Home > Privacy Notice
Craft ICT Ltd Privacy Notice
Craft ICT cares about your privacy, believes in transparency and understands that we have a responsibility to protect your personal information.
Craft ICT may be both data controller and data processor for your personal information.
How to contact us
Company: Craft ICT Ltd
Information we collect about you
*Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
We will record information if you place an order with us for any of our services. Information will also be recorded if you are a user of our cloud hosting platform. Only sufficient personal information will be stored to enable us to fulfil our business commitments and our contractual obligations. This would normally be name, address, telephone and email data. Use of our cloud hosting services will result in additional data including, but not limited to, user name, IP address, server logs, device-specific information and location information.
How we will use the information about you
We collect information about you to:
Where we store your personal information
The data that we collect from you will be stored on secure servers within the European Economic Area (EEA) The majority of such data is held within the UK and Ireland. To fulfil contractual obligations to customers operating outside of the EEA, certain information may be accessed and processed outside the EEA by their staff who work for them.
How long we keep your information
To make sure we meet our legal data protection and privacy obligations, we only hold on to your information for as long as we actually need it for the purposes we acquired it for in the first place.
In most cases, this means we will keep your information for as long as you continue to use our services, and for a reasonable period of time afterwards if you stop doing so. After that we will delete it other than where we lawfully can keep any data for audit or legal reasons.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Your legal rights
You have rights within the European General Data Protection Regulation under certain circumstances to:
Request access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us to continue to process it. For example:
You also have the right to ask us to delete or remove your personal data:
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data:
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
No fee is charged to exercise any of your rights unless your request is evidently unfounded, repetitive or excessive.
We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.