Privacy Policy

1. Introduction

This is the privacy policy for Vividly Simple Limited, a company registered in England, with company number 10348798. Our business address is 400 Thames Valley Park Reading RG6 1PT. Vividly Simple Limited is the data controller responsible for any handling of personal data. Personal data, or personal information, means any information about an individual from which that person can be identified. At Vividly Simple we respect your privacy and undertake to treat and protect your personal data in line with current data privacy and protection laws. This privacy policy explains how we use your personal data when you visit our website, interact with us, and become a customer for our goods and services. It also sets out your rights to privacy and how the law protects you. If you have any questions, or would like to exercise your privacy rights, you can contact us by post to Vividly Simple Limited, 400 Thames Valley Park, Reading, RG6 1PT, by telephone on 0118 435 9991 or by email to privacy@vividlysimple.com.

2. Collecting your data

A. Website visitors

Our website www.vividlysimple.com describes our Managed IT and Communications Services which are aimed at business users, particularly small businesses located in the United Kingdom. Our website is not intended for children and we do not knowingly collect data relating to children. When you visit our site, unless your cookie settings have been set to prevent us doing so, a cookie will be deployed to your computer that lets us see when you visit, how you found us, which pages you view and how long you spend browsing our services. Our website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.  Further information about Google’s privacy policy may be obtained from http://www.google.com/privacy.html. Analytics data collected in this way may be shared with our website provider, and providers of marketing services we use from time to time. We use the data collected to help us improve the usability of our website, and to measure the success of promotional or marketing campaigns designed to encourage visitors to the website. Most web browsers automatically accept cookies, however you may delete, or disable cookies if you wish. If you choose to disable or adjust your settings for cookies, you may affect the experience you have when visiting some websites. Instructions for managing cookies can be found at http://www.allaboutcookies.org/manage-cookies/. We keep the data collected from visitors to our website for 26 months, after which time it is anonymised or automatically deleted. Our website includes links to third-party websites. Clicking on those links may allow third parties to collect data about you. We do not control these third-party websites and we recommend that you read the privacy policy of each website you visit.

B. Interacting with us

If you choose to interact with us via email or telephone, we will collect your name, email address, telephone number, and in some instances your address for the purpose of continuing our conversation. Our website includes a contact us form and a live chat facility. If you choose to contact us via this route, we collect your name and email address to allow us to contact you in response to your enquiry. We publish blogs on our website. If you choose to comment on a blog post, you will be required to provide your email address, which will be visible to anyone who visits the blog on our website. We may use your email address to respond to your comment if your comment includes a request for us to do so. Comments will remain on the website for up to 5 years, at which time the comments are deleted along with any personal data associated with the deleted comment. We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Your personal data collected during interactions with us will not be used for marketing purposes unless you specifically request (opt-in) to receiving information about our products and services. You may make a specific request by ticking one or more of the boxes adjacent to the contact us form on our website, or during a telephone, chat or email conversation. You have the right to stop receiving (opt-out) information about our products and services at any time by writing to us at Vividly Simple Limited, 400 Thames Valley Park, Reading, RG6 1PT, emailing us at privacy@vividlysimple.com, calling us on 0118 435 9991, or clicking an unsubscribe link at the bottom of marketing related emails.

C. When you become a customer

When you choose to become a customer for our goods and services, we will collect the personal data required for us to provide those goods and services. For all customers, we collect the following data:
  • Primary Contact name, email address and phone numbers
  • Secondary Contact (if available) name, email address and phone numbers
  • Business Address
  • Billing Address (if different)
  • Contact information for users of the services name, email address and phone numbers

Our telephone system is capable of recording conversations, which we may do from time to time. If it becomes clear during a recorded conversation that your communication is private, or you request that the call is not recorded, call recording will be stopped.

Under normal circumstances a recorded call will not be retrieved unless:

  • It is necessary to investigate a complaint
  • There is a threat to the health and safety of staff or visitors
  • It is required for the prevention or detection of crime
  • It is necessary to check compliance with regulatory procedures

Call recordings may also be anonymised and used for staff training.

