Privacy Policy

Scope

All data subjects whose personal data is collected, in line with the requirements of the GDPR.

Responsibilities

Infinite IT Solutions Limited are responsible for making our customers aware of the data we are collecting/processing on their behalf

 

Privacy notice

Who are we? 

Infinite IT Solutions Limited are an outsourced IT company who assist small businesses through North London, Hertfordshire, Bedfordshire and Cambridgeshire.

Registered Office – Suite 2 The Stables, 6 Church Street, St Neots, Cambridgeshire, PE19 2BU

Telephone number – 0800 0337211

Company registration number – 7131118

 

What personal information do we collect about you, and when do we collect it?

We may ask you for information to enable us to provide a service to you and we collect this information by telephone or written correspondence. We may ask you for information including your name, private / business address, contact telephone numbers, email address, IP address and system passwords. We may also ask you for other information that relates to the provision of IT support or services, for example: payment details.

 

What personal information do we collect about you from other companies and organisations?

We may receive personal information about you from other companies and organisations (for example, for marketing purposes) and we rely on these third parties to obtain your consent for us to use this information.

 

Do we share your personal information with anyone else?

We sometimes use other companies to provide services to you or to provide services to us. To enable them to do this, we may need to share your personal information with them. When we do so, these companies are required to act in accordance with the General Data Protection Regulation and to keep the information secure.

We may provide information, in response to properly made requests, for the purposes of the prevention and detection of crime, and the apprehension or prosecution of offenders. We may also provide information for safeguarding national security. In either case we do so in accordance with the General Data Protection Regulation. We also provide information when required to do so by law, for example under a court order, or in response to properly made demands, under powers contained in legislation.

 

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

By law we must keep basic information about our customers (including contact, identity, financial and transaction data) for six years after they cease being customers for tax purposes.

 

Consent

By consenting to this privacy notice you are giving us permission to process your personal data specifically for the purposes identified.

You may withdraw consent at any time by contacting gdpr@infinite-it.co.uk

 

Your rights as a data subject

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

  • Right of access – you have the right to request a copy of the information that we hold about you.
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  • Right to object – you have the right to object to certain types of processing

All the above requests will be forwarded on should there be a third party involved in the processing of your personal data.

 

Complaints

In the event that you wish to make a complaint about how your personal data is being processed by Infinite IT Solutions Ltd (third parties), or how your complaint has been handled, you have the right to lodge a complaint directly with the ICO and/or Infinite IT Solutions Limited using the details in the who we are section above

 

Remote Access 

As part of its contractual obligation to provide IT support services to its customers, Infinite IT Solutions Limited uses remote desktop technology. These remote support services allow us to diagnose and resolve technical issues that arise on our customers’ computers, servers and IT systems.

To perform desktop support, our helpdesk engineers must first receive prior direct consent from the user.

Please note that in the event of this consent being withheld, Infinite IT Solutions Limited will have to investigate and resolve the issue via the means of a site visit which will incur significant additional costs for the end customer.

We strongly recommend that users close or minimise sensitive files before our helpdesk engineer connects to the computer remotely.

Our helpdesk engineers will only search their computer in order to identify and correct any conditions on your computer that may hinder its performance and will attempt to limit their interaction with files to a minimum.

We may occasionally provide unattended remote support upon request. Our helpdesk engineers still require explicit consent to perform such support even if the individual user is not in attendance.

In fulfilling its contractual obligations, Infinite IT Solutions support engineers will often require unattended remote access to customer servers to undertake systems administration and server maintenance tasks.

In most cases, our engineers will also have full administrator access to personal information being processed by your company. It is our policy that our engineers will only access such information as required to perform a specific predetermined task and again, will limit their interaction with personal data to a minimum. They will not move the data from its original location within your company network unless this is pre-agreed and central to the task being performed and will not copy or move data outside of your company network without the express permission of the designated IT manager and/or decision maker within your company.

As a security measure, our systems only allow our engineers access to our remote desktop tools via two-factor authentication and IP address verification

 

Information Security

Security, integrity, and confidentiality of your information are paramount to us as a business.

We have already implemented various security features that are intended to help prevent the unauthorised access or loss of the personal information that we process.

To protect our data subject’s personal information, we restrict access to it to company employees/contractors who need it to perform their job duties.

In addition, those who have access to personal information are subject to non-disclosure agreements and may be disciplined or have their employment terminated if they fail to meet these obligations.

We protect personal information by using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure, and alteration. Nevertheless, no one can guarantee absolute protection of your personal data. You must also do your part in protecting the data, systems, networks, and services that you are using by limiting the physical and logical access to these systems and working with us to ensure that you have made allowances for the provision of robust data backup routines.