Risk & Assurance
SEP2 Security Services
Network, Firewall & Cloud Solutions
User, Data & Endpoint
Threat Management & GRC
- Info Hub
Updated: December 2021
SEP2 Limited have a need to collect and use personal data. SEP2 take respect to how this data is collected, processed, used, stored and transferred.
We may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to:
- First and last name
- Email address
- Phone number
- Address including Post Code
- Bank account information in order to pay for products and/or services
- Usage data
This policy applies where we are acting as a data controller in respect of your personal data, across all channels and methods in which data is obtained or is provided.
2. Collecting your personal data
Most of the personal information we process is provided to us directly for you for one of the following reasons:
- Signed up to our newsletter
- Requested information from or about us
- Registered or inquired about an event hosted or sponsored by us
- Applied for a job with us
- Purchased goods or services from us
We also receive personal information indirectly, from the following sources for the purpose of tracking and analysing usage of our website and the effectiveness of our communication channels:
- Google Analytics – please see https://policies.google.com/privacy
- Pipedrive Web Visitor Plugin – please see https://help.leadfeeder.com/en/articles/3561400-gdpr-privacy-and-security-summary
- Outfunnel Web Visitor Plugin – please see https://outfunnel.com/privacy/
3. Using your personal data
We use the information that you have given us in order to facilitate the needs of our business, depending on the reason we have your personal information.
Where you have signed up to our newsletter or requested information from or about us, we use this data for the purpose of providing you with information that you may be interested in.
Where you have registered or inquired about an event hosted or sponsored by us, we use the data to share with you the pertinent information about the event and to measure the success of our communication channels
Where you have applied for a job with us, we use this data to engage with you about the role to which you have applied to support you through the application process.
Where you have purchased goods of services from us, we use this data to deliver the goods or services to you and keep you informed about relevant information related to the goods, services or similar items of interest.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
(a) Your consent. You are able to remove your consent at any time. You can do this by contacting us as detailed at the end of this notice.
(b) We have a contractual obligation.
(c) We have a legal obligation.
(d) We have a vital interest.
(e) We have a legitimate interest.
4. Retention of your personal data
We will only keep your personal data for the time period that it is required, based upon the type of data and the reason we have it. We will not keep personal information for longer than necessary.
We will keep all data where:
- there is a need for compliance or a legal obligation to which we are subject
- to enforce our terms & conditions or contracts
- to resolve disputes
5. Transfer of your personal data
Your data may be transferred internationally, although it is our intent that where possible that will not occur. If your data is transferred internationally, we will legally protect your data by:
- Transfering to EEA countries
- Transferring with commonly adopted contractual adjustments such as US Privacy Shield or EU Model Clauses.
Due to the globalised way in which we work and operate, your personal information may transit to other countries, including those outside of the EEA. Because of this, all personal information is encrypted whilst in transit and encrypted whilst at rest to ensure its privacy.
6. Disclosing your personal data to others
We do not and will not sell your personal data to any third parties.
We may disclose personal data to a limited set of companies as an integral basis for our ability to operate our business such as our insurance and other professional advisors as needed for the purpose of obtaining or maintaining insurance or obtaining professional advice.
7. Your rights
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us if you wish to make a request.
8. Amendments or changes to this policy
From time to time, we may make changes to this notice. This notice is always available on the same page – https://www.sep2.co.uk/privacy-notice. The publish date at the top of the notice will be updated if and when changes are made.
9. Contact us
Should you need to contact us in relation to any data privacy issues, concerns or queries, please contact email@example.com or write to:
Data Protection Officer
51a St Pauls Street