Tel: 016973 42773      Mobile: 07789897823
About Compucare

Privacy Policy


Glendinning Computers values the privacy and data of its clients as much as its own.

We take protection of both extremely seriously and hold ourselves to as high standards in this area as we do in everything else that we do.

Who are we?
Glendinning Computers is computer, tablet, CCTV and mobile phone repair, maintenance and networking business that functions under a partnership structure.  We operate from: 3 Union Street, Wigton, Cumbria, CA7 9NT.  We are registered with the Information Commissioner’s Office and our ICO reference is ZA396670.  The person responsible for data protection at Glendinning Computers is Stephen Glendinning.

What data do we collect and process?
We collect and process personal data when we are contacted by customers and potential customers who engage us to work for them or who enquire about our prices and services.  The information we collect consists of names and contact information which may be addresses, telephone numbers or email addresses, or a combination of all three.  We may also have access to personal information when we deal with customers’ data from their computers, mobile telephones and tablets, where customers may have stored such information for their own use on their devices. 

We use the names and contact information that we collect in the following ways:

1. To correspond with customers regarding enquiries and repairs carried out by us.
2. To keep a record of the repairs carried out for accounting purposes and as a basis for advising on future repairs/maintenance where it is important to know what work has previously been done on a device.
3. As an extra level of security when speaking to customers on the telephone so that we can identify that we are speaking to the people whose devices/data we are working on, or which we have worked on in the past, in order to maintain confidentiality.
4. So that we can carry out the data restoration, transfer, back-up, reinstallation and recovery required by our customers who have personal data stored within the data they wish us to work on.
5. So that we can fulfil our own tax and accounting obligations.
6. To contact customers to ask if they would provide a testimonial for our Facebook page or website.

Our lawful basis for processing personal data
In instances 1, 2 and 3 above our lawful basis for processing personal data is that we have customers’ consent since customers contact and give us this data freely on the understanding that we will use it to carry out the work they require us to do for them.
In instances 3, 4 and 6 our lawful basis for processing personal data is that it is being used for our legitimate interests.

Sensitive Data
We do not collect any sensitive data from customers. Sensitive data includes details of race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about health and genetic and biometric data. Neither do we collect any information relating to criminal convictions and offences.

Children’s Data
We will never knowingly process the personal data of anyone under 16 unless we have express permission to do so from the holder of parental authority over the child.

Cookies
We do not use cookies on our website.

Website Analytics
We use basic analytics where no personal data is processed.

Data Sharing
We do not share customers’ data with any third party for marketing purposes at all.  The only instances in which we would share your personal information are:

- If you asked us to and gave us written consent to do so;
- If we were legally obliged to do so.  For example, if there was illegal material or evidence of a crime on a device we were repairing.  Or if we had to defend ourselves in a legal dispute or court of law.

Data Storage and Protection
It is vitally important to us that we protect customers’ data to the best of our ability.  All data that we store on computers, tablets, mobile phones and cloud platforms is encrypted, and we have instituted the highest security settings we can on all devices and accounts, including complex passwords, touch-ID and two-step logins.  Any data that we store in the cloud is stored in Tresorit cloud storage, which uses end-to-end encryption of all data.  We use Tresorit because, unlike other cloud storage providers, even if the servers of Tresorit were hacked, no one could read any of the data stored there. Tresorit stores all its data on servers located in the Netherlands and Ireland, so we do not transfer any of your personal information outside the EU.  Tresorit’s privacy policy can be found here: https://tresorit.com/legal/privacy-policy

We also use an encrypted email provider called Tutanota.  Tutanota emails require a password to open them and you can respond to them safely as your reply email will also be encrypted if you use the reply button.  This means that all emails that we keep in Tutanota are encrypted and cannot be read by anyone else.  In addition to this, all Tutanota’s servers are all located within the EU.  If you choose to email us from your own email provider rather than by responding to one of our emails please understand that we cannot guarantee the safety of your data as it is transmitted over the internet, where it is beyond our control.  Tutanota’s privacy policy can be found here: https://tutanota.com/terms#privacy

Our accountancy data is stored within QuickBooks online which is owned by Intuit Inc.  Inuit stores a lot of its information on servers in the US, however, this is permitted under the General Data Protection Regulation as long as there is a data transfer mechanism in place approved by the European Commission.  Intuit is a member of the EU-US Privacy Shield regime, which fits that criteria so we feel confident that any data stored within Quickbooks is suitably protected.  More information can be found at https://quickbooks.intuit.com/uk/gdpr


Data Retention
Any data we hold via a device that is being repaired or set-up is destroyed once that procedure is complete, we do not keep it for longer than is necessary to carry out the work we do.

Customer data such as names, addresses and email addresses of customers themselves is retained for as long as they remain a customer or for as long as we are legally obliged to keep it with regard financial transactions in our accounting software.

Emails and texts that we receive from customers are kept for as long as we need them in order to keep a record of previous repairs and transactions so that we can carry out the work that we do.  Texts are kept on encrypted mobile telephones, emails are held within Tutanota and any other data is stored within Tresorit. 

Rights of Individuals Under GDPR
The General Data Protection Regulation allows individuals (data subjects) certain rights with regard to their personal data when it is held by businesses and organisations.  These include:

- The right of access – individuals have the right to make a SAR (Subject Access Request) in order to see what personal information relating to them is being held by us. 
- The right of rectification – individuals have the right to ensure that we hold correct information about them and to rectify any that is wrong or incomplete. 
- The right to erasure – in certain circumstances individuals can request that their personal data be erased completely by us. 
- Right to restrict processing – in certain circumstances individuals can request the suppression or restriction of their personal data held by us.
- The right to data portability – individuals have the right to receive any of their personal data held by us in a way in which they can easily transfer it to another data controller.
- The right to object – in certain circumstances individuals have the right to object to us processing their personal data.
- Rights in relation to automated decision making and processing (including profiling) – individuals have the right not to have their personal data used in a way in which it would mean they were subject to decisions based on automated processing and profiling.  However, we do not process data in this way at Glendinning Computers.
- If you wish to exercise any of these rights then please contact Stephen Glendinning at .(JavaScript must be enabled to view this email address) or on 016973 42773.  We will respond to any request as soon as possible and definitely within thirty days.  Further details on these rights can be found on the ICO website – ico.org.uk.

Social Media
You can click through to our social media pages on Facebook and Twitter from our website.  Please understand that once you click through to, or use, those pages you are subject to the platform’s own privacy policies and we do not have any control over those.  You can find their privacy policies here:

Facebook:     https://www.facebook.com/privacy/explanation
Twitter:          https://www.twitter.com/en/privacy

This data policy takes effect from 25 May 2018 and may be updated at any time so please refer back to it if you have any queries about our data protection policies.  Thank you.