Connexin Customer Privacy Policy

1. WHAT IS THIS?

At Connexin we take privacy seriously and we are committed to protecting it. Collecting and holding your personal data is a serious responsibility, and we want you to know that we are handling it properly and lawfully.

This policy explains when and why Connexin and companies in our group (which means our subsidiaries, our ultimate holding company and its subsidiaries from time to time, as defined in section 1159 of the UK Companies Act 2006) collect personal data about individuals, how this data is used, the conditions under which it may be disclosed to others and how it is kept secure.

This policy may change from time to time so please check this page occasionally to ensure that you’re happy with any changes.

2. WHO WE ARE

Our group is made up of a number of individual companies. Whenever dealing with one of our group companies, the ‘controller’ of your personal data in relation to the processing activities described below will be the company that corresponds with the details below. A ‘controller’ is an organisation that decides why and how your personal data is processed.

  • Connexin Limited (company number 5823408 and registered address 9th Floor, 107 Cheapside, London, EC2V 6DN)
  • Pure Broadband Limited (company number 06823313 and registered address Unit 1, Estuary Business Park, Henry Boot Way, HU4 7DY)
  • Wisper Broadband Limited (company number 08576102 and registered address 9th Floor 107 Cheapside, London, United Kingdom, EC2V 6DN)
  • Connexin (U.K.) Limited (company number 12873608 and registered address 9th Floor 107 Cheapside, London, United Kingdom, EC2V 6DN)
  • Connexin Infrastructure Limited (company number 14539431 and registered address 9th Floor 107 Cheapside, London, United Kingdom, EC2V 6DN)
  • Connexin Digital Limited (company number 14539924 and registered address 9th Floor 107 Cheapside, London, United Kingdom, EC2V 6DN)
  • Connexin Networks Limited (company number 12875251) and registered address 9th Floor 107 Cheapside, London, United Kingdom, EC2V 6DN)

Where this policy refers to “we”, “our” or “us” below, unless it mentions otherwise, it’s referring to the particular company that is the controller of your personal data.

3. HOW WE COLLECT YOUR PERSONAL DATA

The categories of personal data we collect about you and the way in which we collect it are as follows:

Personal data you give to us: This is information about you voluntarily given to us by entering information via:

  • our websites;
  • your online account with us;
  • our mobile apps;
  • connecting to our WiFi hotspot;
  • our social media platforms (such as Twitter and Facebook); and/or
  • corresponding with us by phone, post, SMS, online chat, email, or otherwise.

This includes information provided at the time of registering to use our site, contacting us in relation to the services we provide or making an enquiry about our services, uploading information, requesting further services, managing your customer account (including accessing documentation) and engaging in correspondence with us by phone, email or otherwise.

We may also ask you for information when you report a problem with our website.

If you complete any surveys that we request you complete for research purposes, we will collect information in such circumstances as well.

The categories of personal data that may be collected voluntarily (depending on your relationship to us) includes: name, gender, email addresses, address (including geographical job notes), contact telephone numbers, title, enquiry details, date of birth, cardholder and payment details (including direct debit details), job title / business name, credit history, security pins / details, relationship to the account holder, legal information relating to claims made by you or against you, information contained in our correspondence or other communications with you about our services or business (including responses to any surveys), and your marketing preferences. We may also collect sensitive personal data where it is proportionate and necessary to do so, including information relation to your health or disabilities to enable us to consider any adjustment requirements or information to assess your vulnerability to enable us to identify and support any vulnerable customers.

Personal data we collect about you: We may automatically collect the following information: details of transactions you carry out through our website, and your visits to our website, including, but not limited to, traffic data, location data, weblogs and other communication data, the resources you access, and the number and frequency of your visits. We may also automatically collect technical information, including anonymous data collected by the hosting server for statistical purposes, the Internet protocol (IP) address used to connect your computer or device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. We may also collect any personal data which you allow to be shared that is part of your public profile or third party social network, type and version, time zone setting, browser plug-in types and versions, operating system and platform.

Personal data we may receive from other sources: We may have obtained your personal data from a third party company as a result of a sale of that company’s business and assets to us. We also obtain certain personal data about you from sources outside of our business which may include our group companies or other third party companies, such as resellers, local authorities, partners, or marketing companies. We offer some of our services on or through other websites and the personal data that you provide to those sites may be sent to us in order to deliver the service. We may also obtain personal data about you when we are working on bids or tender opportunities, including where we are working on a joint bid with one or more other third-parties as part of a consortium arrangement. The personal data we receive from third party sources is described within the two paragraphs above.

4. HOW WE USE YOUR PERSONAL DATA

The purposes for which we use your information and the legal basis under data protection laws on which we rely to do this are explained below.

