JC Cyber Security Services Privacy Policy   

This privacy notice explains how JC Cyber Security Services (“ we “, “ our “ or “ the company “), a trading name of Atlas Technology Group Ltd a company registered in England under Company Number

12070697

JC Cyber Security Services, a trading name of Atlas Technology Group Ltd, is designated as a Data Controller as defined by the General Data Protection Regulation and the Data Protection Act 2018. We make decisions about what data is collected and how it is used and with whom it is shared with. We can be contacted at dataprotection@jc-cybersecurity.co.uk or by telephone on 0333 305 0605

.

We collect two types of data and information from Users.

The first type of information is un-identified and non-identifiable information pertaining to a User(s), which may be made available or gathered via your use of the Site (“ Non-personal Information ”). We are not aware of the identity of a User from which the Non-personal Information was collected. Non-personal Information which is being collected may include your aggregated usage information and technical information transmitted by your device, including certain software and hardware information (e.g. the type of browser and operating system your device uses, language preference, access time, etc.) in order to enhance the functionality of our Site. We may also collect information on your activity on the Site (e.g. pages viewed, online browsing, clicks, actions, etc.).

The second type of information Personal Information which is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual. Such information includes:

•        Device Information: We collect Personal Information from your device. Such information includes geolocation data, IP address, unique identifiers (e.g. MAC address and UUID) and other information which relates to your activity through the Site.

•        Registration information: When you fill any forms out on our Site you will be asked to provide us certain details such as: full name; e-mail or physical address, contact number and company name.

We also collect your name, company name, telephone number, email address, company address, and any other information required for us to provide any of our services to you. This information will be gathered within our scoping questionnaire to allow us to accurately quote for and efficiently deliver a project.

We process personal data (meaning, any information which may potentially allow your identification with reasonable means) for the purpose of, and performance of, our contractual obligations towards you and providing our services to you, for advertising and marketing purposes, to protect our legitimate interests and for compliance with legal and financial regulatory obligations to which we are subject. Data Protection law defines the basis by which we can lawfully collect and process personal data for that purpose.

You’re a client of ours

We will collect and process your data if you are a client of ours and we provide a service to you. This is to enable us to provide that service to you and also to communicate with you by: sending you notices regarding our services, providing you with technical information and responding to any customer service issue you may have and to keep you informed of our latest updates and services.

Legitimate Interest

We will collect and process personal data where it is in the legitimate interest of JC Cyber Security Services to do so. Specifically, we use legitimate interest in relation to our clients and to identify prospective clients and if engaged, we continue to process personal data to manage our commercial relationship. This will include but not limited to the continued processing (retention) of records of our transactions and interactions. We will also conduct our B2B (Business to Business) marketing activities under a Legitimate Interest basis.

JC Cyber Security Services has conducted a Legitimate Interest Assessment and concludes that there is a justifiable necessity to process personal data under this purpose. In our assessment, JC Cyber Security Services' interests do not override that of the data subjects. The data collected will not be used for any unlawful or unethical purpose.

Consent

We also conduct business to consumer (B2C) direct marketing in accordance with the Privacy and Electronic Communications Regulations (PECR) 2003. For us to comply with the PECR and the General Data Protection Regulation, we collect the consent of data subjects (sole traders, individual subscribers, and other partnerships). In providing us with consent to receive direct electronic marketing, you will have the ability to object and opt out of further marketing at any time.

We will also process your data if we feel it is required to protect your vital interests, or the vital interests of another person. This might occur in serious life or death situations where immediate disclosure of personal data is required, and you are unable to give that information yourself.

We process the following data from our clients and prospective clients:

• Contact full name

• Business address

• Telephone number

• Email address

• Any other data we require in order to deliver our services to you

Performance Monitoring

We will collect non-identifiable data to conduct analytics and statistics to aid the improvement of the Site.

Marketing

We may use your Personal Information, such as your name, email address, telephone number, etc. ourselves or by using our third party subcontractors for the purpose of providing you with promotional materials, concerning our services, which we believe may interest you. 

Out of respect to your right to privacy we provide you within such marketing materials with means to decline receiving further marketing offers from us. If you unsubscribe we will remove your email address or telephone number from our marketing distribution lists.

