Bespoke Connected Limited and all its associated companies are compliant with, and continually monitor and update processes and policies to ensure compliance with, the GDPR, Data Protection Legislation and the PECR. As part of the various services and products we offer our customers, and this includes system maintenance, we may hold or have access to data that can identify individuals in order to be able to provide our customers with the services, products and support that is agreed through our contracts. In all instances, access to such data is controlled and limited to specific individuals.
Where We Collect Personal Information From
We may collect personal information about you (or your business) from these sources:
Where we collect personal information from,
Data you give us:
- When you talk to us on the phone or in person with our sales team
- When you use our websites
- In emails and letters
- When you buy our products and services – this includes banking details for billing
Data from third parties:
- Companies and people who know you that pass us your details
- Credit reference agencies
- Reputable data suppliers
We also obtain data from publicly available sources such as information held in Companies House, and information about you that is openly available on the internet.
Who We Share Your Personal Information With
Bespoke Connected Limited will not pass on your personal data to third parties unless: it is a requirement of the service or product you have with us, where this will be detailed within the contract, if it is a prerequisite to the service or product you intend to have with us, you will be notified beforehand, or it is a legal requirement to do so.
- Network service providers who provide the service agreed in your contract
- Other service providers if purchased through us, e.g. insurance companies
- Companies we have a joint venture or agreement to co-operate with
- Companies we have contracts with, to provide you with the services agreed in your contract, e.g. device repair centres
- If you use direct debits, we will share your data with the Direct Debit scheme
- Debt collection agencies or other debt recovery organisations
- Law enforcement agencies, regulatory organisations, courts or other public authorities if we have to, or are authorised to do so by law
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets as part of the process of evaluation and to ensure continuity of service
Use of Information
This explains how we collect, use and protect your personal information. This policy may be updated from time to time. Bespoke Connected Limited may collect information from you when you:
- Enroll in any marketing subscriptions from us
- Provide us with contact and other relevant information in the course of
- doing or contemplating business with us, including but not limited to engaging with our marketing material and/or campaigns.
Bespoke Connected Limited uses this information to:
- Provide our services and products to you
- Invoice you for using our services and products
- Assist us in responding to any queries you may have about our services and products
- Understand how you use our site, services and products so that we can develop and improve them
Storage of information
Bespoke Connected will store any information for:
- As long as we are legally required to; or
- as long as we need it, if we are not legally required to keep it. Bespoke Connected Limited cannot accept responsibility in relation to information that has not been securely stored and transmitted to us.
Sharing of information
Unless legally required to do so, or as part of the provision of a product or a service, we will only share your information with companies within the Bespoke Connected Limited company and the following:
- Other companies involved in delivering the services and products to you;
- Credit scoring agencies; or
- In the event of default, debt recovery specialists, including but not limited to lawyers and debt collection agencies.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances, you can ask for the data we hold about you to be erased from our records. Bear in mind, if you ask us to erase your information from our records, we may purchase data in the future that contains your information. We can however mark it as “do not contact” therefore stopping any contact we may make to you.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: in the event that Bespoke Connected Limited refuses your request
under rights of access, we will provide you with a reason as to why. You have the right to complain.
Should you wish to exercise any of these rights, please contact us via the following: email@example.com
Should there be a third party involved in the processing of your personal data, we will inform them of your request.
How The Law Protects You
As well as our Privacy Promise, your privacy is protected by law. This section explains how that works.
Data Protection law says that we are allowed to use personal information only if we have a proper reason to do so. This includes sharing it outside Bespoke Connected Limited. The law says we must have one or more of these reasons:
- To fulfil a contract we have with you, or
- When it is our legal duty, or
- When it is in our legitimate interest
A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate interest, we will tell you what that is.
When you make a request for the supply of any products or services from us or any of our business partners and during the course of any such supply we may carry out credit checks on you at any time. We will only use licensed credit references agencies but such agencies will keep a record of our search on your credit record.
We may search the electoral roll to verify your address.
We may use credit searches and other information, which is provided to us or the credit agencies, about you and those who are linked financially to you, if credit decisions are made about you, or other members of your household.
We’ll use this data to:
- Assess whether you or your business is able to afford to make payments
- Make sure what you’ve told us is true and correct
- Manage accounts with us
- Trace and recover debts
If, at any time during the provision of any goods and services to you, you fail to meet our credit conditions, we will contact you.
You can request a copy of your credit record by writing directly to the credit agencies.
Automated Decision Making
Bespoke Connected Limited does not use automated processes for decision making. We may use a credit reference agency to perform credit checks when you apply for products or services with us however this is not an automated process, we use the credit reference agency’s recommendations and then we will manually review and make our decision based on this and other factors
How Long We Hold Your Personal Information For
The length of time we retain your information is dependent on what we are holding and why we are holding it. We will not keep your information for longer that is necessary for our business or legal requirements.
Bespoke Connected Limited may process personal data for up to 7 years if you are a prospective customer and for the length of your contract plus 7 years if you become a customer. This is in keeping with our legitimate interests and contractual obligations.
We may also store personal data for up to 7 years for any of the following reasons:
- Respond to any questions or complaints
- To show that we treated you fairly
- To maintain records to comply with legal and regulatory rules that apply to us
- In keeping with our legitimate interests and contractual obligations
We may store your personal data in paper or electronic formats, both of which are stored securely and based on the guidelines as specified in ISO/IEC standards 17799, 27001 and 27002. We also have processes in place to securely dispose of data we no longer require.
We may use your personal information to tell you about relevant products and offers. This is what we mean when we talk about ‘marketing’.
The personal information we have for you is made up of what you tell us, and data we collect when you use our services, or from third parties we work with.
We study this to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
We can only use your personal information to send you marketing messages via email or text if we have your consent to do so.
We may phone you to offer these services using our ‘legitimate interest’. That is when we have a business or commercial reason to use your information. It must not unfairly go against what is right and best for you.
You can of course tell us if you wish to opt out of these calls at any time, either verbally whilst on the phone or by using the contact form on our website. If you change your mind you can update your choices at any time by contacting us.
You can ask us to stop sending you marketing messages by contacting us.
Whatever you choose, you’ll still receive other important information relating to your existing products and services. If you change your mind you can update your choices at any time by contacting us.
How To Get A Copy Of Your Personal Information (Subject Access Request)
In compliance with your rights detailed above, you can request copies of all the personal information we hold on you. This is known as a “Subject Access Request”, “SAR” for short.
There are several ways of applying:
- Complete the form on our website
- Email: firstname.lastname@example.org
- Telephone us on: 0330 311 0766
- Use the Live Chat feature on our website
- By writing to our Head Office
To make sure we are only sending the information to someone authorised to have it, we may at our discretion require you to provide two forms of ID from the below list:
- Driving licence
- Birth certificate
- Utility bill (from last 3 months)
- Current vehicle registration document
- Bank statement (from last 3 months)
- Rent book (from last 3 months)
If Things Go Wrong And You Wish To Make A Complaint
In the event that you wish to make a complaint about how your personal data is being processed by Bespoke Connected (or third parties) please contact us immediately.
Bespoke Connected GDPR Owner Contact Details
Contact Name: Harry Farmer-Hill – GDPR Owner
Address: 4500 Parkway, Solent Business Park, Whiteley, Fareham PO15 7AZ
Telephone: 0330 311 0766