Privacy Notice

Introduction

This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we’ll store and handle that data, and keep it safe.

We know that there’s a lot of information here but we want you to be fully informed about your rights, and how Neetrix uses your data.

We hope the following sections will answer any questions you have but if not, please do get in touch with us.

It’s likely that we’ll need to update this Privacy Notice from time to time. We’ll notify you of any significant changes, but you’re welcome to come back and check it whenever you wish.

1. Who are Neetrix?

Neetrix are a software company who have designed and support an online business management suite for SME’s.

Neetrix are based at Bristol & Bath Science Park, Dirac Crescent, Emersons Green, Bristol, BS16 7FR

2. Explaining the legal basis we rely on

The law on data protection sets out six ways which a company may collect and process your personal data, having analysed our customer database and business model we have assess that Legitimate Interest is the primary basis. The legal basis we process your personal data is Legitimate Interest.

3. When do we collect your personal data?

We collect personal data through our contact form, from incoming telephone calls, personal referrals and through partners.

4. What sort of personal data do we collect?

The personal data we collect is limited to the level we need to deliver our services and is made up of the following:

  • Names
  • Email addresses
  • Phone numbers
  • Job titles and roles
  • Company names
  • Company addresses
  • Enquiry type

5. How and why do we use your personal data?

Your personal data is used to ensure the services we deliver are suitable and appropriate and any data collected is only used to administer and deliver those services.

  • The services we deliver are the assessment of your business needs, quotations for the purchase, configuration and support of the software
  • To respond to your queries and complaints.
  • To send you communications required by law or which are necessary to inform you about our changes to the services we provide you. For example, updates to this Privacy Notice.
  • To comply with our contractual or legal obligations to share data with law enforcement.

Of course, you are free to opt out at any time.

6. How we protect your personal data

Our primary use and storage of data is on our own software which is highly encrypted and secure using only UK Data Centres. All transfers of information are encrypted between our servers and the device. As additional security, physical access to the servers require biometric security checks and only onsite engineers have access which is logged and sanctioned by Neetrix engineering staff only. We make frequent backups of the data and double encrypt before deploying to external data centres of which are also within the UK.

We use Microsoft products including Office 365 which have data encryption and the privacy notice can be seen using the following link https://privacy.microsoft.com/en-gb/privacystatement.

In addition, we have internal processes for any employees or associates which clearly states their terms of reference and how personal data will be used.

7. How long will we keep your personal data?

Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.

At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

8. Who do we share your personal data with?

Your personal data is only used to sell, configure and support the Neetrix business management software.

9. Where your personal data may be processed

Your data is stored and secured in UK Data Centres.

If at any future point that changes we will follow the appropriate processes to protect your data outside the EEA.

The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway.

We may transfer personal data that we collect from you to third-party data processors in countries that are outside the EEA such as Australia or the USA. This will only be done using the technology solutions highlighted in section 6.

If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed inside the EEA. For example, our contracts with third parties stipulate the standards they must follow at all times. Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.

10. What are your rights over your personal data?

The GDPR provides the following rights for individuals:

  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erasure
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. Rights in relation to automated decision making and profiling

Where any subject access request is made there is a requirement to prove identity before any information is divulged. This may involve physical presence with accompanying ID.

Where a request to "Be forgotten" is made that can only be complied with if there are no other legal frameworks that overrule GDPR. Examples would be HMRC, FCA, etc.

11. Processing your client's data

If you are using Neetrix to store information about your clients, then we are your data processor under GDPR. Access to your data is restricted by the users you allow access to as well as our support and engineering staff that need access in order to provide the relevant services to you.

None of your client data is exported from the system by Neetrix engineers unless necessary for testing and our policies are in place to ensure that this data is immediately removed after any tests are completed. Your client data is never shared or given access to anyone else within or outside of Neetrix without your express permission to do so.

To assist with your breach policies as well as ours, we have added an audit log for anyone that exports data from Neetrix such as exporting information to Excel or CSV files. This will include which staff account requested the data, what type of data was exported, the date the export was downloaded and which IP address if available.

All transfers of your business data is encrypted between our servers and the devices you use to access our software. We can not be responsible for the security of your devices.

Data you remove in Neetrix is marked so immediately meaning that no staff can access it. In most cases it can be restored by Neetrix engineers in the event of user error, but it is physically removed from the database after 30-60 days. It will continue to remain on off-site backups. The removed data will not be restored if it was removed over 24 hours before any disaster recovery was necessary.

12. Regulation changes and remedial actions

The GDPR is going live on 25th May 2108 and the UK Data Privacy Bill does not have a final date as yet. Therefore, this Notice is based on the regulations as they exist with a review process set up to make any adjustments required to become and stay compliant.

In the event of any changes or processes which need remedial action the review procedure will capture those issues and remedy them.

13. Contacting the Regulator

If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

You can contact them by calling 0303 123 1113. Or go online to www.ico.org.uk/concerns (please note we can't be responsible for the content of external websites)

14. Contacting us about your private information

If you want to request information about our privacy policy you can email us or write to:

Privacy & Information Department
Neetrix Ltd,
Bristol & Bath Science Park
Dirac Crescent
Emersons Green
Bristol,
BS16 7FR

Neetrix is a fully integrated business software solution that provides everything a business needs from creating and managing websites, selling products and services online and offline, managing the company’s book keeping and accounts, taking control of the back office and managing customers and suppliers. Neetrix is completely online and securely available from any computer with an internet connection. There are no back-ups, no servers and no complicated IT support required. Everything is available from one location for a small monthly fee.
Copyright ©2008-, Neetrix Ltd, All rights reserved - Registered in England and Wales, Company No. 06496242 - VAT Number GB 935 0377 24 - Contact Sales On 03333 44 98 94
Neetrix and the Neetrix logo are trademarks of Neetrix Ltd
This website is powered by Neetrix SiteFront - Privacy Policy - Terms & Conditions