Performance of a contract with you or to take steps to enter into it. We may use and process your personal data where we have supplied you (or continue to supply you) with any services, where we have arranged for the supply of another company’s products or services to you, or where you are in discussions with us about any service. We will use this information in connection with the contract for the supply of services when it is needed to carry out that contract or for you to enter into it.

Legitimate interests as a business or that of a third party for the following purposes:

  • for analysis to inform our business and marketing strategy, to help us understand how our website is used and by whom, to research customer demographics, interests, and behaviour, and to assist, enhance and personalise customer experience (including with customised services and to make improvements to our services and website);
  • for marketing activities (other than where we rely on your consent to contact you);
  • to correspond or communicate with you and assist with management of your account;
  • to verify the accuracy of data that we hold about you and create a better understanding of you as a customer;
  • to monitor the quality of our support to customers and your communications with us;
  • to assess and improve our service to customers and to provide staff training within the business (including through PCI-DSS compliant recordings of any calls with our contact centres);
  • for business administration, including statistical analysis;
  • for network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;
  • to comply with a request from you in connection with the exercise of your rights under data protection laws (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
  • for the management of enquiries, queries, complaints, or claims;
  • for prevention of fraud and other criminal activities; and
  • for the establishment and defence of our legal rights.

Compliance with a legal obligation. We will use your personal data to comply with our legal obligations: (i) to assist any public authority or criminal investigation body; (ii) to identify you when you contact us; and/or (iii) to verify the accuracy of data we hold about you.

Vital interests. We may use your personal data to contact you if there are any urgent health and safety notices to communicate to you or where we otherwise reasonably believe that the processing of your personal data will prevent or reduce any potential harm to you. It is in your vital interests for us to use your personal data in this way.

Consent. We may use and process your personal data where you have consented for us to do so for the following purposes:

  • to send you direct marketing communications. Please see Marketing at section 11 below for more information, including how to withdraw your consent; and
  • to make adjustments for anyone with a disability or vulnerability who uses our services and to eliminate any barriers to accessing our services in accordance with our legal obligations. Our processing of special category data, such as health information you give us, will require your consent. We will always request your explicit consent before using any sensitive personal data about you and you have the right to withdraw your consent at any time.

5. DATA ANONYMISATION AND USE OF AGGREGATED INFORMATION

Your personal data may be converted into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from it. Aggregated data cannot be linked back to you as a natural person. We may use this data to share with our investors or for promotional, analytical and research purposes. This information may be collected by cookies placed on our website.

6. OTHERS WHO MAY RECEIVE OR HAVE ACCESS TO YOUR PERSONAL DATA

When disclosing your personal data to third parties, we will always take steps with the aim of ensuring that your privacy rights continue to be protected.

We may disclose your information to the following third parties:

Group companies. We may share your information with other companies within Connexin group. They may use your personal data in the ways set out in this policy in connection with the services offered by the group and for internal business management purposes.

Our suppliers and service providers. We may disclose your information to our third-party service providers, advisors, agents, subcontractors, and other organisations for the purposes of providing services to us or directly to you on our behalf. Such third parties may include our cloud service providers (such as hosting and email management), IT providers, professional advisors (including accountants and lawyers), advertising and marketing agencies, communication fulfilment service providers, network or telecommunications service providers, external subcontractors such as technicians and engineers, and administrative service providers. We also use a number of third-party software providers to manage, operate and host our customer management systems and functionalities within them, including Hubspot, ZenDesk, Salesforce, Sendgrid, Mailchimp, Xero, and Anxiter. When we use third party service providers, we only disclose to them any personal data that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.

Credit/debit card payment processors. When you make a payment online, your credit/debit card payment is processed by a third-party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions. Our current payment processors are Chargebee, Stripe, and GoCardless. If you have any questions regarding secure transactions, please contact us using the details at the end of this policy.

Customer satisfaction surveys. As customer satisfaction is important to us, we may ask a third-party research company to contact you for the sole purpose of gathering general information and specific information relating to us and our services.

Business sale or restructure. We may transfer your personal data to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation. It also includes in the event of any liquidation, dissolution, or administration.

Legal obligation. We may also transfer your personal data if we’re under a duty to disclose or share it in order to comply with any legal obligation, to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors and customers.

7. WHERE WE STORE YOUR PERSONAL DATA

All personal data you provide to us is stored on our secure servers which are located within the United Kingdom and/or the European Economic Area (EEA).

If at any time we transfer your personal data to, or store it in, countries located outside of the United Kingdom or the EEA (for example, if our hosting services provider changes) we will ensure that appropriate safeguards are in place for that transfer and storage as required by applicable law. This is because some countries do not have adequate data protection laws equivalent to those in the United Kingdom and EEA.

