Data Protection and Privacy Policy
Video2web Limited are committed to protecting and respecting your privacy. Any information you provide us will be properly protected and under no circumstances will it be sold or rented to a third party.
This policy explains how we might collect any personal data from you and how we will process it. Should you wish to contact our data controller with any queries you can do so via email or writing to:
Data Controller, Video2web Limited, Index House, St George’s Lane, Ascot, SL5 7ET
Information we may collect from you
At all times our aim is to hold the minimum amount of personal data in support of our legitimate business interests.
We collect a variety of information depending on which service you are using or have shown an interest in. The information we hold may include your name, address, e-mail address and phone number, organisation and payment details. In the vast majority of cases it is your name, company name, role and business email address.
We also collect personal information about your interactions and transactions with us, including any actions through monitoring and recording any contact we have with you by telephone, email or online for purposes including security, dispute resolution and training.
Our Website
We use Secure Sockets Layer (SSL) certificates on our website that encrypts the transmission of data to and from your browser. While we use strong encryption, both when your information is moving to or from our web services and also whilst your information is held by us, unfortunately the transmission of information via the internet can never be completely secure.
Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
This website is built using Wix. Wix is a website builder, and all of its content is hosted on Wix’s servers. You can learn more about their privacy here.
Corresponding with us by phone
When you call us we may collect Calling Line Identification (CLI) information. We use this information to help improve efficiency and effectiveness. You have the right to withhold your number before placing a call to us. We reserve the right to record calls for data protection and training purposes.
Corresponding with us by email
We use Microsoft Outlook and Apple Mail, to process emails. These services use encryption to protect data in transit and at rest. Data in transit is protected using HTTPS, which is activated by default for all users.
Our email services encrypt customer content stored at rest, without any action required from customers, using one or more encryption mechanisms. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
Access to our email is protected by a 2 step verification process and our system warns us if an unidentified device tries to access a particular inbox.
Corresponding with us by Social Media
If you send us a private or direct message via social media the message will be stored for three months. It will not be shared with any other organisations.
Opting in to receive our e-newsletter
We use double opt in on our email lists. This means that once you enter your details an email confirmation is sent to you for you to confirm your subscription request. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our e-newsletter. Out of respect for our users privacy we provide a way to opt-out of these communications via the unsubscribe mechanism at the bottom of each email.
Information we receive from other sources.
When someone visits this site we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone.
We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
We may have access to geolocation data as indicated by your IP address. We collect and process IP addresses of all devices where some of our services are made available on such as our live chat. Collecting and processing your geo-location data refers to mobile devices as well as computers.
We may use your information collected from the website to personalise your repeat visits to our website. You can choose to accept or decline cookies.
Most web browsers automatically accept cookies, but you can modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website. For further information visit www.aboutcookies.org or www.allaboutcookies.org.
How we use your information
As part of our ongoing legitimate business interest we will only use this information for the provision of services requested and marketing purposes. We may provide you with information about other goods and services that we believe you may be interested in and if you are an existing customer are similar to those that you have already purchased or enquired about. We will also notify you about changes to our service(s). We respect your right to opt-out of our marketing communications via an opt-out button and the ongoing maintenance of an email marketing suppression list. In addition to our legitimate business interest we also consider that customers and contacts have opted in to our marketing communications when one or more of the following have occurred:
• Volunteering your information in our newsletter subscribe form.
• By ticking a checkbox on another form on our website to opt in to our marketing communications.
• If you completed an offline form and you have ticked the a box indicating they would like to be contacted with more information.
• If you have completed a form from a third party, such as Facebook, as a result of an advert. • If you gave us your business card and we verbally explained how we would like to stay in touch.
• If you connected via LinkedIn and we explained how we would like to stay in touch
• If we provided you with a service.
• By verbal permission within a telephone call with us.
The security of your data such as subscriber lists and campaign content is incredibly important to us. We have put in place both hardware and software protection to ensure that nobody else has access to your account and the information it contains. If you have consented to receive marketing, you may opt out at a later date. You have a right at any time to stop us from contacting you for marketing purposes.
Where we store your personal data
The data we collect from you will be stored within our cloud CRM system and / or our email campaign system.
Use of Data Processors
All our data processors are able to demonstrate compliance with data protection laws. The GDPR does not require EU personal data to stay in the EU, nor does it place any new restrictions on transfers of personal data outside the EU.
Where data does reside outside of the EU we are protected by the EU-US Privacy shield program. This means processors we use are deemed adequate by the European Commission meaning they are recognised secured mechanisms to comply with EU data protection requirements when transferring personal data from the European Union to the United States.
Accountancy Platform
Our accountancy platform is the Sage One cloud based system and supports SSL (encryption) and resides predominantly in the UK. Sage is the UK’s largest software company.
When EU customer data is processed in other territories, like the USA, other appropriate safeguards are taken that are prescribed by the GDPR. EU Standard Contractual Clauses (also called Model Clauses), that are published by the European Commission are used to protect EU data.
These are standard form data export agreements that have been approved by the European Commission as a lawful basis for transferring personal data to non-EEA countries like the USA.
Kirk Rice Accountants support our accounting process.
CRM
We use a CRM platform to store customer and prospect information. This cloud system uses a 2 factor authentication login process and all information in in transit is encrypted. The stored data resides in US Data entres. The platform is deemed EU-US Privacy shield compliant
Email Campaign Software
We use Campaign Monitor as our email campaign platform and it resides in US Data Centres. The platform is deemed EU-US Privacy shield compliant. Transfers to the USA are therefore compliant under GDPR.
In line with GDPR we are:
• Documenting all data processing activities that involve the collection, treatment, and safeguarding of personal data.
• Building and improving processes and features to ensure we can quickly and effectively address any requests from our customers when their subscribers wish to exercise their rights (including the Right of Access, Right to Rectification, Right to Object, Right to be Forgotten, and the Right of Portability).
• Ensuring all of our sub-processors have adequate security measures in place for the safeguarding of personal data processed by them and ensuring our contracts with them require them to also abide by their requirements as sub-processors under the GDPR
Access Control
Our business office has three layers of physical security which includes a combination of key codes and key locks. Our computers are all password protected. Each user has their own username and use strong passwords. Should a member of staff leave the organisation or is absent for long period their access to our systems is cancelled. Our network files are all synchronised to the Cloud to enable our employees to also access them remotely. This is protected by a 2 step verification process and all remote computers are also password protected.
All equipment used has antivirus regularly scanning the network to prevent and detect threats. There is security built into the operating system preventing outside access, and all major security patches are tested and applied within 2 weeks of release.
Where we might have taken physical notes at a meeting these are immediately shredded after use after transferring the information to our CRM.
Access to personal information
Video2web Limited tries to be as open as it can be in terms of giving people access to their personal information. You have the right to request a copy of the information we hold about you. If you would like a copy of some or all of your personal information, please email or write to us at the following address.
The Data Controller, Video2web Limited, Index House, St George’s Lane, Ascot, SL5 7ET
Links to other websites
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last updated May 2018