At Envision Online Ltd, we value your customer data. It is important to use to keep your data safe and that is the purpose of this policy. We are not in the business to sell, rent, or trade email address with other companies for marketing purposes.
Envision Online is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
Envision Online may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 16 July 2012 and last updated 12 May 2019.
As a web host, Envision Online are committed to addressing EU data protection requirements applicable to us as a data processor. These include:
Data processing: Our ability to fulfil our commitments as part of article 28 of the Regulation as a data processor to our customers, is a part of our compliance with GDPR. You, the data controller, are using a third-party such as ourselves to process personal data.
Because of this requirement, we have assessed our existing data protection policies and practices and made the necessary changes.
Data sharing: The data our customers store with ourselves is theirs, however for certain services such as domain registrations we will be guided by ICANN and Nominet rules & regulations
What is the General Data Protection Regulations, 2018 (GDPR) and how does it affect me?
The GDPR replaces the 1998 Data Protection Act to ensure your personal and sensitive, confidential data is kept private and held securely, being processed in the way that you have agreed to. It is there to protect your rights as a consumer of a service or product that might involve your identifiable data, e.g. your name and address or whether you have a specific condition. It also covers any session records, text messages or emails we exchange. For more information you can read the policy documents accessible on my website.
We do not sell, distribute or lease your personal information to third parties.
How We Collect Information About You
1/ When you supply information to us by phone, email, text message, instant message, social media, or through our website.
We do not collect information from third parties.
Your Personal Information
The informaton we hold on clients and suppliers are:
- Business Address
- Phone Number
- Email Address
- Website Address
We store this information in Sage Instant Accounts software & Email. We use password protection to prevent unauthorised access to the accounts. Only those with a need to know basis have access to these software packages.
We do not store any bank details for clients or suppliers.
Our website may also collect the following information:
IP Address, information from cookies, information about your computer or device (eg browser, screen size), geoprahical location from where you accessed the website based on your IP address.
All design work for our websites is performed inhouse. Therefore your data is not exported and shared with other third party suppliers.
Data Controller and Data Processor
- A controller is a person or an organization that decides what data is collected and how it’s used.
- As a data processor, a person or an entity processes the data on behalf of the controller.
We operate as a data controller when clients provide consentual personal information when placing a new order.
Disclosure of your personal information to third parties
We only disclose your information to third parties necessary to run our business. This include the accountantcy work. When the accounts are reconsiled, the backup files are deleted within a couple of weeks.
How long will you hold my information?
As a web developer and host provider, we hold your data for 7 years for the primary purpose of accounting purposes for the HMRC. Information entered into a website when creating an account can be accessed by the client and erased themselved. Alternavity we can put you in contact with the business owner of the website so the data can be removed.
What if I don’t want my records to be held for that long?
Under the GDPR you can make a request in writing to us for all your records to be deleted. Any electronic data such as emails or text messages would be permanently deleted from the devices they are stored on.
Why do you need to record this information?
We store your information no longer than necessary, taking into account any legal obligations we have (e.g. to maintain records for accountcy purposes), any other legal basis we have for using your information (e.g. your consent, performance of a contract with you or our legitimate interests as a business)
How do we secure your data
We use appropriate technical and organisational measures. For data tranfered by website or email, encrypt transfers of data to or from our servers using Secure Sockets Layer (SSL) technology, encrypting payments you make on or via our website using Secure Sockets Layer (SSL) technology, only granting access to your information where necessary.
We only record client and suppliers details for accountantcy purposes.
As part of our business we develop websites for our clients. All data stored on our website and our clients websites use md5 hashing algorithm to encrypt the data. The databases and WordPress websites we develop also have unique and seperate passwords to prevent unauthorised access to any data..
Do we sell your information to third parties
No, we do not sell your information to any third parties.
Our Role As A Data processor
While Envision Online may provide you with assistance to help ensure your business is compliant, it is your responsibility to ensure that your site is compliant with GDPR.
Envision Online may store confidential client data for you on our website. While we will do our best to ensure that the website is secure and follows best practices, we accept no liability for data loss or security breaches. It is up to you to ensure that your site complies with GDPR.
Should there be an issue with your website, we may have to access your clients data to identify and resolve the problem. This might involve processing your clients data. We will not use the data other than to provide you with the service you need
You are entitled to know what information we hold about you. If you want to know what information we store, please contact us and we shall provide you with the information you request. Should any of this personal data be incorrect, please let us know and we will amend it accordingly.
If you would like us to delete any data we hold about you, please contact us and we will delete your personal information.
Please note that while we will remove what data it is possible to do so, we are required to keep some data, such as invoices for accounting purposes.
It may also not be practical to delete data in some cases, such as when the data is stored in a location that is not normally accessible to us. In these cases we will ensure that we do not process your data and remove it upon access.
If you make a deletion request, we can tell you what we have removed and what data we are unable to remove for legal or practical reasons.
If you have any questions about this policy, please contact the data controller Peter Mayhew
What we collect
We may collect the following information:
- Contact information including email address and phone number
- Demographic information such as address and postcode
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
When someone visits www.envision-online.co.uk we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
We do not use any third-party providers to deliver newsletters. We only contact you about an quotation, and order, or a customer query.
Envision Online Ltd are not linked to any third parties, and we do not share data your data.
Access to your personal information
You are entitled to view, amend, or delete the personal information that we hold. Email your request to our data protection officer Peter Mayhew at firstname.lastname@example.org
Changes to this Privacy Notice
This document was last reviewed on 19/4/18, and shall be reviewed every 2 years, or earlier if changes to the policy is required.
What we do with the information we gather
We require your information such as name, address, phone number simply for internal record keeping only. Which includes recording your contact details in our accountacy software to produce invoice and contact you for any future technical support.
The accountacy software, with your details, are stored locally at our premises and not with third parties.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling your personal information
You may choose to restrict the collection or use of your personal information in the following ways:
- whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes
- if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.
You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee will be payable. If you would like a copy of the information held on you please write to 5 Laurel Cottages, Walton Cardiff, Tewkesbury, Gloucestershire, GL20 7RF.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible at the above address. We will promptly correct any information found to be incorrect.