Privacy Policy

1st May 2018

  1. 1. Introduction

We respect your privacy and understand that privacy is important to you and that you care about how information about you is used, so this privacy notice sets out details about what data we collect and how we use it.

  1. 2. Visitors to our website

Where we collect personal data via our website, we will be upfront about it and it will be obvious to you that you’re providing personal data and how we will be using it.

  1. 2.1. Use of cookies

We only use cookies to store information about layout preferences and to determine whether or not you are logged in to siso. The cookies used are required to enable the site to operate properly, specifically:

  • To determine whether you are logged in to your account
  • To temporarily store preferences i.e. Column width, sorting, selection and search criteria in the tables

We do not use any other cookies on our site.

If you want to take control of what cookies we use, most web browsers allow cookie controls through their settings. You can find out more about cookies, including how to see what cookies have been set via https://www.aboutcookies.org or http://www.allaboutcookies.org. However, please note that if you do not allow cookies whilst using our website the functionality and your use of your site will be significantly impacted.

  1. 2.2. Online forms

We use forms throughout the siso products. The forms are used to allow users to enter booking dates / time, notes and ask questions required by the administrators to support with their services. All data submitted in these forms is saved in a database and in some cases sent in an email for the purposes of requesting an asset or notifying a system administrator.

All communications with and from the website are encrypted via the site’s SSL (https) setup.

  1. 2.3. Hosting

Our website is hosted on a dedicated servers in a secure data centre in Dublin.

  1. 3. People who call our office
  1. 3.1. To place an order

If you call us to discuss setting up a siso account, we will set you up on our internal CRM system for the purposes of providing you with the service. We will only collect the data needed to set up an account and you will have access (via a login and password) to all the data we hold on you.

  1. 3.2. To log a support request or customer services enquiry

If you call us with a support or customer services issue we will typically deal with the issue over the phone and do not record any information relating to the discussion. However, we may communicate thereafter via email either to ask you for more information or indicate the issue has been resolved.

  1. 4. People who contact us via email

Any emails we receive are stored via our email provider’s platform (Google) and are accessible on our computers via our email client which uses a local copy of the emails (as well as them being available via the Gmail web application). Access to them is protected via device and email-service passwords.

We also make use of Google tools for managing junk email and ESET for virus checking emails.

We will only keep emails within our email system for as long as it is lawful for us to do so.

  1. 5. People who contact us via our CRM

Any support or customer services issues raised directly via our CRM will be stored against your record within the system for as long as you remain a customer. If you close down your account then any support and associated user details in our CRM will be deleted.

  1. 6. Our use of social media

Any interaction with us via social media is strictly within the social media channels. We do not collect any personal data from our followers on social media.

  1. 7. People who are our customers

When you become a customer, we will set up a record on our CRM which you can view. You can also use the CRM to raise support tickets and make development requests.

We will also set up your siso system. You will have access to this system and will have direct control over the data contained within the system, including the ability to edit the data; you can also export all data including support and development history (from the CRM).

Your information will remain on your system for as long as you are a customer after which point the system will be shut down and associated data deleted from our systems.

For specific information stored in our CRM (e.g. administrator details) that need changing or deleting, you will need to contact us, using the CRM or usual support channels.

  1. 8. Employee data

When someone joins our team, we will only collect and ask for personal information that is required for being an employee. This will typically be your name, address, phone number, date of birth, National Insurance number, bank details for payroll and next of kin information, etc. We ask you to provide this information for employment purposes and so that we can pay you and meet legal requirements such as providing a pension.

We will also collect other data for your employee file throughout your employment with us, such as absence information, holiday requests, disciplinary or grievance information.

We will keep these records during your employment and for up to 6 years after termination of your employment. We will also keep your payroll records up to 7 years. If we record working time records, we retain these for 2 years and any immigration check information for 2 years.

All the information will be stored securely both in paper and electronic form.

We use external third-parties for processing payroll as well are carrying out our tax and pension obligations. We will therefore pass your information to these third-parties.