We offer Direct Debit payment facilities for our customers. If you choose to pay by Direct Debit, we will collect your Bank Account number and Sort Code. We also collect additional data required to deliver the services we provide, depending on the services you ask us to provide you with.

Additional data is collected or stored to deliver specific services as set out below:
Service provided Additional data collected
Help and Support IP Addresses Device (Computer, smartphone, tablet) information (names, serial number, MAC address)
Digital Signs No Specific additional Data
Business Telephony IP Addresses Device (Computer, smartphone, tablet) information (names, serial number, MAC address) running phone software.Voice recordings on calls that voice recording is enabled. Fax transmissions received or sent. Voice Mail saved in the service. Address book entries (either shared via device permissions or entered into the service address book). Numbers you call or receive calls from and the duration.
Malware Protection IP Addresses Device (Computer, smartphone, tablet) information (names, serial number, MAC address) Applications installed Operating system version Filenames and types when identified as being a potential threat. Location information on mobile devices (smartphones and tablets) if your device settings share this location information with the service.

3. Protecting your data

We operate appropriate security measures to prevent your personal data from being accidentally lost, or used, accessed or disclosed in an unauthorised way. We limit access to your personal data to those employees, agents, contractors and other third parties who have a legitimate need. When held in our own systems, we:
  • Store in encrypted locations or files
  • Restrict access to authorised people and applications
In order to provide our services to you or comply with local law, we may share personal data with third parties such as:
  • Suppliers and service providers (for example technology service providers, payment processing and fraud prevention providers, manufacturers and postal or delivery services)
  • auditors and professional advisers like bankers, lawyers, accountants and insurers
  • government, regulators and law enforcement
We require all third parties we work with to respect the security of your personal data, to process the data solely for purpose of providing our services to you, and to treat it in accordance with the law. We do not allow any personal data to leave the European Economic Area unless we can be sure a similar degree of protection will be applied to it. We may transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. You can find out more from the European Commission website here: European Commission- Adequacy of the protection of personal data in non-EU countries. Where we use providers based in the US, we may transfer data to them provided they are part of the Privacy Shield which requires them to provide appropriate protection to personal data. You can find out more from the European Commission website here: European Commission – EU-US Privacy Shield. We have in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

4. Keeping your data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
  • We keep analytics data collected from our website for 26 months, after which it is either anonymised or deleted
  • We keep data from telephone or email interactions for as long as appropriate to maintain the relationship you choose to have with us
  • We keep financial records (data from quotes, invoices and payment history) for seven years, to comply with our legal and regulatory requirements

5. Your privacy rights

In the UK your rights under data protection laws in relation to your personal data are set out in the General Data Protection Regulation, which came into full force on 25th May 2018. The General Data Protection Regulation provides you with:
  • The right to be informed – an obligation on us to inform you how we use your personal data
  • The right of access – a right to request a copy of the personal data we hold about you (known as a ‘data subject access request’)
  • The right to data portability – a right for you to ask us to provide the copy of your personal data in an electronic format
  • The right to rectification – a right to make us correct personal data about you that may be incomplete or inaccurate
  • The right to erasure –you can ask us to delete the personal data we have about you. We are not required to delete such data if there’s an overriding legal reason we need to keep it.
  • The right to restrict processing – a right for you in certain circumstances to ask us to suspend processing personal data
  • The right to object – a right for you to object to us processing your personal data, for example in the case of direct marketing
  • Rights in relation to automated decision making and profiling – an obligation we have to be transparent about any profiling we do, or any automated decision making.
If you have any questions about this privacy policy, or would like to exercise your privacy rights, you can contact us by post to Vividly Simple Limited, 400 Thames Valley Park, Reading, RG6 1PT, on 0118 435 9991 or at privacy@vividlysimple.com. In the UK the Information Commissioner’s Office is the supervisory authority for data protection issues. If we do not respond appropriately to any privacy or data protection concerns you make us aware of, you have the right to make a complaint to the Information Commissioner’s Office at any time. More information about the Information Commissioner can be found on their website www.ico.org.uk