Please note that even if you have unsubscribed from receiving marketing emails from us, we may send you other types of important e-mail communications without offering you the opportunity to opt out of receiving them. These may include customer service announcements or administrative notices.

In addition to the different uses of your data listed in this policy, we may transfer or disclose your data to our associates and suppliers for the purposes of delivering a service to you. Rest assured, we have ensured that our associates and suppliers are processing and storing data securely and compliant with relevant laws. We also have Non-Disclosure Agreements in place with our associates and suppliers.

We do not sell any of your personal data to any third party. JC Cyber Security Services does share personal data with service providers such as trusted associates who support the delivery of our services. We use 3rd party CRM, project management and information sharing platforms such as Microsoft Teams, Zoho and Slack. Whilst we store your data in UK accredited data centres, these 3rd parties transfer your data to accredited data centres in the USA or Europe. This movement of personal data from the UK to the USA and/or Europe in these circumstances is legitimised using Standard Contractual Clauses.

By using this site, non-identifiable information will be collected by our web hosting company and web developers. This will be nothing more than your IP address, device and browser information.

Also, we may share your personal information with marketing, printing and mailing companies, as well as email service providers and other delivery companies.

Any financial transactions conducted through ‘point of sale’ are handled by our card payment service provider, Xero, GoCardless and Stripe. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments, and dealing with complaints and queries relating to such payments and refunds.

We may disclose your personal data with law enforcement and fraud prevention agencies, so we can help tackle fraud or where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in connection with the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

We may also disclose information if we have good faith to believe that disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies (including our Agreement), including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property or safety of us, our users, yourself or any third party; or (vi) for the purpose of collaborating with law enforcement agencies and/or in case we find it necessary in order to enforce intellectual property or other legal rights.

We embed links to Facebook, Twitter, LinkedIn and Instagram into our website. If you use these links, you will receive targeted advertising when visiting this platform.

The data we collect from our data subjects is obtained directly from the data subject themselves or is obtained from sources such as social media platforms. Please see the “Cookies” section in this Policy for information on the data collected by our website.

Please note that some data recipients may be located outside the EEA. In such cases we will transfer your data only to such countries as approved by the European Commission as providing adequate level of data protection, or enter into legal agreements ensuring an adequate level of data protection.

In addition to the purposes listed in this Privacy Policy, we may share Personal Information with our trusted third party providers, who may be located in different jurisdictions across the world, for any of the following purposes: hosting and operating our Site; providing you with our services, including providing a personalized display of our Site; storing and processing such information on our behalf; serving you with advertisements and assist us in evaluating the success of our advertising campaigns and help us retarget any of our users; providing you with marketing offers and promotional materials related to our Site and services; and performing research, technical diagnostics or analytics.

Advertisements

We use a third-party advertising technology to serve advertisements when you access the Site. This technology uses your information with regards to your use of the Services to serve advertisements to you (e.g., by placing third-party cookies on your web browser). 

You may opt-out of many third-party ad networks, including those operated by members of the Network Advertising Initiative ("NAI") and the Digital Advertising Alliance ("DAA"). For more information about this practice by NAI and DAA members, and your choices regarding having this information used by these companies, including how to opt-out of third-party ad networks operated by NAI and DAA members, please visit their respective websites: http://optout.networkadvertising.org/#!/ and http://optout.aboutads.info/#!/.

The data we collect directly from you is the minimum we require to facilitate the lawful processing described above. Personal data is held only for as long as is required for the purpose we collected it or for our legitimate purposes. We will retain your data for periods we are obliged to do so for legal requirements. Financial data and client data will be held for typically 7 years following end of any commercial agreement.

Under applicable regulations, we will keep records containing client personal data, account opening documents, communications and anything else as required by applicable laws and regulations. 

We may rectify, replenish or remove incomplete or inaccurate information, at any time and at our own discretion.

We store data within our own physical network and on cloud software services. We take care to ensure that data held locally is backed up to avoid accidental loss. Security of data is also provided by the accreditations of our cloud host this includes data backup regimes. Our computer terminals have industry standard firewalls, antivirus and anti-malware installed and updated. We have a process in place to mitigate the impact of any data breach that should occur.



