Privacy Policy


Here at Concero we understand the responsibility that you have entrusted to us, to protect and respect your privacy and look after any of your personal data that we may hold.

This Privacy Notice is inclusive of our General Terms of Service and sets out to explain what personal data we collect from you, how we use it and why, reasons why we may need to share your personal data with others, and how we store your personal data securely.

However, this policy will change and evolve, like so many other things, so we ask that you please check this on a regular basis for any changes that may have occurred.


Who are we?

We are Concero Technology Services! We are a friendly Technology Services company based in Wolverhampton, focused on providing the very best services and support to the Education and SME Sectors.

We are compliant with the ISO 9001 Quality Management, and ISO 27001 Information Security, standards.

Concero are a registered company, company number: 06673066, and our registered office: 303 Tettenhall Road, Wolverhampton, WV6 0LB.


Contact us

If you would like to talk to us about our Privacy, or anything else, you can contact us with the details below:

 

enquiries@concerouk.com

0333 111 0004

 

What’s this for?

As you may or may not be aware the Data Protection Law will change on 25th May 2018 and become the General Data Protection Regulation (GDPR).

This Privacy Notice outlines your rights under the new laws and how we meet them.


What does this mean to you?

It means that under the GDPR laws we can only process personal data if we have a valid reason to. The reasons we can process your data include but are not limited to; Performance of a contract, Consent, Billing and to contact you about the services and support that we provide to you.

Depending on the circumstances under GDPR, Concero may be considered as both Data Controller and Data Processor of your personal information.

 

What information is being collected?

To properly support you we may collect personal data from you, this will include; your Name, School or Business Name, position, works postal address, works email address, and any phone numbers you may provide us with. If you have any orders with us, we will also keep payment information.

In the event that you contact us we retain any correspondence, queries and support requests that you may make.

We may also keep details of your visit to our websites, such as traffic and location data.

We only process this information in accordance to our ISO accredited Information Security Policy.

If we support your IT network and infrastructure, any data that you put on your network is your own and not subject to Concero’s Privacy Notice or their other policies. We must inform you that although we do have access to any data on a network that we support, we will never access it without your prior permission and consent.

For further clarification for schools, we collect nor hold any data other than outlined above on your staff and absolutely no data on your pupils, students and parents.


What’s your data used for?

We need the data about you for a few things. We’ve listed how we use your data below, so you have a clear idea of what we do with it and why we ask for it.

< >So we can adequately support you, as outlined in your SLA;To comply with any contractual obligations, we have with you;To allow us to identify our services users;So we can provide a high level of customer support to you, including dealing with any support requests or queries you may pose to us;To allow us to develop and review our web services;To process any orders you have with us, and to keep track of billing and payments;To identify fraud and to keep our records accurate;To review any job applications sent to us;Notify you about changes to our services;To provide you with any information about our products and services that you may request from us or which we feel may interest you, only in a situation where you have consented to be contacted for such purposes;To keep you informed of any changes we may make to your subscribed to services, such as but not limited to, pricing or terms and conditions.We process any information you submit to us in a support request via any of our modes of Helpdesk communication. This will include names, email addresses, business or school names, telephone numbers and may include user names, passwords and postal addresses, as well as any other information you submit, intentionally or not.

 

Part of this processing calls upon automated procedures. We perform regular and extensive testing of our automated procedures to make sure they perform exceptionally all the time, however in rare circumstances this may result in unexpected results, at no point should these threaten the privacy of your data.


Internet Provision Service

Our Internet Provision Services are outsourced to a select few trusted Internet Service Providers (ISP) that we have hand picked and checked. We will always tell you who your provision is with. We have to share certain information with your ISP for you to be able to receive the services you have signed up for. This usually consists of Name, Address, and Internet Protocol (IP) Addresses.


MIS Support

With our MIS support we do not access any personal data held on your system, we are here to make sure your MIS works for you and that’s all we intend to achieve. Should the need arise for a 3rd Party support we may have to discuss some personal information with them, however it will only ever be a contact at your business and nothing more. If we need to share anything more, we will always seek your permission first. We will never willingly discuss, transfer or share your personal information held within your MIS with anyone without the consent of your business.


Telephone Communications

All our phone calls are recorded for training and monitoring purposes. Only the telephone number is kept alongside the recording, and we keep the recordings for 30 days in line with our Data Retention Policy. Unless there is an issue in which case we may keep recordings for longer. We will never sell or pass on your contacts details to a third party.


Installations

In the event that Concero performs an installation at your site, depending on the type of install, it will specify what is done. If you are having an equipment install for Audio Visual equipment, infrastructure or a client computer, then no personal data outside of your contact details and payment information is handled.

