We are Accesspoint Group Holdings Ltd incorporating Accesspoint Technologies Ltd and Accesspoint Legal Services Ltd. Your privacy is protected by law, and it is also protected by our privacy policies. This page gives you an idea of how we use your data and the safeguards we put in place to protect it.
You can contact our voluntarily appointed Data Protection Officer at email@example.com if you have any queries or would like to uphold your rights.
Our Promises to you
- We will only collect data about you that is relevant and necessary;
- Your data will only be held on systems that meet compliance standards;
- Your data will only be accessed by those who need it and we will minimise the amount of data that is processed, wherever possible;
- We won’t share or sell your data to any third party except for the marketing of our own services to you unless either you have agreed, we are required to share it by law or we need to fulfil our service commitments to you through a third party that meets our own privacy standards;
- We will always remember that it is your personal data, not ours. As such we will ensure complete transparency and openness with you wherever possible;
- We respect your rights as outlined in the next section and will respond to all requests promptly
Your Rights in relation to your Data
You have the certain rights over any data we hold about you:
- Request a copy of personal information we hold about you.
- Ask that we update the personal information we hold about you or correct such personal information that you think is incorrect or incomplete.
- Ask that we delete personal information that we hold about you or restrict the way in which we use such personal information.
- Object to our processing of your personal information; and/or
- Withdraw your consent to our processing of your personal information (to the extent such processing is based on consent and consent is the only permissible basis for processing).
You can read more about your rights here.
If you would like to uphold your rights then please contact our Data Protection Officer at firstname.lastname@example.org
If you are in dissatisfied with our response you also have the right to lodge a complaint with the Data Protection Authority. This can be done at https://ico.org.uk/concerns/
How we collect your data
We try and minimise the data held and the exact data elements we hold will be dependent on your journey with us.
Typically, data elements we collect are restricted to:
- Your personal contact details – email address, IP Address, phone numbers, business related social media page such as LinkedIn and source of your data;
- Your company details – as above but also address, website and other public held information including credit rating and invoicing details if relevant;
- Transmitted information – such as emails, texts, messaging, phone call information and recordings, voice mails, email, meeting notes, CVs and document tracking information.
If you want to know how we obtained your data and when then please contact us.
Why we collect your data
The primary legal basis that we process your data is for the fulfilment of Contract. Normally this means an IT Contract with your employer.
The information that we collect is essential for us to be able to carry out the services that you require from us effectively.
Data gained from marketing our services or other business activities are processed for our Legitimate Interests.
Every email sent from us allows you to opt out of receiving marketing emails from us, except for the purposes of fulfilling any contractual arrangements.
How we use your personal data
We process information about you in order to provide you with the services for which you or your employee engages us.
In general terms our marketing activity is exclusively “Business to Business.”
If we believe you will benefit from our services we may use your data to market to you if you have consented us to or if we believe we have a legitimate interest in doing so, fulfil contractual arrangements or for other agreed purposes.
Calls may be recorded for information holding, quality and training purposes. Our email, document management and website analytics are used for information purposes.
All our processes are mapped and are subject to various internal policies, procedures and governance, ensuring your data privacy and security remains central to all we do.
How we Process your data
Data is processed on encrypted systems including hosted cloud services such as Microsoft Office 365. A list of these systems can be provided on request.
As such, data is processed wherever possible in the UK or EU with companies that have demonstrated strong Data Security. We may also process your data in countries outside the UK or European Union from time to time in other aspects of our business.
Further to Section 119A of the Data Protection Act 2018 and noting Case C-311/18 in the European Court of Justice, if your data is transferred or processed outside of the UK or EEA where adequacy decisions are not in place we ensure the safeguards of International Data Transfer Agreements (IDTAs) or Addendums are enforced. Where this is not possible, we ensure that appropriate UK or European Standard Contractual Clauses are entered. For data transfer between the USA we mat rely on the Data Privacy Framework or the UK Extension Data Bridge. We regularly review suppliers for data security compliance to ensure your data is safe and track where your data is held.
Sharing your Data
We will only share information where agents, resellers or suppliers are involved in the delivery of your service. In such cases we will first try and anonymise the data, or minimise it to the fullest extent possible.
Where third parties are involved in processing your data that we control, we will have a contract in place with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing your data and that they will only act in accordance with our written instructions.
Where it is necessary for your personal data to be forwarded to a third party, we will use appropriate security measures to protect your personal data in transit such as password protection and/or encryption of data.
These third-party providers may use their own third-party subcontractors that have access to personal information (sub-processors). It is our policy to use only third-party providers that are bound to maintain appropriate levels of security and confidentiality, to process your personal information only as instructed by us, and to flow those same obligations down to their sub-processors.
We may also disclose your personal information to law enforcement, regulatory and other government agencies and to professional bodies and other third parties, as required by and/or in accordance with applicable law or regulation including but not limited to prevention of fraud or minimising credit risk.
Our website and other materials sent to you may contain links to other third party websites. We’re not responsible for the content or your data privacy on these sites.
Retention of your personal information
We will retain your personal information only for as long as we need it, given the purposes for which it was collected, or as required to do so by law.
Normally, this means we will keep personal information about you for a maximum of 7 years after the end of our relationship with you unless obligations to our regulators require otherwise or we are required to remove such data from our records.
- We will remove your personal information, if you or your organisation have never purchased from Accesspoint, and are no longer subscribed or engaged with our marketing, after 1 year.
- We retain contact details to enable us to send you marketing information for as long as we have your consent or (if relying on legitimate interests) for as long as our legitimate interests allow unless you object.
For more information, please contact us for a copy of our retention policy.
We seek to uphold our legal obligations as covered by the Data Protection Act 2018 and the General Data Protection Regulation 2016. Our Data Protection Authority is designated as the Information Commissioners Office (ICO).