Bluecube Privacy & Data Retention Policy

TERMS & CONDITIONS

LEGAL WEBSITE DISCLAIMER

This website provides general information about Bluecube Technology Solutions Ltd ("Bluecube" or "us") and the services we offer.

The information contained on this website has been prepared solely to provide information about Bluecube Technology Solutions Ltd and its services. While Bluecube takes reasonable care to provide information which is accurate and up to date on the site, it does not undertake to update or correct such information and reserves the right to change, delete or move any information without prior notice.

Bluecube Technology Solutions Ltd makes no representation or warranty, either express or implied, as to the accuracy or completeness of any information included on this site. Bluecube Technology Solutions Ltd does not accept any liability for any loss, howsoever caused, from the use of, or reliance upon, this site or information contained therein.

Should selected products and/or services be offered for sale in designated locations on the site then additional Trading Terms & Conditions will apply to these transactions. The Bluecube Technology Solutions Ltd name and logo are trademarks of Bluecube Technology Solutions Ltd. The copyright and other intellectual property rights in the material contained in this site belong to Bluecube Technology Solutions Ltd.

Accessing this site indicates you have read and accepted the above statement.

PRIVACY POLICY

Last Updated: 25th May 2018

This Privacy Policy applies to information that Bluecube Technology Solutions Ltd, and any parents, subsidiaries and affiliate entities worldwide (individually and collectively referred to herein as the “Bluecube”, "we," "us" or “our”) collects about you on or via bluecube.uk.com (or any subdomain), or one of our other websites, applications or other services from which you are accessing this Privacy Policy (each referred to herein as a “Site,” and collectively, the “Sites”). This Privacy Policy describes how we collect such information, how we use it and to whom and under what circumstances we may disclose it.

 

GENERAL

At Bluecube Technology Solutions Ltd. (Bluecube), we are committed to protecting your privacy. This privacy policy explains what information we collect about users of our website and services and describes how we will use it.

 

GDPR

Bluecube’s core service offerings include IT support services and computing platforms for companies to facilitate their IT needs whilst they remain the administrator and controller of their own IT environment and data.

We take personal data security seriously and take care to ensure that the infrastructure and platforms we provide, and the employees supporting you, follow best practices of data security, which are certified to ISO 27001 standards.

Bluecube is a Data Processor in this arrangement and will report any personal data breaches directly to its clients without undue delay and within a target of 24 hours from discovery. We will work with our clients to resolve any underlying technological issues.

Our clients, as Data Controllers in this arrangement, retain full control of their data, and associated policies.

 

WHAT INFORMATION DO WE COLLECT?

Website enquiries

Registration: If you contact us from our website, we will collect your name, email, company name and address, and other details relevant to your enquiry.

Your use of the site: we will record which services you are interested in and monitor traffic patterns and site use.

By filling out an enquiry, you are consenting to allow us to contact you directly about your enquiry.

Please tell us immediately if you wish for your data to be removed or if any of your personal details (name, address etc.) change, so that we can ensure our records are up to date.  This data will be kept for a maximum of 90 days, following resolution to your enquiry.

Lighthouse registered users

Registration: On registration within Lighthouse you will be prompted to enter your name, email address, company name, address, and other details relevant to facilitate the support of our clients’ IT support queries.

As a registered user of Lighthouse, you can choose to access, modify or remove your account or the data held at any time.

 

WHAT WE DO WITH THE INFORMATION WE COLLECT?

Website enquiries

We will use the information to:

  • Identify users of our services
  • Profess any orders or requests
  • Enable us to provide you with a better service
  • Allow us to contact you with information relating to Bluecube

We may monitor your use of our website in order to identify customer preference and track the volume of traffic on particular pages.

Lighthouse registered users

We will use the information to:

  • Contact the end user in relation to any support request or service query
  • Profess any orders or requests
  • Enable us to provide you with a better service
  • Allow us to gather feedback on our service (to include metric reporting)

 

MARKETING

We will not contact you in relation to any marketing activity. 

 

DISCLOSURE OF YOU INFORMATION

We will not sell, trade, or rent information about you to others. We may pass the information to other companies associated with Bluecube but only in the capacity of fulfilling the contractual service that our clients have signed up to. As we continue to develop our business, we might sell or buy assets. In such transactions, the information we have collected about you will generally be one of the transferred business assets. In addition, in the unlikely event that Bluecube or its assets are acquired, this information will of course be one of the transferred assets.

 

SHARED DATA

Bluecube uses third party suppliers in the provision of some services.  Where possible end users are administrators of their own data where we use a supplier relationship, such as Office 365. This means data retention and access policies can be determined by our clients.

In the instances where there is not direct access available to the client then data is automatically removed as part of our data retention policies.  Please see our data retention policy below for more information.

 

TRANSFERRING YOUR INFORMATION OVERSEAS

We will not transfer your information outside the European Economic Area.

 

WHAT ABOUT COOKIES?

"Cookies" are small pieces of information that are stored on your computer's hard drive by your browser. Bluecube. may make use of cookies to personalise your visits to our web site. Our cookies may contain personally identifiable information. Most browsers allow you to turn off the cookie function. If you want to know how to do this, please look at the help menu on your browser. You do need to allow your browser to accept cookies in order to use online services; we can still be contacted by telephone if you would prefer not to use cookies.

 

ACCESS RIGHTS

You have a right to access the personal data that is held about you. To obtain a copy of the personal information Bluecube holds about you, you should write to us at the following address: Blackhill Drive, Wolverton Mill, Milton Keynes, MK12 5TS, United Kingdom. Please include contact details, since we will need to confirm your identity.