If Concero perform a network upgrade or a Server recovery or upgrade, our engineers will have to handle all the data on your network in some fashion. This is typically a physical move of your data between equipment, and we will only ever access the data you hold should an issue arise, such as corruption, or if the nature of the issue stemmed from that data e.g. Virus infection in a user account.

During an install none of your data is taken off site, without prior consent, and is only ever copied to your own equipment. We will never share or transfer any of your data to a third party, unless we need to use a third party to help provide our service to you, in which event we will only ever share your contact details and nothing else.


Curriculum Advice and Support Services

In order for us to properly provide our Curriculum services to you, our Head of Learning Technologies may share your contact information with third parties for product introductions.

For our accredited training we do use third party suppliers to enable us to give you the very best in training and certification. For this we do have to send some personal information and any coursework completed by our customers to our training suppliers for accreditation, who will then issue certificates.

Our third-party training associates are not covered under our Privacy Notice and will have their own policies, of which we do advise you to read. As our training courses do vary from time to time so do the third parties we work with, if you would like to know which companies we are currently using for our training please feel free to contact us on the details at the top of this document.


Procurement

So that we can provide you with the best equipment and competitive prices, our procurement team do have to share some of your personal data with our approved suppliers. This is usually contact and billing information, so we can properly quote and order on your behalf.


Third Parties

We have to work closely with a number of third party organisations in order to run as a business and to provide you with a wider range of services. They may provide information that they collect about you, to us.

These third parties may provide such information as Names, Addresses, IP Addresses, Payment information, Server and Diagnostic logs, Communication data, Device-Specific information, or Location Data. We use their services within our websites and support packages. However, under some circumstances they may be acting as the Data Controller and they will have their own Privacy Notices we advise you to read.

We may pass your personal details onto third parties for the provision of services on our part, for example processing your payments. In these instances, we will only share the information specific to the task at hand, and we have Data Sharing agreements in place to ensure that your data remains secure and will only be used for the purpose it is shared for.



Where do we keep your data?

Your data is a prime concern to us and we strive to use services that are as stringent as ourselves. We use several servers based in the UK, EEA and USA depending on the services, all of which are held in, either Tier IV or Tier III+, PCI DSS or ISO 27001 compliant facilities. Any and all data transferred to the US, is done so in a secure fashion using the EU-US or Swiss-US Privacy Shield Frameworks.

The laws in countries out side of the EEA may not be able to provide your data with the same protection as within the EEA. However, any third party outside the EEA dealing with EEA data they too, are bound by GDPR and have agreed to abide by EEA levels of data protection in regard to transfer, processing and storage of any personal data.

By providing your data to us, you agree to this transfer and storage. We will however, ensure that reasonable steps are taken to protect your data in accordance with Concero’s Privacy Notice.

All data stored by Concero is kept and transported in an encrypted format.


Accessing and updating your data

Under data protection law, your data must be up to date and accurate. We ask that you must maintain your data on our systems, including but not limited to name, address, email address and telephone details.

You can do this through your Concero Customer Portal, found here: https://conceroservices.co.uk/

Or through your Concero Zendesk Portal control panel found here: https://concerouk.zendesk.com


Your rights and the right to be forgotten

Under data protection law, you have the right to object to us using your data or to delete it. This is known as your Right to be Forgotten, or the Right to be Deleted. Should you wish to enact this right Concero will endeavour to enact this for you. However please be aware we do have legal obligations where we may have to keep your details on file and they will not be subject to the Right to be Forgotten.

In preventing the use or processing of your personal data, it may delay or prevent us from fulfilling our contractual obligations to you. It may also mean that we will no longer be able to provide our services to you.

You have the right to ask us to not process your information for marketing purposes. If you have not opted in to our marketing process, we will not contact you with any marketing material. We would like to remind you that we will inform you of our latest events and services via marketing and would hate for you to miss out.

If you would like to enact any of your rights under the GDPR please contact us on the details at the top of this document, submit a service request to support@concerouk.com, or visit the customer portal and we will be happy to handle your request within 28 days. We may ask you for proof of identity.

Please be aware that we hold the right to charge a reasonable administration fee for certain requests should we deem them unfounded or excessive. We may also charge for additional copies.

We also hold the right to extend the response time for requests to longer than the allotted 28 days if we deem the request to be complex or if we have received multiple requests from an individual.


Data Breaches

In the unfortunate event of a data breach we shall ensure that our obligations under GDPR will be followed where necessary.


Not happy how we do things?

If you find yourself in the unfortunate situation where you are not happy with how we have handled and processed your personal information, please let us know so we can improve. We would like to remind you that you have the right to make a complaint to the Information Commissioners Office.

https://ico.org.uk/concerns/
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113