This privacy policy sets out how X-Net (Services) Ltd uses and processes personal data, not just with regards to the website but in its business operations.
We have attempted to make this as clear and as transparent as possible, in line with the General Data Protection Regulation (GDPR), but please feel free to contact us if you require further information via the following routes to our nominated representative Gordon Fong.
Email: Gordon Fong
Post:
Gordon Fong
X-Net (Services) Ltd
Hello House
135 Somerford Road
Christchurch
BH23 3PY
X-Net (Services) Ltd is a Data Controller in this instance, where we have obligations under GDPR and you have rights under it.
The Information Commissioners Office is the UK body in charge of oversight of GDPR. They can be contacted through their website of https://ico.org.uk should you feel we are not able to meet your requests or to make a complaint.
Who we are and what we do
X-Net (Services) Ltd is a business that also operates under several trading brand names, which includes e-mango, Datacenta Hosting and X-Net.
We provide Internet services such as web site design, web hosting, mail hosting, server hosting, Internet access lines, our own CRM application for membership bodies, as well as specialist IT consultancy. Our customers are generally small to medium sized businesses, local councils, membership organisations and central government. We do have a small number of individual clients and sole traders.
We collect personal data so we can respond to enquiries for our services from potential clients, so we can service our customers who are buying our product and services, and so we can conduct our business activity of gaining new business within the sectors we work in.
We also collect personal data from suppliers and other organisations that we work with, or may be looking to procure product and services through.
What data do we collect
In response to enquiries for our services, customer servicing, supplier engagement and public procurement processes, we will typically record, but not necessarily all of the following, your name, company/organisation, address, telephone number, company website address and email address.
We do not normally collect your personal telephone number or home address unless that is where you operate from for our services.
We do not normally collect “sensitive” data beyond contact details to fulfil a service.
For suppliers we may record banking details in order to make payments.
You may also provide us with data in order to fulfil a service or contract that has been ordered. This could be web content, databases, spreadsheets, documents and other files in order to set up or configure a service. Some of that data may be personal data that you are a Data Controller for.
We aim to delete these files within three months following the completion of a project. This means that you must retain copies of your own data should you wish us to reuse that data.
Visiting our website and use of cookies
When you visit our websites, our web server will record technical information such as the IP address of the network you are connecting from, along with your web browser details, operating system and platform, pages visited.
We have implemented Matomo Analytics, which makes use of “cookies”, in order to provide statistics on visitor numbers and interaction, so that we understand how our websites are being used and where we can make improvements.
Your visit is anonymous to us beyond your IP network address.
Legal basis for processing
Our legal basis for processing personal data is generally in order to fulfil a Contract or enter into negotiations or quotes as a prospect.
Our legitimate interests in collecting and retaining personal data include:
In order to build a network of potential suppliers, consultants and customers, that we have made contact with through referrals, exhibitions, personal meetings and so on, all within the confines of the sectors that we specialise in.
Where we have provided training to a group of people, who may be from separate organisations, we may need your data in order to send follow up materials and any relevant updates.
To communicate with stakeholders including the Media, Local and Central Government, business networking groups and Chambers.
Consent
Should we want or need to rely on consent to lawfully process your data, we will request your consent orally, by email or by an online process for the specific activity that we require consent for. This will be recorded on our systems.
X-Net (Services) Ltd does not normally send bulk marketing by e-mail or post.
Where we do have a regular newsletter in place, that is managed through the Mailchimp website, from which users have to positively opt-in to receiving further emails. Users can unsubscribe from future emails via a link at the end of their last email, or by requesting removal via the nominated contact at the start of this document.
Who do we share data with?
Whilst X-Net (Services) does not share data in bulk for any third party processing, such as for marketing, we may need to share details in order to fulfil a customer order than relies on a third party service such as an Internet line, telephone line, domain name registrar and so on.
How we protect your data?
X-Net (Services) Ltd has gained accredited certification against ISO 9001 (Quality Management), ISO 27001 (Information Security), and Cyber Essentials Plus, which are essential standards for the IT industry and demonstrate a high level of protection.
Services we provide to customers sit in our own secure datacentre, where physical as well as technical security measures are taken to protect our infrastructure, ranging from restricted access, network and virtual separation, to firewalls and encryption, and the list can go on.
As an IT and Internet hosting business, we take security very seriously.
Data retention
We aim to hold your data as accurate as possible throughout the length of our collaboration, but when our collaboration ends we will keep your records for a maximum period of 5 years, and providing there is no legal requirement to keep your data for longer you have the right to be deleted.
Your rights
With regards to current and future marketing communications, there will be an unsubscribe option for you to remove yourself from further mailings.
Where we are contacting you with reference to a previous enquiry for our services, we do not consider this marketing but you can request not to be contacted again.
Under GDPR you have the following rights.
- Request correction of your personal information that we hold.
- Request to be deleted where there is no good reason for us to continue holding it.
- Object to processing where we are relying on legitimate interest.
- Request the transfer of your personal information in a suitable form where practicable.
- Make a complaint to the Information Commissioner’s Office. The ICO can be contacted through their website – https://ico.org.uk
This notice
Any concerns with this Privacy Notice please get in touch with the Nominated Representative at the start of this notice.
Any changes to this notice will be posted on this website.
Please check frequently to see any updates.
(Last updated: 19 April 2024)