The following privacy policy applies from 19th May 2018

Introduction

First Option Technical Support Limited ('FOTS') is committed to protecting your privacy and this Privacy Policy tells you how we collect, use and disclose your personal data.

This Privacy Policy has been drafted to comply with the legal standards that currently exist in the United Kingdom and will be modified as FOTS determines is necessary to satisfy or exceed legal requirements.

We reserve the right to modify this Privacy Policy at any time by notifying our customers, via the main FOTS website (www.technicalsupport.net), of a new or revised Privacy Policy.

If you would like further information on this Privacy Policy or about FOTS use of your personal data, we encourage you to contact privacy@technicalsupport.net.

For details concerning your rights under the General Data Protection Regulation (GDPR), and other applicable legislation, contact the Information Commissioner's Office (ICO) .

Please note that this Privacy Policy covers data management where FOTS qualifies as the Data Controller under the GDPR, except where otherwise noted.

Where lawful bases of processing are noted (for example, contract, legal obligation or consent), FOTS in all ways manages individual rights in relation to these lawful bases in line with the ICO's guidance on the GDPR.

Where the lawful basis for holding data is noted in this Privacy Policy as being consent, You have the right to withdraw that consent.

You have the right to lodge a complaint with the ICO as the supervisory authority if you have an issue in relation to our treatment of Your data.

Contents

1. PERSONAL DATA
2. HOW WE USE PERSONAL DATA
3. SUPPORT SERVICES
4. MARKETING
5. OUR WEBSITES AND COOKIES
6. LINKS TO NON-FOTS WEBSITES
7. PROTECTION OF PERSONAL DATA
8. QUESTIONS, UPDATING DATA AND PREFERENCES

1. PERSONAL DATA
   1. "Personal data" (as defined by the GDPR) means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people.
   2. Personal data that can be used to identify you as an individual includes your:
      1. name
      2. mailing address
      3. telephone number
      4. credit card number
      5. email address
      6. marketing preferences
      7. information collected via cookies
      8. log-in credentials (of customer account)
      9. IP address.
   3. Examples of non-personal data include:
      1. business name (when the business is a corporate entity)
      2. business entity type (e.g. LLP, Limited Company, etc.)
      3. website address
      4. non-personal information provided in communications with FOTS
      5. non-personal information about your computer and your business environment.
   4. No sensitive personal data (as defined by the GDPR) is collected by FOTS.
   5. We may be obliged to record your IP address by HMRC as an online merchant, in order to determine your country of purchase under the EU VAT MOSS Regulations. To determine this information your IP address may be shared with a third party application programming interface (API). These actions in regard to personal data are performed on the lawful basis of legal obligation as described in the GDPR and FOTS only retain the data for the duration of the ordering process.
   6. Personal Data can also be included within data gathered about your systems once you have purchased a product, such as your type of operating system and its version, other aspects of your IT infrastructure environment, as well as your operating environment. These actions in regard to personal data are performed on the lawful basis of contract as described in the GDPR.
   7. We may collect your Personal Data through a number of sources, including:
      1. purchase orders
      2. website registration
      3. enquiries and information provided in communications with FOTS
      4. software usage
      5. visits to and use of our websites (e.g. browser type and version, operating system, referral source, length of visit, page views and website navigation paths, etc.)
      6. third parties who have advised that they are authorised to share your personal data with us.
   8. Personal Data gathered directly from customers during purchase ordering, website registration or enquiries are centrally managed in a Customer Relationship Management System (CRMS). These actions in regard to personal data are performed on the lawful basis of contract as described in the GDPR. This personal data is kept for the duration of any ongoing business or software usage, and for six years thereafter.

[Contents]

