What is GDPR?
What information does the GDPR apply to?
Why do we collect your data?
How do we collect your data?
What data do we collect and how is it used?
How do we store your data?
How long do we keep your data?
How can you obtain the information we have about you?
How to amend data that is incorrect or incomplete?
External links and Social Media
**Scottish Broadband Voucher Scheme**
1. What is GDPR?
The General Data Protection Regulation is a new, European-wide law that replaces the Data Protection Act 1998 in the UK. It places greater obligations on how organisations handle personal data. It comes into effect on 25 May 2018.
2. What information does the GDPR apply to?
The GDPR applies to ‘personal data’, which means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.
3. Why do we collect your data?
In order to offer our services to you we have to collect certain information about you and pass this on to our trusted contractors (IT team, installers) and service providers (Mailchimp, Zendesk, etc – see below for more extensive list).
Please exercise due caution when interacting with email addresses, social media accounts and web pages purporting to be connected to our website. We will never ask for financial details (for one exclusion – see below) or sensitive information such as passwords.
We will never sell on, rent or distribute your data to others so that they can contact you without your permission, unless we have been required by law to do so. Any data we collect is solely used to provide you with the broadband services that you have requested, to help with any technical issues and/or repairs, to create your account and inform you of planned maintenance, outage updates, and changes in prices or policies.
4. How do we collect your data?
We collect your data via the e-mails you send us, from information you provide us over the phone or in person and via the forms you complete on our website.
5. What data do we collect and how is it used?
We ask for your name, address, phone numbers and e-mail.
– Name, E-mail addresses, location and phone numbers and any other specific data (specific access instructions for our tech team)
Are used to allow us to provide our service at your premise, to create your account with us and to inform you of outages, planned maintenance, important changes in prices and/or policies.
Only relevant information is shared with our trusted engineers and contractors on a need to know basis for the purpose of providing you with a service or repair.
Our web contact forms are run by trusted third party service providers, as is our email server. These service providers will not contact you for any purpose unless you or we have requested that they do so on our behalf in which case we will notify you in advance. (e.g. Direct Debit set up mail from Sage/Gocardless).
Our Mailchimp mailing is solely used as a tool to quickly inform our customers of any disruption in the service, of any major reported problems, of planned maintenance requiring down time, of changes in prices or policies and once a year of office closing periods. It is not used for marketing purposes.
– Banking details
We do not possess your banking details as these are processed directly through Sage/Gocardless – our secure book keeping/banking system.
**We will never ask for your bank details UNLESS you are hosting a relay in our network and we require to send you a refund for the electricity used. (once a year) At this occasion we will e-mail you and you can contact us via phone or
e-mail to provide us with your details. This information is deleted as soon as the payment has been processed**
6. How do we store your data?
We encrypt information we receive from you via our website, e-mail or webforms. Only encrypted data is stored on our computers, external drive and cloud storage.
Our devices have the latest firmware, security updates and anti-virus software in place
7. How long do we keep your data?
We keep your data for the time we are legally required to keep records for audit purposes.
8. How can you obtain the information we have about you?
Simply send us an e-mail using this dedicated e-mail address: GDPR@locheilnet.co.uk Before we provide this information, we will need to check and confirm your identity. We will then send you the requested information at no cost within one month of the request being made, which is on the calendar day a month after it was received.
9. How to amend data that is incorrect or incomplete?
If you require us to delete or correct your personal information then we will do so.
Please inform us if any of your recorded personal details have changed, for example if you are subscribed to our Mailchimp mailing list and your email address has changed. If you believe that any information we have recorded is incorrect or incomplete, please let us know via de dedicated e-mail address GDPR@locheilnet.co.uk and we will make any necessary corrections.
10. External links and Social Media
When we link to other websites it should be noted that we do not have control over or responsibility for these other sites and cannot guarantee or verify their contents, despite our best efforts. Other sites will have their own differing privacy policies and terms and conditions, as such you should review these before trusting those sites with your personal information.
We do make use of social media as an addition to our messaging service via Mailchimp to provide information and updates about unplanned outages and issues related to the provision of our service.
Communication and interaction through social networks are governed by the privacy policies and terms and conditions of each respective social network, and may be tracked, recorded and displayed to other social network users.
11. **Scottish Broadband Voucher Scheme**
We provide your data to the Scottish Government for use under the R100 Programme and the Scottish Broadband Voucher Scheme (SBVS).
This will be used by the Scottish Government in its administration, management and operation of the SBVS in compliance with their obligations under the Data Protection Laws.