How we use your information
This privacy notice tells you what to expect when Netmatters Ltd (Netmatters) collects personal information. It applies to information we collect about:
- visitors to our websites;
- complainants and other individuals in relation to an enquiry;
- people who use our services, e.g. who subscribe to our newsletter or enter into a contract with us; and
- job applicants and our current and former employees.
Visitors to our websites
When someone visits www.netmatters.co.uk we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Our monthly e-newsletters are created and delivered internally by our digital marketing department. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our e-newsletter.
Security and performance
Netmatters strives to maintain the security and performance of the Netmatters website. To deliver this service it processes the IP addresses of visitors to the Netmatters website.
People who contact us via social media
We use a third party provider, Hootsuite to manage our social media interactions.
People who call our helpline
When you call the Netmatters’ helpline we collect Calling Line Identification (CLI) information. We use this information to help improve our efficiency and effectiveness.
People who email us
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
People who use our IT Support service
We use a third party provider, BOMGAR, to supply our Support service, which we use to handle customer issues in real time.
If you use the Support service we will collect your email address (optional) and the contents of your Support session. This information will be retained for ten years and will not be shared with any other organisations.
You can request a transcript of your Support session if you provide your email address at the start of your session or when prompted at the end.
People who make a complaint or enquire with us
When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.
We will only use the personal information we collect to process the complaint and to check on the level of service we provide.
We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
We will keep personal information contained in complaint files in line with our retention policy. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.
People who use Netmatters’ services
Netmatters offers various services to the public.
We have to hold the details of the people who have requested the service in order to provide it. However, we only use these details to provide the service the person has requested and for other closely related purposes. For example, we might use information about people who have subscribed to any of our services to carry out a survey to find out if they are happy with the level of service they received. When people subscribe to our services, they can cancel their subscription at any time and are given an easy way of doing this.
Data Protection and Data Processing
1. Upon engaging with Netmatters, both parties will comply with all applicable requirements of the Data Protection Legislation. This is in addition to, and does not relieve, remove or replace, a party's obligations or rights under the Data Protection Legislation. In this clause, Applicable Laws means (for so long as and to the extent that they apply to Netmatters) the law of the European Union, the law of any member state of the European Union and/or Domestic UK Law; and Domestic UK Law means the UK Data Protection Legislation and any other law that applies in the UK.
1.1 The parties acknowledge that for the purposes of the Data Protection Legislation, the Client is the Data Controller and Netmatters is the Data Processor.
1.2 Without prejudice to the generality of clause 1.1, the Client will ensure that it has all necessary appropriate consents and notices in place to enable the lawful transfer of the Personal Data to Netmatters and/or lawful collection or Processing of the Personal Data by Netmatters on behalf of the Client for the duration and purposes of the Contract.
1.3 Without prejudice to the generality of clause 1.1, Netmatters shall, in relation to any Personal Data processed in connection with the performance by Netmatters of its obligations under the Contract:
(a) process that Personal Data only on the documented written instructions of the Client unless Netmatters is required by Applicable Laws to otherwise process that Personal Data. Where Netmatters is relying on Applicable Laws as the basis for processing Personal Data, Netmatters shall promptly notify the Client of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit Netmatters from so notifying the Client;
(b) ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures;
(c) ensure that all personnel who have access to and/or process Personal Data are obliged to keep the Personal Data confidential;
(d) assist the Client, at the Client's cost, in responding to any request from a Data Subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
(e) notify the Client without undue delay on becoming aware of a Personal Data Breach;
(f) at the written direction of the Client, delete or return Personal Data and copies thereof to the Client on termination of the agreement unless required by Applicable Law to store the Personal Data; and
(g) maintain complete and accurate records and information to demonstrate its compliance with this clause and allow for audits by the Client or the Client's designated auditor and immediately inform the Client if, in the opinion of Netmatters, an instruction infringes the Data Protection Legislation.
1.4 Netmatters confirms that it will enter into a written agreement with any third party processor it uses under the Contract, which will reflect the requirements of the Data Protection Legislation. Where necessary to comply with its obligations under the Contract Netmatters may use third party cloud providers and the Client consents to this. As between the Client and Netmatters, Netmatters shall remain fully liable for all acts or omissions of any third party processor appointed by it pursuant to this clause 1.4.
1.5 The Client acknowledges that Netmatters is reliant on the Client for direction as to the extent to which Netmatters is entitled to use and process the Personal Data. Consequently, Netmatters will not be liable for any claim brought by a Data Subject arising from any action or omission by Netmatters, to the extent that such action or omission resulted directly from the Client’s instructions.
1.6 The Client acknowledges that Netmatters has no control over data that is submitted onto Netmatters’ systems and as such the Client is responsible for any data it submits.
Job applicants, current and former Netmatters employees
When individuals apply to work at Netmatters, we will only use the information they supply to us to process their application and to monitor recruitment statistics. Where we want to disclose information to a third party, for example where we want to take up a reference or obtain a ‘disclosure’ from the Criminal Records Bureau we will not do so without informing them beforehand unless the disclosure is required by law.
Personal information about unsuccessful candidates will be held for 6 months after the recruitment exercise has been completed, it will then be destroyed or deleted. We sometimes retain de-personalised statistical information about applicants to help inform our recruitment activities, but no individuals are identifiable from that data.
Once a person has taken up employment with the Netmatters, we will compile a file relating to their employment. The information contained in this will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once their employment with Netmatters has ended, we will retain the file in accordance with the requirements of our retention schedule and then delete it.
Complaints or queries
Netmatters tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of Netmatters’ collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
Access to personal information
Netmatters tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the General Data Protection Regulation. If we do hold information about you we will:
- give you a description of it;
- tell you why we are holding it;
- tell you who it could be disclosed to; and
- let you have a copy of the information in an intelligible form.
- The right to access – You have the right to request Netmatters provide copies of your personal data.
- The right to rectification – You have the right to request that Netmatters correct any information you believe is inaccurate. You also have the right to request Netmatters to complete the information you believe is incomplete.
- The right to erasure – You have the right to request that Netmatters erase your personal data, under certain conditions.
- The right to restrict processing – You have the right to request that Netmatters restrict the processing of your personal data, under certain conditions.
- The right to object to processing – You have the right to object to Netmatters’ processing of your personal data, under certain conditions.
- The right to data portability – You have the right to request that Netmatters transfer the data that we have collected to another organization, or directly to you, under certain conditions.
To make a request to the Netmatters for any personal information we may hold, you need to put the request in writing and either address it to our Information Governance department at the address provided below, or email us.
If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.
If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting the Information Governance department.
Disclosure of personal information
In many circumstances we will not disclose personal data without consent. However when we investigate a complaint, for example, we will need to share personal information with the organisation or individual concerned and with other relevant bodies. There are also circumstances where we can pass on personal data without consent for example, to prevent and detect crime and to produce anonymised statistics.
Links to other websites
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last updated on 29th August 2018
How to contact us
Information Governance Department Netmatters Limited 11 Penfold Drive Wymondham Norfolk NR18 0WZ
How to contact the appropriate authority
Should you wish to report a complaint or if you feel that Netmatters has not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s Office.
Phone: 0303 123 1113