2. HOW WE USE PERSONAL DATA
   1. Certain personal data, such as names, contact details and online identifiers, are required for us to supply products and services that you have requested, carry out an agreement with you or take any steps that you have requested. These actions in regard to personal data are performed on the lawful basis of contract as described in the GDPR. Examples of additional required uses of your personal data include:
      1. licensing products and services via the internet - in these instances, any information collected in this process will be transmitted over a secure connection to our servers
      2. updating you as to the status of your order
      3. alerting you to important product revisions or updates to an FOTS product/service you have purchased, normally via email (please note that it is not possible to opt out of these 'service level' communications)
      4. ensuring that you are properly registered to receive technical support
      In each of the cases above, the data is retained for as long as you are a FOTS customer and for a further seven years thereafter.
   2. In the event that you submit personal data by telephone, we may record calls and/or calls may be live monitored to:
      1. provide evidence of your order or transaction with us
      2. ensure that we comply with relevant regulatory procedures
      3. see that quality standards or targets are being met
      4. protect the interests of national security
      5. prevent or detect crime
      6. investigate the unauthorised use of a telecommunications system
      7. secure the effective operation of our telecommunications system.
   3. In addition to the uses mentioned above, we may also use your personal data for the following additional purposes and direct marketing ("Additional Purposes"). These actions in regard to personal data are performed on the lawful basis of consent as described in the GDPR.
   4. Examples include where you have given us appropriate permission to:
      1. advise you about new FOTS products and services, as well as special discounts on FOTS products and services.
      2. provide business, sector and market-relevant news updates.
      3. Additionally, from 25 May 2018, the following contact methods have been separated out for the purposes of direct marketing consent:
         - via email (FOTS's default contact method)
         - via telephone
         - via mail
         
   5. These Additional Purposes for your personal data can be managed in your customer account of the FOTS website. If you want to give or withdraw your consent to receiving Marketing Materials in any medium, simply notify FOTS (see Privacy Policy Questions, Updating Your Personal Data and Preference Notifications, below). If you advise FOTS that you do not want to receive any Marketing Materials at all, FOTS shall not be able to provide you with information concerning special discounts and offers for which you may be eligible, advisories regarding new products or services that may be of interest to you or warnings regarding impending government deadlines.
   6. Occasionally, we may invite you to participate in a survey or provide additional personal data that will enable us to better understand and serve your needs. Any information request marked as optional gives you the freedom to decide whether to respond and you will also be given the option to either supply information anonymously (to be used as aggregate data only) or not (in which case it is supplied on the lawful basis of consent). Please keep in mind that all information you choose to provide may be used to personalise and improve our customer service operations. Whether aggregate or not, the data will only be kept for three years.
   7. You are responsible for keeping appropriate copies of your own data.
   8. In each of these cases, the data is retained for as long as you are an FOTS customer and for a further seven years thereafter. However, your account will be marked as dormant following four years' inactivity and you will not be contacted following this time for Additional Purposes.
   9. To help us improve our products and services and develop new ones, we may also create aggregate data that uses your personal data but in a manner that does not identify you as an individual.
   10. In order to provide you with support on any technical issues that you may encounter, we may carry out the following to help diagnose and remedy the issue:
       1. Ask to initiate a debug log. This collects 'debugging' information from your computer, including login strings and configuration data. This is used to help locate, diagnose and troubleshoot operating problems.
       2. Ask for you to send a health check. This gathers information about your computer itself, such as its name, OS version details, installed programs and the like. This is also used to help locate, diagnose and troubleshoot operating problems.
       3. Ask to access your system via a remote login service. This service will be provided by a third party under license with and operated by FOTS. The third party will also abide by their own Privacy Policy. FOTS may record these sessions for up to 12 (twelve) weeks. This kind of service is used to remotely navigate your computer in order to troubleshoot complex issues, as well as to securely transfer files between FOTS and yourself.
       4. In any of these situations, FOTS remains the Data Processor maintaining the service or product on the instruction of the Data Controller.
   11. FOTS may use certain third-party service providers to help us fulfil your requests and maintain our business practices. For example, we may use third party service providers to:
       1. process your credit card payments or ship to you a product that you ordered
       2. manage email and ad campaign operations
       3. monitor and assess the usage and behaviour of visits to the FOTS website.
   12. In these instances, these third-party service providers are under a contractual duty to restrict their use of personal data to the limited purpose(s) specified by FOTS, which at all times shall be consistent with this Privacy Policy.
   13. FOTS uses Stripe to handle card payments, who are audited by the Payment Card Industry Security Standards Council (PCI-SSC). In the case of a Pay By Instalment Arrangement (and only when specifically arranged as such under our Terms & Conditions of Sale), FOTS only acquires an authorised token from the card payment processor for use in recurring payments - your full card details are still only held with Stripe.
   14. FOTS may also upload email addresses in hashed format to social media platforms (including but not exclusively Facebook, Twitter, LinkedIn) in order to help target specific ad campaigns to sectors. These actions in regard to personal data are performed on the lawful basis of legitimate interest as described in the GDPR, as we wish to specify the relevance of any material users may encounter.
   15. FOTS may choose to use a third party processor to implement its email campaigns. The third party processor does not use the email addresses stored for their own purposes; they are purely a Data Processor.
   16. In the case of visitors identified by our website analytics as using business IP addresses, we may also use publicly available information on those businesses to contact them and offer further aid in reviewing and purchasing our services. This does not apply to personal customers or consumers, only businesses and practices registered with Companies House.
   17. When entering an address into our website, we may offer the ability to lookup Your address using a postcode. This functionality is provided by sharing the postcode with a third party service provider using an application programming interface (API).
   18. Unless otherwise specified in this Privacy Policy, your personal data will not be transferred to a third party for their independent use without your express consent. FOTS does not give trade references and does not 'sell on' or share your personal details without your consent.
   19. You should be aware that there are very limited instances under law in which we may be required to disclose the personal data of our customers. If such an instance arises, we shall only release that personal data as required by law. These actions in regard to personal data are performed on the lawful basis of legal obligation as described in the GDPR.
   20. FOTS limits the processing of data by third parties wherever possible. Occasionally we need to share limited information as part of our delivery of services so as to achieve a resolution to technical problems.

