Data Privacy Notice
Data Privacy Notice - Preamble
Your data and privacy are important to us.
We at NexgenBusiness Ltd fully comply with the General Data Protection Regulation (GDPR).
In this document here, we will tell you about the data we collect, how we store and how we use it.
The Data that we keep and the Data that we do not keep
We keep the bare minimum of the information you give us, necessary to provide you with a good and reliable service.
If you are subscribed to our hosted services (hosted email, personal or corporate backup, VPS, Remote Desktop, Data Storage, e-courier service and/or VOIP) we may keep your Personable Identifiable Information (PII) on our server(s).
In case you are subscribed to these services we WILL ALWAYS ask for your explicit permission to keep your data on our system(s).
We never keep:
- Your personal password(s) on file
- Your credit card or any payment-related information
- Any other PII data that you have not given us your explicit permission to store.
How do we use your Data?
We only use your personal data to be able to provide the service(s) to which you have subscribed and strictly within the limits of the consent you have given us and/or as covered by the contract you signed with us.
The exceptions to the above (and as per article 6 of GDPR) are:
- If we must use your data to protect a Vital Interest (being necessary to protect someone's life)
- If we must use your data to protect Public Interest (necessary for us to perform a task in the public interest or if the task or function has a clear basis in law)
- If there is Legitimate Interest (where we inform you of maintenance periods, service availability etc.).
How do we keep your Data?
The security of your personal data is paramount. Therefore, we keep it on our own infrastructure, located in a fully secured data centre in London (UK), exclusively.
How long do we keep your Personal Data?
We keep your data while you are subscribed to our service(s), and sometimes for a longer period, depending on whether there are legal or regulatory reasons for doing so:
- We retain accounting data for seven years as the law requires us to do so.
- We also keep your communication data for 12 months as law enforcement agencies have the right to access this data in this period to support the investigation and prosecution of serious crime.
Who do we share your Information with?
As a principle we do not share your data with third parties, without a very good and compelling reason(s).
However, in order to fulfil your orders or provide the services you have requested, we must share the minimum amount of personal data with our suppliers and your data may occasionally be shared with the following categories of third parties:
- Our suppliers and delivery companies - if you order anything from us, we must tell our supplier/the delivery company of your address and other order-relevant/associated data
- Telecoms and broadband providers – so they can provide you with the connectivity.
In addition to the above and to comply with our legal obligations, we may share your data in response to properly made requests from:
- Regulatory bodies such as the Information Commissioner's Office and Ofcom
- Law enforcement agencies - for the prevention and detection of a crime; for the purpose of safeguarding national security or when the law requires us to.
Transfers to third countries
We at NexgenBusiness keep your data in our secure data centre(s) which are located in the United Kingdom. Your information will not be transferred to a third country (defined under the GDPR as a country outside of the European Economic Area), ever.
What are your rights?
You have the following rights under the GDPR:
- The right to be informed – this privacy notice fulfils this requirement.
- The right of access. All of the information we have about you is available upon request. Please email your request to firstname.lastname@example.org or call us on 0845 556 0208.
- The right to rectification. If you find an error in your data, please contact us on 0845 556 0208.
- The right to erasure. In certain circumstances, you may request that we delete personal data held on you. This does not apply if we have a legal reason for retaining it.
- The right to restrict processing. In certain circumstances, you may ask us to 'restrict processing of data'. This means we will need to secure, but not use your data. This will lead to suspension of your account.
- The right to data portability. You have a right to obtain the personal data we hold on you in a 'structured machine-readable' format. If you need so, please contact us on 0845 556 0208.
- The right to object. We never send out any marketing communications.
- Rights related to automated decision-making, including profiling. Nexgenbusiness does not apply any automated decision-making or profiling processes.
If you have any questions about how NexgenBusiness uses your personal data, or if you want to exercise your rights, please contact us on 0845 556 0208.
Under the GDPR definition, Nexgenbusiness is considered to be a Data Controller.
This Privacy Notice is under regular review. Please come back occasionally.