 

SECURITY

As required by the Data Protection Act 1998 “the Act”, the General Data Protection Regulation (GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003, we follow strict security procedures and take appropriate measures to prevent unauthorised access, and to ensure that the information about you is not damaged, destroyed, or disclosed to a third party without your permission. This means that we may require you to co-operate with our security checks before we can disclose information to you. For the purpose of the Act, the Data Controller is Bluecube Technology Solutions Ltd Blackhill Drive, Wolverton Mill, Milton Keynes, MK12 5TS, United Kingdom.

This website and its content is copyright of Bluecube Technology Solutions Ltd © Bluecube Technology Solutions Ltd 2016. All rights reserved. Any redistribution or reproduction of part or all of the contents in any form is prohibited other than the following:

You may print or download to a local hard disk extracts for your personal and non-commercial use only. You may copy the content to individual third parties for their personal use, but only if you acknowledge the website as the source of the material. 'Bluecube Technology Solutions Ltd' and 'Bluecube' are trading styles of Bluecube Technology Solutions Ltd whose registered address is Blackhill Drive, Wolverton Mill, Milton Keynes, MK12 5TS, United Kingdom. Bluecube Technology Solutions Ltd. is registered in England and Wales number 04709978, our VAT registration number is GB 813 1794 37.

 

DATA BACKUPS

Our data backups are retained for 90 days.

Backup data is encrypted and not accessible unless a restoration is required. Hence removal of personal data from data backups may be unreasonable and the risk of a personal data Breach negligible.

 

CONFIDENTIALITY & INFORMATION/DATA SECURITY

Bluecube shall keep and shall procure that any technicians supplied to the Client shall keep in strictest confidence details of programs and systems to which the programs belong and the affairs of the Client, or of the Clients customers which may come to their knowledge during the course of providing services hereunder.  This undertaking does not relate to information or details which are already known to Bluecube; which is or becomes public knowledge; or which is disclosed to Bluecube by a third party in breach of any duty of confidentially owed to the Client. 

 

CONTACT US

If your require additional information about our Data Protection Officer, the specific roles of any data controllers or processors and/or you have any questions about this Privacy Policy, please write to us at:

The Data Protection Officer
Bluecube Technology Solutions Ltd.
Blackhill Drive, Wolverton Mill, Milton Keynes, MK12 5TS, United Kingdom

 

DATA RETENTION POLICY

Last Updated: 25th May 2018

This policy details the procedures for data retention and disposal of personal data about Bluecube employees and the context in which it is used.  It applies to all employees and to anyone else working for the company.

Unless otherwise specified the retention and disposal policy refers to both hard and soft (electronic) copy documents

The guidelines in this document are used to ensure the retention of business information for as long as it is needed. It takes account of the context in which Bluecube operates including the legal and regulatory environment.

 

DATA RETENTION

The primary factors that inform decisions on retention are:

  • Their value to the company as a source of information about the individual
  • Business need - as agreed by the Executive Team.
  • Legislative and regulatory requirements – for example compliance with the Fifth data protection principle.

 

DISPOSAL

Personal data records will be disposed of in line with the data retention schedule.  Records can be destroyed in the following ways:

  • Hard copies will be shredded
  • Electronic copies will be hard deleted

Where data has been shared or utilises a third party, it will be the responsibility of Bluecube to ensure that the third party removes data in line with the retention and destruction timeframes.

 

EXCEPTIONS

Where there are complex constraints preventing destruction of data in line with the established timeframes these must be audited on a case-by-case basis to determine if the rights of the individual are put at risk by the delay. Should there be a potential risk to the individual then they must be notified along with the ICO.

 

 

DATA RETENTION SCHEDULE

 

Data held

Sensitive or personal data?

Retention period

Comments

Personnel records

Some sensitive, but these fields are optional and self-administered

6 years (after termination of employment)

Documents related to your employment with Bluecube e.g. sickness and annual leave records, employees’ personal records, performance appraisals, employment contracts etc. This information should be held for legal obligations and legitimate interest based on any potential action via employment tribunal

Payroll and financial records

Personal

7 years from the tax year end

For Legal Obligations

Recruitment records

Personal

6 months

CVs, interview notes, cover letters. In case of any discrimination claim 6 months is the maximum period of time any such claim can be made

Email account

Personal

6 Months

In case of any discrimination claim 6 months is the maximum period of time any such claim can be made

Backed up data

Personal

90 days

Data will be retained for business continuity for 3 months to ensure an effective response to potential data loss through virus or natural disaster.

Monitoring Data

Personal

90 Days

Through our monitoring service, basic information about client devices are stored for a 90 day period before being automatically removed with some data moving to longer term storage for reporting. This data is retained for 90 days in order to monitor the basic functionality of the support services and additional Security measures in place thus maintaining quality of service.

Monitoring Data – Reporting

Personal

1 Year

Data used for reporting from our monitoring tool will be retained for a period of 1 year to maintain service metrics, improve the quality of the service and determine trend analysis. Data is only accessible via secure interface through Application with MFA

Recorded Remote Sessions

Personal

90 days

Remote sessions are recorded to ensure that end user’s data security and rights are not Breached during a remote session. These recordings are removed after 90 days, It is in the Legitimate interests for the individual to have a recording of such events so that we can investigate any claims of misconduct or unsatisfactory service.