[Contents]

3. SUPPORT SERVICES
   1. In order to deliver our support services effectively, we may store details of your business and your users for the purposes of providing a high quality personalised service.
   2. Your operating system type and version may be gathered and recorded in our support ticket logging system.
   3. Where we are providing support services in respect of third party software, systems and cloud services, we may need to share elements of your data with the relevant provider in order to achieve a resolution of the problem.

[Contents]

4. MARKETING
   1. You have control over the ways in which we initiate contact with you to provide you with information and materials on our services.
   2. We may from time to time extend our services with free and chargeable options. We will advise you as an existing client of all modifications and extensions to our services, and provide you an opportunity to subscribe to additional features and services.
   3. FOTS only acquires personal data with consent as defined in the GDPR. Any data received via a third party will be rigorously assessed to ensure GDPR adherence and handled as per this Privacy Policy, though please be aware that third parties will have their own privacy and data collation terms.

[Contents]

5. OUR WEBSITES AND COOKIES
1. Our websites may use cookies to improve your user experience. Continued use of our sites requires consent. When browsing, we assume that you consent to our use of cookies.
2. Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user's device, enabling online shopping carts, remembering choices you have made and so on. You can find more information about cookies at: www.allaboutcookies.org and www.youronlinechoices.eu. For a video about cookies visit https://www.google.com/policies/technologies/cookies/.
3. The cookies used on our websites will be categorised in accordance with the ICO UK Cookie guide.
   1. Category 1: Strictly Necessary Cookies
   Category 1 cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. Without these cookies services like a shopping basket cannot be provided. Category 1 cookies are implemented on the lawful basis of legitimate interest as described in the GDPR, as we genuinely cannot run the website effectively without them.
   2. Category 2: Performance Cookies
   Category 2 cookies collect information about how you use the website, for instance which pages you go to most often and if you get error messages from web pages. These cookies don't collect information that identifies you and all information these cookies collect is aggregated and therefore anonymous. It is only used to improve how the website works. Category 2 cookies are implemented on the lawful basis of legitimate interest as described in the GDPR, as we wish to maintain the performance integrity of our website.
   3. Category 3: Functionality Cookies
   Category 3 cookies allow the website to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites. Category 3 cookies are implemented on the lawful basis of legitimate interest as described in the GDPR, as we wish to maintain the functionality and easy usability of our website.
   4. Category 4: Targeting or Advertising Cookies
   We currently do not implement targeting or advertising cookies. In future we may choose to do so in order to legitimately develop our business.
   5. When you visit our website we may use these cookies to collect information about your activities that may directly or indirectly identify you. This information may include the content you view, the date and time that you view this content, the products you purchase, or your location information associated with your IP address. We may use the information we collect to serve you more relevant advertisements (referred to as 'Retargeting') or to measure 'Conversions' on our site. This information can include where you saw the ads we serve you and what ads you clicked on. Category 4 cookies are implemented on the lawful basis of consent as described in the GDPR.
4. We may also use Google's third party audience data such as, such as interests and commonly visited websites, to better understanding the behaviour of our customers. For example, you may see our ads on other websites because we contract with Google and other similar companies to target our ads based on information we or they have collected, including information that was collected through automated means (such as cookies and web beacons). These companies also use automated technologies to collect information when you click on our ads, which helps track and manage the effectiveness of our marketing efforts.
5. We may also make use of social network cookies from LinkedIn, Twitter and Facebook. These cookies may store anonymous demographic data from the relevant social network. For example, LinkedIn data can include company size, industry, job function and seniority level but does not include any personally identifiable information.
6. We may make use of services to place cookies on your browser for targeted advertising purposes. These cookies track device and browser information, as well as activity on the FOTS website, to help target our ads based on information the third party service has collected.
7. There are general options (unrelated to FOTS) available for opting out of various web services' automated collection of information. Examples on how to do this can be found at http://www.youronlinechoices.com/uk/.
8. If you do not accept these cookies and would like to purchase an FOTS product or service, you may complete most transactions by contacting us as explained in the final section below.
9. If you submit a Curriculum Vitae via email or via a Careers page on our website, please be aware that we will retain this information for up to 6 (six) months and then remove it from our systems (unless we offer employment and you become a member of staff). These actions in regard to personal data are performed on the lawful basis of consent as described in the GDPR.
10. The FOTS website's operating system processes functional data in order to operate, which may include data determined to be personal data (for example, IP addresses). These functions are not based on cookies. Any personal data collected in this manner by the fundamental website logging are performed on the lawful basis of legitimate interest as described in the GDPR, as such logging is required for the website's continued operation. It will also be automatically deleted within four weeks.