We take great care in implementing and maintaining the security of the Site and your information. We employ industry standard procedures and policies to ensure the safety of the information we collect and retain, and prevent unauthorized use of any such information, and we require any third party to comply with similar security requirements, in accordance with this Privacy Policy. Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our Site, and we make no warranty, express, implied or otherwise, that we will prevent such access.

The regulations provide a number of rights to you as the Data Subject. JC Cyber Security Services is committed to upholding those rights and those applicable to the personal information we collect, and process are listed below. In addition to these rights, you have the right to escalate any concern to the Supervisory Authority, which in the UK is the Information Commissioners Office https://ico.org.uk. A full and detailed explanation of all rights can be found at https://ico.org.uk/for-the-public/

•        The Right to be Informed – you should be clear about what, why and in what way your personal information will be processed at the time it is processed. This privacy policy sets out that information

•        Right of Access – you have the right to know what personal information is held, by whom and why.

•        The Right to Rectification – If the information we have collected and processed is inaccurate or incomplete, you have the right to have it rectified.

•        Right to Erasure – You have the right to have your personal data erased and to prevent processing in some specific situations.

•        Right to Restrict Processing – If you contest the accuracy of the personal data we hold, we will restrict the processing of your data until accuracy is verified.

•        Right to Data Portability – You have the right to move, duplicate or transfer your data easily from one IT environment to another in a safe and secure way.

•        Right to Object – You have the right to object to profiling and direct marketing

•        You also have rights in relation to automated decision making.

You have the right to lodge a complaint with the UK’s supervisory body, The Information Commissioners Office www.ico.org.uk

We and our trusted partners use cookies and other technologies in our related services, including when you visit our Site or access our services. 

A "cookie" is a small piece of information that a website assign to your device while you are viewing a website. Cookies are very helpful and can be used for various different purposes. These purposes include allowing you to navigate between pages efficiently, enable automatic activation of certain features, remembering your preferences and making the interaction between you and our Services quicker and easier. Cookies are also used to help ensure that the advertisements you see are relevant to you and your interests and to compile statistical data on your use of our Services. 

The Site uses the following types of cookies:

a. 'session cookies' which are stored only temporarily during a browsing session in order to allow normal use of the system and are deleted from your device when the browser is closed; 

b. 'persistent cookies' which are read only by the Site, saved on your computer for a fixed period and are not deleted when the browser is closed. Such cookies are used where we need to know who you are for repeat visits, for example to allow us to store your preferences for the next sign-in; 

c. 'third party cookies' which are set by other online services who run content on the page you are viewing, for example by third party analytics companies who monitor and analyze our web access.

Cookies do not contain any information that personally identifies you, but Personal Information that we store about you may be linked, by us, to the information stored in and obtained from cookies. You may remove the cookies by following the instructions of your device preferences; however, if you choose to disable cookies, some features of our Site may not operate properly and your online experience may be limited.

We also use a tool called “Google Analytics” to collect information about your use of the Site. Google Analytics collects information such as how often users access the Site, what pages they visit when they do so, etc. We use the information we get from Google Analytics only to improve our Site and services. Google Analytics collects the IP address assigned to you on the date you visit sites, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Google’s ability to use and share information collected by Google Analytics about your visits to this Site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy .

Our website may contain links to other websites. This privacy policy only applies to JC Cyber Security Services, so if you follow a link to another website, you should read that organisations own privacy policy.

Our policy only addresses the use and disclosure of information we collect from you. To the extent you disclose your information to other parties or sites throughout the internet, different rules may apply to their use or disclosure of the information you disclose to them. Accordingly, we encourage you to read the terms and conditions and privacy policy of each third party that you choose to disclose information to. 

This Privacy Policy does not apply to the practices of companies that we do not own or control, or to individuals whom we do not employ or manage, including any of the third parties which we may disclose information as set forth in this Privacy Policy. 

If you have any questions about the Site and/or the information we collect about you and how we use it, you can:

Write to us at this address:

FAO – Data Protection Officer

Atlas Technology Group Ltd t/a

JC Cyber Security Services

Grosvenor House

11 St. Pauls Square

Birmingham

B3 1RB

Email Us:

               dataprotection@jc-cybersecurity.co.uk

Or, Call Us:

               0333 305 0605