We are committed to safeguarding the privacy of our website visitors; this policy sets out how we will treat your personal information and has been updated in accordance with GDPR 2016.
The Data Controller
Information on cookies
Our lawful basis for data processing
What data we collect
How we store the data
How we use the data
How long we keep data
Whether we share your data and with whom
Ask us to stop sending you information
Compliance and Updates
Links to other websites
1. The Data Controller
The Data Controller is Fi-nest Ltd, Efford Park, Milford Road, Lymington, Hampshire SO41 0JD
2. Information about cookies on this website
Like most websites, ours uses certain general session cookies to enable a smooth visitor experience when browsing, for example to enable smooth uninterrupted navigation from page to page. These cookies, which are always “on”, are strictly necessary for the proper functioning of the website, expiring after the visitor closes the web browser. This type of cookie does not collect or store a visitor’s personal information, hence the data is anonymous.
This website does not use any tracking or analytical cookies, so your personal data is not collected when simply visiting, or browsing around, this site.
3. Our lawful basis for the processing of personal data
Fi-nest have assessed that the below lawful bases, in the context of the GDPR 2016, apply to the following types of processing of personal data which may be performed:
(a) Responding to questions/requests for information: Legitimate Interest
Where you have provided us with your contact details, in the course of any enquiry, or to request information on a particular matter or service, where we need to retain your details in order to respond to you.
(b) E-marketing/Newsletters: Consent
If we provide you with any marketing material, newsletters or other similar regular information via e-mail, we will have requested your prior consent to do so, in line with E-Privacy laws in force, and will have advised you of your right to withdraw your consent, at any time, to us contacting you in this way.
(c) Providing a service, or discussing a contract: Performance of a Contract (or steps taken prior to entering into a contract)
Where we collect or process personal data in relation to any services we are providing to you, or any you wish to discuss, or in our negotiations in relation to a contract, with you.
(d) B2B Marketing: Legitimate Interest
Where we process data for any direct marketing to businesses (those not covered by Privacy & Electronic Communications Regulations, in force), we will rely on Legitimate Interests as our legal basis, in the context of GDPR 2016, for the processing of data.
(e) Prevention of fraud: Legitimate Interests
Where the processing of personal data is performed in the interests of fraud prevention, to protect our business and clients against any threats or damage.
(f) Complying with any common law or statutory obligation: Legal Obligation
Where the processing of data is necessary for compliance with any law or regulatory requirement, we will do so, without requiring consent from the data subjects.
4. What data we collect
If you have contacted us, whether through our website, by e-mail or phone, or in writing, and supplied us with your name and contact details, we will store these details for the purposes of our communications with you.
5. How we store the data
Any personal data, such as your name and contact details, which you have supplied to us electronically will be stored as encrypted data on our in-house secure server, with appropriate SonicWall firewall systems in place to protect our network against any threats or unauthorised access. Any information which was not provided electronically, such as phone numbers or an address (if you have written to us) will be recorded electronically and subsequently also stored as encrypted data on our secure server. Hard copies (paper copies) containing any personal data you have provided may also be stored securely in our premises or destroyed, if no longer required for the purposes of our communications with you.
6. How we use the data
For further information on your rights in respect of how we process your data, please see the section entitled Your Rights, below.
7. How long we keep data
Personal data, such as your name and contact details, if you have supplied them to us will be stored for as long as we need it for the purposes of our communications with you, or to keep you informed of any news or regular updates that you have requested.
You can contact us at any time to request that we stop sending you information or updates, or to erase your personal data, and we will delete your contact details and any other personal data we have stored, except in the case that we have a valid reason to retain the information. For further information on this and your other rights as a data subject, please see the section entitled Your Rights, below.
8. Whether we share your data and with whom
Fi-nest do not sell personal data to anyone, nor do we share your data with any third parties. All data remains stored securely and encrypted on our internal server and personal data such as names and contact details are used solely for the purposes of our communications with you. Fi-nest backs up all of our data, which is encrypted in transit, to a secure GDPR compliant Cloud based, server, located in Ireland, for the purposes of data storage and recovery.
9. Your rights
If you have provided us with your contact details or any other personal information, as a data subject, you have several rights in respect of how we treat (process) your personal data, not least the right to ensure that your details are accurate, up-to-date and complete. Please note though, that in most cases, these rights are not absolute, in that some will apply only in certain circumstances and only where any statutory or regulatory obligations do not override your request. For example: If you ask us to erase your data, but for some reason that data is required in order to comply with any regulatory obligation, or for the purposes of defending any legal claim, we would lawfully be permitted to retain the data.
Please contact us on firstname.lastname@example.org , with an explanation as to your reasons, if you would like to request any of the following with regards to your personal data and you should expect to receive a response within 30 days, though it would usually be sooner.
• Update or amend your personal data
• Access your personal data
• Restrict the way we process your data (store but not otherwise use your data)
• Object to us processing your data
• Erase your data
If, for any reason, we can’t oblige your request, or if we have insufficient information to be able to deal with your request, or if we need longer to respond to a complex request, we will let you know as soon as possible and explain the reasons as to why this is the case.
10. Ask us to stop sending you information
If you have subscribed to any regular information service we offer, for example if you have signed up to receive any form of newsletter or updates from us and would no longer like to receive this information, you will have the chance to opt-out at any time, details of which are provided in the information you are sent. Alternatively, you can contact us at any time on email@example.com if you no longer wish to hear from us and we will stop sending you information.
Fi-nest is committed to ensuring that our systems, policies and procedures related to data protection and privacy remain compliant with all current applicable regulations, including the General Data Protection Regulations 2016 (GDPR) and any amendments to the Privacy and Electronic Communications Regulations (PERC) 2003, and will review and update our systems and the information on this site, in order to keep up to date with any amendments or changes to the relevant regulations in force or to the way in which we process personal data.
12. Links to other websites
If you feel that we have infringed your data privacy rights or freedoms in any way, then please, in the first instance contact us on firstname.lastname@example.org and explain the situation. You should expect to receive a response from us usually within 15 working days, and in any case, not longer than within 30 working days from our receipt of your complaint.
Subsequently, if you feel that your complaint has not been dealt with to your satisfaction, then you may also contact the Information Commissioner’s Office (ICO) to raise your concern with them. If this is the case, the ICO advise that you contact them within three months of your last contact with the company concerned regarding any complaint. Please see the ICO website for further information in the link, here..
Updated on 24/05/2018