[Contents]

LINKS TO NON-FOTS WEBSITES

1. Our Website may provide links from our Website to third party Websites. If you click on a banner advertisement or third party link, the "click" will take you off the FOTS website. Once you leave any FOTS website, any information that you provided to us remains with us and is not forwarded to the next site to which you have linked.
2. Any personal data or other information that is collected by, or which you choose to provide any third party website will be subject to the privacy policy of the operators of the third party website. FOTS is not responsible for the use or protection of personal data you disclose to a third party website operator, even if reached from an FOTS website.
3. Any site that is an FOTS co-branded website will clearly identify both FOTS and the third party, and any personal data or other information collected through these co-branded sites may be collected and used by both FOTS and the third party unless otherwise stated on that co-branded site.

[Contents]

PROTECTION OF PERSONAL DATA

1. All personal data is collected and stored in a secure manner and is used strictly in relation to this policy, any other applicable FOTS policies and your stated privacy preferences.
2. The methods we use to do so are strictly confidential, both commercially and technically as publication in detail might reduce the intended protections. We maintain an Information Security Policy, and where appropriate and justified, we may share it or elements of it to parties with a legitimate interest.

[Contents]

QUESTIONS, UPDATING DATA AND PREFERENCES

1. We can answer questions about this Privacy Policy, as well as help you to review and update your personal data as maintained by FOTS.
2. ICO registered details:
   1. Our ICO registration reference is ZA237445.
   2. We are not required to appoint a Data Protection Officer. Instead please address any queries to Duty Manager.
   3. Our registered address is Signal House, Jacklyns Lane, Alresford, Hampshire, SO24 9JJ, Tel : 0333 900 1333 Email: privacy@technicalsupport.net
3. Our online Information Security Policy covers our security stance and provides details of the measures taken to protect personal and non-personal data.
4. At any time you may change your preferences as to the use of your personal data or receipt of Marketing Materials. You may also as an individual request copies of the personal data held by FOTS, though some types of information may not be disclosed to individuals where exemptions under law apply (e.g. information relating to third parties in particular circumstances).
5. All such communications and inquiries should be sent to privacy@technicalsupport.net or mailed to the Data Privacy Team, First Option Technical Support Ltd, Signal House, Jacklyns Lane, Alresford, SO24 9JJ.
6. Please be sure to include sufficient information for us to verify your identity, locate your file (if applicable) and respond to your inquiry. You should also include your mailing address if you would like us to send you any written materials.
7. FOTS reserves the right to take reasonable steps to verify any requests for personal data it receives.

[Contents]

First Option Technical Support
(a Phoenix47 company)
IN-SOURCED white label support
Your Brand : 24x365

Registered in England 08777978

Signal House,
Jacklyns Lane,
New Alresford,
Hampshire,
SO24 9JJ