Privacy Policy

In compliance with the European Union General Data Protection Regulations (GDPR) we wish to inform you of the following information regarding collection, processing and retention of your personal/business data. This agreement may be updated frequently as we work to provide the most accurate information possible to our clients, please check back regularly to ensure you understand your rights.

Granite Consulting may, during the course of business, be required to collect personal information about you.

Data Collection

Data collection and processing for the purposes of Accounting, including but not limited to names, addresses, contact information, payment information is required to fulfil the legal obligations of the Company and its directors. Data collected for this purpose will be held for as long as is legally required and them securely destroyed. This data is excluded from your rights to erasure of personal data. This data will be stored for as long as is legally required and removed during an annual audit after this period has expired.

Granite Consulting may collect data during the course of business, this may include but is not limited to such information as names, addresses, email addresses, telephone numbers, usernames, passwords and other such information. This information is required by Granite Consulting to provide continuous service to our customers including marketing of potentially beneficial products or services and is classified as ‘legitimate interests’ under GDPR as Granite Consulting require the collection, storage and processing of this data to provide our services and ongoing recommendations to our customers. This data may also be shared with third parties in order to provide services to you or your organisation.

Granite Consulting may collect data during the course of business, this data is often provided by clients for monitoring, diagnostic or consultancy purposes and may include all and any personal data provided to the client by service users. This information is required for Granite Consulting to provide contractually obligated services to clients and will be retained until such time as this is no longer required. This information may be considered as held for ‘legitimate interests’ under GDPR until such time as the client requests removal of such data. If you have concerns that Granite Consulting may hold personal data shared from clients that no longer have legitimate interest in holding your data, please in the first instance contact the client directly whom you provided the information to and request they contact us, if this course fails, please contact the data controller with the information below.

Granite Consulting may collect data in regards to support provided, this may include but is not limited to, support session data, chat logs, connection information, customer satisfaction surveys, computer and user information, IP addresses, call recordings, login information, files and folders from your computer. By accepting this agreement you are authorising this collection and processing of data by Granite Consulting for the purposes of providing support and on-going services to yourself and your organisation. This information may at any time be shared with your organisation or the organisations listed below in the interests of that organisation. ‘Your organisation’ is defined as the organisation who contract Granite Consulting to provide IT Support Services on your behalf, this may be your employer or an external agency providing services that require support under.

Granite Consulting may collect data in regards to your usage of the website, including pages visits, times, dates, IP addresses and actions performed while visiting the site. This information is collected for legitimate business interests in determining the user experience while browsing our site and providing insight into how we may improve visitor experience. We hold this data for up to 24 Months from a tracked users last access to our services and delete it after this time.

At this time, Granite Consulting does not collect any other personal data from you or use data collected for any other purposes if this policy changes in future, we will update this page, please ensure you check back regularly to ensure you are aware of your rights.

Client Data Sharing

Granite Consulting may during the course of business be provided or gain access to personal data held by our customers regarding their own clients. Customers of Granite Consulting should ensure that their clients are informed that data may be shared with their IT Support Providers for business operations, including but not limited to support and assistance with problems relating the files containing data, the software used to access the data or providing backup services for the data. Data may be held by Granite Consulting as required to provide assistance to the client. All requests for data management with regards to customer data should in the first instance be directed to the customer directly, if this fails the client can contact the Granite Consulting Data Controller.

 

During the course of business clients will be required to provide personal information regarding staff members to Granite Consulting Ltd in order to setup accounts and provide support. Please ensure your staff are aware that you are sharing this information and that in turn, Granite Consulting may share that information with service providers in order to provide you with the services required.

 

Sharing of Data

Granite Consulting may require, for the accurate and timely fulfilment of Legal Obligations, HR and Accountancy processes and to provide you with a range of products and services, to share your data with third parties. These Companies may include:

  • Accountancy and Payroll Management
  • HR Management
  • Service Providers
  • Hardware / Software Suppliers
  • Support Partners
  • Solicitors

Changes will be updated here as required.

 

Your Rights

The GDPR includes the following rights for individuals:

  • the right to be informed
  • the right of access
  • the right to rectification
  • the right to erasure
  • the right to restrict processing
  • the right to data portability
  • the right to object
  • the right not to be subject to automated decision making including profiling

You have a right under the GDPR to ensure that your data is up to date and accurate. If you have any concerns over the accuracy of data held on you, please write to the Data Protection Officer below.

 

You have a right under the GDPR to access, review and receive a copy of any data held on you by Granite Consulting. If you would like to exercise this right, please write to the Data Protection Officer below.

 

How to contact the Data Protection Officer

Please use the contact information below to write to the Data Protection Officer. In order for us to fully comply with your rights under the act, all requests being made should clearly mention “General Data Protection Regulations” and include your full name, address and relevant contact information for a response. Requests submitted by any other means than written letter may not be processed.

Data Protection Officer:

 

Name:   Mr Carlton Brailey

Position: Company Director

Address: Granite Consulting Ltd, The Business Design Centre, 52 Upper Street, Islington N1 0QH

 

Escalation

If you are unhappy with any decision made by the Data Protection Officer and wish to escalate your case. You will need to contact the Information Commissioners Office via https://ico.org.uk/concerns/ for further information on your rights.

 

Data Breaches

In the unlikely event of a Data Breach, Granite Consulting contact you via the last known details we hold on file for you. It is your responsibility to ensure that such information is up to date both during and after your employment. You will be informed as far as is technically possible of the data that has been potentially compromised and where you can seek further advise about your rights.