Cubetek Limited (“Cubetek”, “we”, “us”, “our”)
Under Data Protection legislation and the General Data Protection Regulations, everyone must be clear as to what “personal data” we collect from you – specifically what details are taken, what we use those details for, where we keep them and who we share them with. Once you know what we have, you should know what your rights are in relation to those details.
We will explain in this policy how we process your personal data, in accordance with Article 5 of the General Data Protection Regulation (GDPR).
Who collects your personal information?Cubetek Limited collects the personal information from you and decides what to do with it.
In compliance with Data Protection legislation and the GDPR, Cubetek is the Data Controller.Cubetek Ltd. Registered office Exchange Station, Tithebarn Street, Liverpool, Merseyside, L2 2QP. Registered company no: 7030029. VAT Registration Number: 121 3585 42. Telephone number 0151 303 0114 Dominic Corr is the Data Protection Officer who can be contacted via DPO@cubetek.co.uk
How do we collect your personal information?Cubetek will collect personal information if you email us, call us or you request a meeting.
Article 4 of the GDPR
‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
What personal information do we collect about you?Cubetek may collect your name, business address, e-mail address, telephone number, employer’s name, business address and work email address if they are different. If there are other specific details we need, we will discuss with you and send you notification of what we have. If you decide to send your CV having found our contact details using the website, we will contact you directly and discuss what to do next. If we reply to you we will discuss what happens next and mutually decide if we have a reason to keep your data, and you will give your consent to that. If there is no reason to keep your details, we will destroy and personal information you have sent with immediate effect. If we are contracted to supply goods or services either to or from you, we may need to store Bank account details and other financial details.
Article 6 deals with the ‘Lawfulness of Processing’ What is the Lawful reason for Cubetek keeping your data?• the data subject has given consent to the processing of his or her personal data for one or more specific purposes; • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; • processing is necessary for compliance with a legal obligation to which the controller is subject; such as communicating with HMRC, or other government agencies
How do we process or use your personal data?
The rights to your personal data are controlled by Article 5 of the GDPR –
1. Personal Data shall be:
• (a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
• (b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (‘purpose limitation’);
• (c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
• (d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’)
• (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organisational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject (‘storage limitation’);
• (f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
2. The controller shall be responsible for, and be able to demonstrate compliance with, paragraph 1 (‘accountability’).
Cubetek will always ensure your privacy and security are paramount and we will only use any personal data to fulfil the following:• Fulfil contractual obligations • Answer questions or queries posed • Processing payments • To notify you of changes in services, software updates or technical matters • Marketing • For any Legal compliance
If you do not wish for us to keep your personal data, you have the right to be forgotten by Cubetek. If you want this to happen, we will no longer be able to provide you with the goods or services desired.
Where do we store your personal data?We store your information in a number of controlled environments, on our server held on site, on Microsoft Office 365 and backups are held on off-site secure storage. We will always use industry best practices to ensure the security of your data and store it for only as long as necessary to fulfil our contractual obligations. We will only store your data in EU based countries to comply with the GDPR.
Do we share your data with other companies?We will only pass your details to another company if you have requested that we do so. This will be for the provision of additional services that we do not supply. You will have given consent if that is the case.
Your rights for your data:You have the right to request a copy of the data we hold about you, and if you do so we will provide it free of charge in a format that should be easy to read. If you want to request a copy, please send you request either in writing to Cubetek Limited, 3.4d Exchange Court, 1 Dale Street, Liverpool, L2 2PP, or email DPO@cubetek.co.uk and we will respond with your data within a month, provided that it is not a complex request. We will always endeavour to explain any delays in providing you with a copy of your data. We will require a copy of identification documents if you are not known specifically to us. If you require any corrections to the data wed hold on you (right to rectification – Article 16), please provide it at your earliest convenience and we will make the necessary changes and advise you when done.