Privacy Statement

Who We Are

Computer Security Technology Ltd. (abbreviated CSTL) collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation (which applies across the European Union and in the United Kingdom) and the Data Protection Act 2018. We are responsible as ‘controller’ of that personal information for the purposes of those laws.

Collection Of Data

When you place an order with us for any of our goods or services, we will need certain information to process your order. This may be information such as your name, business email address, business postal address, site addresses, telephone or mobile numbers to help us identify you and provide you with the services or products. We may ask for further information that relates to the service you are ordering. We do not collect any location-based information other than the examples listed or any special types of information.

If you complete a survey or enter any competitions we may ask for information about you which we will make clear at the time and the purpose for which we will be using that information.

When you visit our website we may collect and process information about your usage of these by using ‘cookies’ and other similar technologies (see cookies section below) to help us make improvements to the website and to the services we make available.

Where you have come to CSTL as a customer through acquisition, we will have collected information about you from the company and/or business from which we purchased the rights to your contract for services.

All the personal data we process is processed by us in the UK, on UK Data Servers, unless otherwise mutually agreed in writing.

Cookies

When you visit this website, we collect web statistics concerning your visit, which are stored in a log file. Log files allow us to record visitors’ use of the site. This information is used to make changes to the layout of the website and to the information on it. Log files do not contain any personal information and they are not used to identify any individual patterns of use of the site.

Our website uses cookies. Cookies are small text files that are placed on your computer by websites that you visit. Websites use cookies to help users navigate efficiently and perform certain functions. When we collect this information, it enables us to give you a better experience when using our website.

Cookies that are required for the website to operate properly are allowed to be set without your permission. All other cookies need to be approved before they can be set in the browser.  You can change your consent to cookie usage at any time below:

 

How Long We Keep Your Data

CSTL only ever retains personal information for as long as is necessary and we have strict review and retention policies in place to meet these obligations. We are required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 7 years.

Where you have consented to us using your details for direct marketing, we will keep such data until you notify us otherwise or withdraw your consent.

Call recordings where applicable may be retained for up to 6 years for evidential purposes.

Safeguarding Measures

At CSTL, we take your privacy seriously and we take every reasonable measure and precaution to protect and secure your personal data. We always work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including encryption and password protection.

Third Parties

Data may be passed to 3rd parties as follows:

1. To satisfy Contractual or Legal obligations: e.g. providing your data to software Vendors where you have purchased their products from us, and the Vendor requires your details to register or supply the software, licence or service to you. Where your Personal Data is passed to such a third party, those parties will be subject to diligence checks to ensure they meet GDPR considerations. We may resell a service or solution to you that requires the solution Vendor to have greater access to your Personal data than we would require ourselves (for example an email security service that provides that Vendor with increased or wider access to your Personal Data than we have). In this situation we would recommend that you review the Vendor’s own terms and privacy statement.
2. For our own Data Backup and Recovery purposes and business applications: where your Personal Data will be stored with relevant third-party providers. Such parties are subject to GDPR diligence considerations and data will be transferred in an encrypted medium and stored encrypted in these third-party locations/applications.
3. To agencies for communicating marketing information to business contacts where this is considered applicable for legitimate purposes, e.g. product updates, related information security and cyber security topics, complementary services, newsletters, conference invitations. Such agencies are subject to GDPR diligence considerations, and we completely respect the wishes of Business Contacts to opt out of such communications.
4. To our Holding Company: for Accountancy, Compliance, Sales reporting, Customer metrics and Marketing.

Your Rights

Under the General Data Protection Regulation and the Data Protection Act 2018, you have a number of important rights:-

1. To be informed in relation to the fair processing of information and transparency over how we use your personal information.
2. Access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address.
3. To require us to correct any mistakes in your information which we hold.
4. To require the erasure of personal information concerning you in certain situations.
5. To otherwise restrict our processing of your personal information in certain circumstances.
6. To receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations.
7. To object in certain situations to our continued processing of your personal information (or object at any time to processing of personal information concerning you for direct marketing).
8. To object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.

How To Complain

We always want to resolve any query or concern you raise about our use of your information.

If you believe that the information we hold about you is incorrect you may request to see this information and have it corrected or deleted.

If you wish to make a complaint regarding the use of your information, please contact our Data Protection Officer in the first instance:

Nigel Lewis, email info@cstl.com or in writing to Computer Security Technology Ltd, Dawson House, 5 Jewry Street, London EC3N 2EX.

If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, the General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113 or write to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

The privacy policy will be regularly reviewed and updated as necessary. The management team endorses this statement and is fully committed to its implementation.

This statement only covers websites maintained by CSTL and does not cover other websites linked from our site.