At Gladserv we have had a strong interest in privacy for many years and we welcome the new interest in keeping personal data safe.
The Data Protection Officer (DPO) at Gladserv is Brett Sheffield. The DPO is responsible for making sure that the company does everything this Privacy Notice says. You can contact Brett at firstname.lastname@example.org for any queries including about this privacy notice. We may require identification in order to discuss requests relating to your personal data.
Gladserv is a registered Data Controller with the Information Commissioner's Office (ICO). Our Registration number is ZA243688.
The following applies to the personal data of anyone we have contact with:
The UK Information Commissioner is the advice and enforcement office for the European law known as the GDPR. The EU regards privacy as a fundamental democratic right and has set up the EU Data Protection Agency to defend it. You can read here about your many rights to data privacy, including to ask us to do things including: show you what personal data we hold; correct or delete your personal data; or pass all your personal data on to some other company.
There are two kinds of personal data we deal with: personal data controlled by our customers, and personal data we collect.
Many of our customers trust us to handle their data (all sorts of data), and the contract tells us what they want us to do with it, for example, back it up securely or make it available on shared network drives for them, or make their email work smoothly. We might be looking at their computers on their premises, or we might be storing data for them on our servers in a data centre, or some other arrangement. In all cases we don't know what is in this customer data and it is none of our business. We do know that it very likely has personal data controlled by the customer. That makes us a processor of this personal data, and our responsibilities under the GDPR are clear. The customer’s responsibilities as the controller are also clear. For example, it is the customer who must respond to an individual’s request to have their personal data corrected or removed, not Gladserv.
The most important point is that the customer tells Gladserv in the contract how they want their data handled.
If you are a customer, prospective customer, website visitor or anyone else, we will collect your personal data when you visit our website, send us an email or give us a phonecall etc. This data can include your name, your IP address, your email address and so on. We are the controller of this data according to the GDPR, and you have rights.
There are two rare cases where we may be required to give your data to a third party (as opposed to where we choose to, such as giving your address to a courier company). The two cases are:
We would aim to make rigorous enquiry before agreeing to any such request. In addition, we would be pleased to offer you consulting on how to encrypt your data, so that even if it is seized it will hopefully be unreadable. The GDPR encourages strong encryption of data.
There is a reason for all the personal data we collect, although the reason varies. The reasons include:
The GDPR calls this “the lawful basis of processing” and you can read what the ICO says about it. We have carefully considered Article 6 of the GDPR and how it applies to what we do.
Examples of the cases where we may share data with third parties include:
Financial reasons: If you don’t pay us for the services you have contracted us to provide, and we pass your details to a debt collector.
Legal reasons: If a court or other government-authorised body orders us, or we are in dispute with you, we have to disclose personal information (such as our record of who you are) to the court or other body.
Practical reasons: We often coordinate services on behalf of customers, including broadband suppliers, postal couriers, domain name providers. Each of these services needs some degree of identifying data which may well include your personal data to do a delivery, connect a phone line, or create a domain registered to you.
Administrative reasons: Sometimes our accountant, lawyer, auditor or other occasional professional will need some customer personal information to do their job.
Commercial reasons: Sometimes customers come to us via a reseller, in which case there may be an exchange of personal data between us and the reseller, depending on how the customer chooses to manage that relationship.