In all cases where we are using such third-party services or companies, we will only provide the minimal amount of information for the purposes of delivering the service to us and to meet our requirements.

We always carry out due diligence against all our third-party suppliers for the purposes of ensuring their compliance with data protection, maintaining adequate security of your data and ensuring they apply adequate data protection principles to the processing of the data we supply.

  1. 9. Recruitment

If you send us application forms or your CV, we will keep the information for as long as we’re considering your application. If you become an employee, the information will be added to your personnel file and kept in line with our policy on keeping employee records. If your application is unsuccessful we will delete the information after 6 months unless you consent to us retaining them for any longer (for example for any future opportunities). All the information will be stored, within our systems, securely.

  1. 10. Retention

Unless stated elsewhere in this document or in our terms of services we only store the data necessary to provide the services we provide to you. We will keep this data for as long as it is lawful for us to do so (this may be for as long as you are a customer or because of a legal obligation to retain the information, whichever is the longest).

  1. 11. Your rights

Under current data protection legislation in the UK, you have rights as an individual which you can exercise in relation to the data we store and process about you. You can find more information about your rights on the Information Commissioner’s website: https://ico.org.uk/for-the-public/

  1. 11.1. Complaints

If you want to make a compliant about the way we are processing your data, you can contact us, using the contact details below. You also have the right to complain to the Information Commissioner’s Office: https://ico.org.uk/concerns/

  1. 11.2. How to withdraw consent and object to processing

Where we are processing your data and needed to ask your permission to do so, you are able to withdraw your consent at any time. Should we send any marketing emails, if you wish to stop receiving them, you can do so, by clicking on the “unsubscribe” link at the bottom of the email. Otherwise, you can contact us, using the contact details below.

If you wish to raise concerns about the way we are processing your data or would like to raise an objection, then please email info@siso.co.uk with your concerns.

  1. 11.3. Keeping your data up to date

It is important that any of your data that we process is kept up to date. We will from time to time ask you to verify your contact details but if you wish to update any information we hold about you, please contact us using the contact details below.

  1. 11.4. Erasure of your data (the “right to be forgotten”)

Under some circumstances you may request us to delete your data from our systems. Where this is possible (e.g. we don’t have any legal purpose for continuing to process your data) we will erase it from our systems.

If you wish to exercise your right to be forgotten, please contact us via the contact details below. But please note, if we are required to continue to keep and process your data, it may not be possible for us to honour your request to delete your data.

  1. 11.5. Portability

Your right to portability allows you to request a machine-readable format of the data you supplied to us and associated service logs (where we store them). Please contact us, using the contact details below, if you wish to receive a CSV export of your data.

As noted above, customers can export their own data from our systems, themselves.

  1. 11.6. Access to your data

You have the right to ask us about what data we hold about you, how we process it and provide you with a copy of the information, free of charge and within one month of your request.

To make a request for any personal information we hold and process about you, we would prefer it if you could put it in writing or in an email to the addresses below. We will need to verify your identity before providing the information and where necessary may contact you further to ensure we understand what data you are requesting.

Our customer’s users should contact their service provider should they require to exercise this right regarding the use of their data within our system. Where we are considered the data processor for your data we will not be able to provide the information you require.

  1. 12. Disclosure of information

We do not share any personal data with any third parties unless it is lawful for us to do so, if required by law to do so or if you provide us with permission to do so.

  1. 13. More information

For more information about your data rights and privacy or data protection in general visit the Information Commissioner’s Office website: https://ico.org.uk

  1. 14. How to contact us

If you have any questions about how we collect and use your information not covered in this privacy notice, or if you wish to speak to someone about our approach to data protection and privacy, please contact:

Data Protection Officer
Siso House
87 St Lukes Road
Bournemouth
Dorset BH3 7LS
info@siso.co.uk

  1. 15. Changes to our privacy notice

We may change or update elements of this privacy notice from time to time or as required by law. The most current version of our privacy notice is available on our website at www.siso.co.uk