Data Protection and Privacy Policy Summary

Getech Limited is registered under the data protection act with the Information Commissioner’s Office (ICO) under registration reference: Z7161654

Scope

Getech retains certain information about its employees, customers and other users to allow it to monitor performance, achievements, health and safety and to comply with warranties. To be compliant with GDPR, information is collected lawfully and used fairly, stored safely and not disclosed to any other person unlawfully. To do this, the organisation complies with the Data Protection Principles, which are set out in the Data Protection Act 2018.

Principles

Getech, as far as reasonably practicable, complies with the Data Protection Principles contained in the Data Protection Act to ensure all data is:

Fairly and lawfully processed
Processed for a lawful purpose
Adequate, relevant and not excessive
Accurate and up to date
Held for no longer than is absolutely necessary
Processed in accordance with the rights of the data subject
Protected in the appropriate way
Not transferred to any other countries without adequate protection and consent

Sensitive personal data

Getech ensures there is stronger legal protection for more sensitive information such as:

Ethnic background
Political opinions
Religious beliefs
Health
Sexual health
Gender
Criminal records

Responsibilities

All staff who work for or with Getech have responsibility for ensuring data is collected, stored and handled in a safe secure and appropriate manner.

Data Protection Officer

Getech has appointed the Finance Director as the Data Protection Officer dpo@getech.co.uk who will endeavour to ensure all personal data is processed in compliance with the GDPR and the Data Protection Act 2018.

Why we need to store your personal data

Getech sells and maintains Information Technology products and services. In order to meet our legal requirements relating to the Sale of Goods Act and Government Institutions such as HMRC and to allow us to provide the service, it is necessary to store basic customer personal information. This information may also be required in order for Getech Limited to provide extended warranties on these products and services or if a warranty or repair is to be registered by us with a supplier.

Data storage

Data stored electronically must be protected from unauthorised access, accidental deletion and malicious hacking attempts. We are committed to protecting all Personal Data we collect and use. To that end, we take all reasonable precautions to prevent the loss, misuse or alteration of your Personal Data held within our data repositories. We use SSL encryption technology wherever payments are made. Our data repositories are only one element in the internet communication chain. With this in mind, please ensure you access our Websites from a trusted browser/computer (we do not advise using shared browsers/computers for order or payment processing). You should ensure your device has sufficient anti-virus or malware protection. You are responsible for keeping your password confidential. We will not ask you for your password and please ensure any password you use is unique to our websites only. Questions about the storage of data can be directed to the Data Governance Team.

Data accuracy

Getech takes all reasonable steps to ensure data is kept accurate and up-to-date. The more important it is that the personal data is accurate, the greater the effort staff must put in to ensure its accuracy.

It is the responsibility of all employees who work with data to take all reasonable steps to ensure it is kept accurate and as up to date as possible.

Right of access

Data subjects have the right of access to information held by Getech. If an individual contacts the company requesting this information, this is called “Subject Access Request”.

Subject Access Request from individuals should be made by email, addressed to the Data Governance Team via dpo@getech.co.uk and are each charged at £10 + VAT (the fee must be paid prior to any Subject Access Request being carried out).

The disclosure of data for other reasons

In certain circumstances, the Data Protection Act allows personal data to be disclosed to government and law enforcement agencies without the consent of the data subject.

Under these circumstances, Getech will disclose requested data, however, the Data Protection Officer will ensure the request is lawful and legitimate, seeking assistance from the board of directors and the company’s legal advisors where necessary.

Providing information

Getech aims to ensure that individuals are aware that their data is being processed. Getech will not give, sell, share or trade any Personal Data to any party outside of the Company except as outlined in this Policy or with appropriate consent. We may disclose or share Personal Data to a third party in the following limited circumstances:

to comply with the terms of trading, policies or other contractual requirements of Getech
where we believe that the disclosure is necessary to establish the threat of and prevent or respond to fraud, defend our Websites or infrastructure against possible attacks or protect the property and safety of Getech, our Customers, Suppliers or the public
to the extent that we are required to do so by law or in connection with any legal proceedings or prospective legal proceedings
in connection with any potential sale, transfer, merger, consolidation or other transaction involving all or part of Getech Limited or its holding companies
where required, provide our vendor partners or suppliers (or their authorised data partners) with information which may contain Personal Data confirming the recipient and delivery address for statistical sell out analysis or for the registering of extended or enhanced warranties (where applicable)
to companies that provide services that help us with our business activities including but not limited to processing customer payments, logistics and repairs
to companies that work with us to provide a product or service necessary to meet a customer’s enquiry or requirement

Website data

By visiting any of our websites, we may collect anonymous information (via cookies) about your computer and your visits to our websites such as your IP address, geographical location, browser type, referral source, length of visit and number of page views. We may use this information in the administration of our websites or to improve the website's usability. This information may be recorded by a third party on our behalf.

If you register or create an account directly on any of our Websites or via a third-party procurement system (usually in preparation to purchase from us), we may collect and store some basic personal information mainly (but not limited to) your name, address, email, company or institution and telephone number to allow us to fulfil our obligations to you when processing an order.

Marketing to you

We may send you marketing communications relating to our business which we think may be of interest to you (providing you have opted in to receive such information or not opted out or unsubscribed if you have previously had a contractual relationship with us by purchasing a product or service). If you are a business (non-consumer) contact working for a business or institution who we have had a previous contractual history with, or again as a non-consumer contact you have been referred to us by one of our suppliers or vendors following your enquiry to them, we may add your contact information to our business CRM system. We will, however, allow you to opt out of receiving marketing communication should you wish to do so.

CCTV

Getech operates a CCTV network and automated number plate recognition (ANPR) for the purposes of crime prevention, detection and safeguarding personnel and property.

This policy summarises the main Getech Limited Data Protection Policy written in compliance to GDPR and the Data Protection Act 2018 and is reviewed on a regular basis by Senior Management. You should revisit this page occasionally to ensure you are happy with any changes.