations. It will also hold the information for as long as is required for administration purposes.
Information that we hold for marketing purposes, will be kept until such time that we are requested to delete/restrict or amend the data. This data will be reviewed at least every 6 months to try and ensure that we have the correct information.
If you have applied for a job with us, we will keep your file on our systems for no longer than 6 months.
We take the security of your personal information very seriously and work hard to protect your information from unauthorized access, alteration, disclosure or destruction. We use several layers of security, including but not limited to, SSL & TLS encryption, restricted access, IT authentication, firewalls, antivirus/malware and endpoint protection. Our security systems are regularly tested and reviewed for new threats, and appropriate security patches applied in a timely fashion.
Our website is also Cyber Essentials Certified for security by The National Cyber Security Centre.
We do not share, lease or sell your data to third parties for the purpose of direct marketing.
We use data processors, who are third parties, who provide elements of service for us. This means that they can’t do anything with the data provided to them, without our instruction. We will not instruct a third party to do anything with your data without your explicit consent.
All third-party processors, acting on our behalf, comply fully with this privacy notice, DPA and GDPR laws and regulations.
The only time we will share your data without consent is when we are legally obliged to do so by law, normally by court order.
We only collect and process personal information in compliance with this privacy notice, in accordance with UK DPA (2018) and GDPR. If, however you feel that we have not met with our obligations, you may raise a complaint. In the first instance we would urge you to contact us at [email protected], and we will respond.
If you remain dissatisfied, you can make a complaint to the Information Commissioners Office.
Our privacy notice is regularly reviewed to ensure it is accurate and up to date. We strongly advise you to re-visit this section on a regular basis to ensure you are happy.
This policy was updated on 18/4/2019.