Updated: 18 May 2018
The General Data Protection Regulation (GDPR), protects customers against the misuse of personal data across both manual and electronic records. This Policy describes the associated processes that OrbitTech has in place.
2. How do we collect Information?
We collect data via a website contact form or emails.
The provision of data by you, will be deemed by us as freely given, specific, informed and non-ambiguous. This may be classed as Personal Data.
3. What information do we collect?
The contact form or email may contain Personal Data, including your name, telephone number and email address.
This data is stored on servers in secure data centres located in the UK. Transmission utilises an encryption process and access by OrbitTech employees is limited.
No data is stored on the website.
It is assumed the provider of the data is authorised and legally suitable to disclose this data, including that they are over 16 years old.
4. How do we use this information?
OrbitTech appoints a Data Controller who takes responsibility for ensuring all personal data is controlled in compliance with the General Data Protection Regulation 2018.
OrbitTech does not provide, sell or otherwise disclose Personal Data to any third party, individual or organisation outside OrbitTech unless specifically required by law.
OrbitTech will only use this information to deliver support, products and/or services.
5. Access to Personal Data Information
On request OrbitTech will disclose details of Personal Data related to the individual held by us. Please contact firstname.lastname@example.org by making a ‘subject access request’ under the General Data Protection Regulation 2018. We assume that request from the same email address provides legal entitlement to this information. The request may be extended to cover a description of this information, deletion or exclusion from future communications or updates if incorrect.
6. Data Retention
We will not retain your Personal Data for longer than necessary for the purposes for which it is required, however the longest will be twelve months after cancellation of services.
8. Security Controls
We take every precaution to protect Personal Data held by us. We have security measures in place to protect against the loss, misuse and alteration including encryption and secure replication. Our website uses the Secure Sockets Layer (SSL) protocol indicated by the “https” prefix.
9. Contact OrbitTech
If you have any questions regarding OrbitTech’s GDPR polices, please email our Director of Compliance and Information Assurance using security@OrbitTech.co.uk