GoodChoice IT Ltd. Data and Privacy Policy

Last updated 25-05-18

Your privacy and data security is very important to us – we have listed the key types of data we may hold and are happy to clarify any questions you have on how we use your data.

Key data we hold on our service desk

In order to contact you and staff at your organisation and provide our services we generally keep:

  • Name
  • Mobile
  • Email Address
  • DDI and office phone

We also link your data to your device, company and site location and keep various non personal information relating to your devices

 

We track correspondence between us and you

 

We audit each time we connect to a device or make any changes

 

Generally we only delete these records when they are no longer relevant

 

We keep secure records of login credentials and limit the access to these as far as is practical

This system is secured by two factor authentication

 

Our backups

 

We use encryption to keep our backups secure

 

Information requests

 

If possible email gdpr@goodchoice.it. We can only respond if we know you have made a data access request under GDPR and can verify your identity

 

If you are requesting a customers data then we will not be able to supply this without their written consent – you should contact them directly

Marketing data

 

If you are not an existing customer we will only send marketing automated messaged if you have opted into our mailing lists. You can opt out at any time

 

We keep some limited data to help us target those who may be interested in our services. Please let us know if you would prefer we did not contact you via email to gdpr@goodchoice.it or click the unsubscribe link

Data retention

 

Data retention policies vary depending on use of data some common scenarios are:

 

Hard disks of customer data

 

Data is destroyed beyond recovery after 90 days retention

 

Backups. Depending on customer policy. Usually we keep the last 3 versions of any data

 

Emails

 

Some emails are destroyed after 30 days retention. Our policy is to keep emails unless they are no longer relevant

 

Data location

As far as practical we keep data at rest secured in the UK – we make extensive use of encryption and 2 factor authentication to keep your data secure

Financial records

All transaction records are destroyed after 7 years, unless required for any legal reason to be retained for longer.

Previous customers

We aim to delete records after 90 days retention unless they are needed for legal reasons

Shared Data

In order to provide our service we may share your data with 3rd parties (such as vendors and contractors) – we will always limit this access to the minimum required in order to provide our services. As far as possible we look to keep the data on our systems and not share your data. We have a agreement with our vendors and contractors which is subject to the same clauses as our customer contract in order to keep your data secure

Data breach

Should we detect a data breach impacting your data, we will inform you as soon as practically possible and report to the ICO if required. Should we detect a breach in our customers network we will inform them as soon as practically possible. If needed we will follow up with more information as it becomes available

More questions?

If you have any questions, comments or suggestions please email gdpr@goodchoice.it We will respond within 72 hours