What this Policy covers:
This policy sets out how Siftware uses and protects any information that you give us.
Siftware is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified, then you can be assured that it will only be used in accordance with this policy.
The information we collect:
The type of information we collect and how we use it depends on why you are providing it. Personal Information is information or pieces of data that could allow you to be personally identified.
We may collect and process data about you including:-
In general:
- Name and contact email address
- Postal Address
- Telephone Numbers
Extra information collected:
New Contact queries (via telephone and website):
- Technical information – websites, code, framework, servers
Client information:
- Contract information
- Technical information – websites, servers, code
Staff information / Job applicants:
- Contact details – name, address, telephone number, email address
- Next of kin/emergency contacts
- Contracts: Terms of employment, Trust & Confidentiality Agreement
- D.O.B.
- N.I numbers for payroll / pension
- Bank account details for payroll
- CVs
How we use your information (Lawful basis for processing personal information):
We process personal information to enable us to provide a service in which we design, test and demonstrate software; promote our services; maintain our accounts and records and to manage our staff.
We may use and process your personal information for several purposes, on the basis of the following legitimate interests:
- New Leads – we need to be able to contact you to discuss our services, offer you a proposal based on your business requirements and tailored to the resources you use; to issue Non-Disclosure Agreement paperwork and new contracts
- Clients – to liaise with you; carry out an Audit and Risk Report on your sites; to provide a support service for your application(s); carry out development work; raise invoices; provide new services and contracts as requested / as necessary
- Staff – to fulfil our Management and HR roles
Keeping your personal information secure:
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and company procedures to safeguard and secure the information we collect. Siftware Employees and Contractors, have active Trust & Confidentiality Agreements / Non-Disclosure Agreements in place.
Only Siftware employees have access to network drive folders and applications where information is stored. Secure Password protection is in place, and our Developers are only given specific access to systems, if relevant to the projects they are working on.
Whilst we work on Development and Maintenance projects for our clients, any personal data received from the client is obfuscated and is not kept on our servers.
It may sometimes be necessary to transfer personal information overseas. When this is needed, information may be transferred to countries or territories around the world. Any transfers made will be in full compliance with all aspects of data protection legislation.
We do our best to keep the information you disclose to us online secure. However, we can’t guarantee its security. By using our Site, you accept the inherent risks of providing information online and will not hold us responsible for any breach of security.
We do not sell, distribute or lease your personal information to third parties.
Access to your information:
You have a right to access, update, amend, and/or delete personal Information we hold about you. Please contact Siftware’s Registered Office: Powys House, Market Square, Llanrhaeadr ym Mochnant, Powys, SY10 0JG, if you would like a copy of the information we hold on you.
You have a right to receive this information in a secure format.
Retention of your information:
Unless a longer retention period is required or permitted by law, we will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy policy. We have an internal Retention Policy where there are varying retention periods for different categories of information depending on our legal obligations and whether there is a commercial need, such as answering customer account queries. After a retention period has elapsed, the data is deleted.