8. HOW LONG WE KEEP YOUR PERSONAL DATA FOR

If we collect your personal data, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. We do not retain personal data in an identifiable format for longer than is necessary for the purposes for which we collect it unless we believe that the law requires us to preserve it.

If you have made an enquiry or contacted us (via our website or otherwise) in relation to our services, we will store your information for as long as is reasonably required to deal with your enquiry.

If you become a customer and open an account with us, we will retain your personal data for as long as you are an active customer. If your account is closed and we cease providing you with services, we will retain your personal data in case of any queries from you or in case you decide to re-activate your account for a period of 24 months from the date your account is closed.

If you have contacted us with a complaint, we will store your personal data for as long as is reasonably required to resolve your complaint.

If you have signed up to receive email marketing from us, we will store your personal data for as long as you are subscribed to our email marketing list (even if you are no longer an active customer). If you unsubscribe, we will keep your email address on our suppression list to ensure that we do not send you marketing emails.

For further information regarding our retention periods, please contact us using the details at the end of this policy.

When it is no longer necessary to retain your personal data, we will delete the personal data that we hold about you from our systems. After that time, we may aggregate the data (from which you cannot be identified) and retain it for analytical purposes.

The exceptions to the above are where:

  • we need your personal data to establish, bring or defend legal claims or to comply with a legal or regulatory requirement;
  • the law requires us to hold your personal data for a longer period, or delete it sooner;
  • you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law, or you exercise your right to require us to retain your personal data for a period longer than our stated retention period (see Erasing your personal data or restricting its processing in section 12 below); or
  • in limited cases, the law permits us to keep your personal data indefinitely provided we put certain protections in place.

9. SECURITY AND LINKS TO OTHER SITES

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted to our website and any transmission is at your own risk. Once we have received your personal data, we put in place reasonable and appropriate controls to ensure that it remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access.

Where we have given (or where you have chosen) a password or security pin which enables you to access an account, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Our website may contain links to other websites run by other organisations. This policy does not apply to those other websites‚ so we encourage you to read their privacy statements. We cannot be responsible for the privacy policies and practices of other websites even if you access them using links that we provide. In addition, if you linked to our website from a third-party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that third party website.

10. COOKIES

Like many other websites, our website uses cookies to obtain an overall view of visitor habits and visitor volumes to our website). ‘Cookies’ are small pieces of information sent to your computer or device and stored on its hard drive to allow our websites to recognise you when you visit.

It is possible to switch off cookies by setting your browser preferences. For more information on how we use cookies and how to switch them off on your device, please visit our Cookies Policy on our website.

11. MARKETING

We may collect your preferences to receive marketing information about our services (including special offers and new products) directly from us by telephone, email, SMS, or post in the following ways:

  • if you make an enquiry or register for an account with us online and indicate that you would like to receive marketing information from us;
  • if you sign up to our newsletter via our website or other medium where available; or
  • when you refresh your marketing preferences when responding to a request from us to do so.

We may contact you with marketing information with targeted advertising delivered online through social media and platforms operated by other companies by using your personal data or use your personal data to tailor marketing to improve its relevance to you unless you object.

You have the right to opt-out of our use of your personal data to provide marketing to you in any of the ways mentioned above. Please see Withdrawing your consent and Objecting to our use of your personal data and automated decisions made about you in section 12 for further details on how you can do this.

12. YOUR RIGHTS

You have a number of rights in relation to your personal data under data protection law. In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us to search for your personal data. Except in rare cases, we will respond to you within one month from either: (i) the date that we have confirmed your identity; or (ii) where we do not need to do this because we already have this information, from the date we received your request.

Accessing your personal data. You have the right to ask for a copy of the personal data that we hold about you by emailing or writing to us at the address at the end of this policy. We may not provide you with a copy of your personal data if this concerns other individuals or we have another lawful reason to withhold that information.

Correcting and updating your personal data. The accuracy of your information is important to us, and we are always working on more efficient ways to make it easier for you to review and correct the information that we hold about you. If you have an online account with us, you can update your details on here if you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date. Alternatively, please let us know by emailing or writing to us at the address at the end of this policy if you want us to update or correct the information we hold about you.

Withdrawing your consent. Where we rely on your consent as the legal basis for processing your personal data, you may withdraw your consent at any time. If you would like to withdraw your consent to receiving any direct marketing to which you previously opted-in, you can do so using the unsubscribe tool in the email, or by contacting us at the details at the end of this policy. If you withdraw your consent, our use of your personal data before you withdraw is still lawful.

Objecting to our use of your personal data and automated decisions made about you. Where we rely on your legitimate business interests as the legal basis for processing your personal data for any purpose(s), you may object to us using your personal data for these purposes. Except for the purposes for which we are sure we can continue to process your personal data; we will temporarily stop processing your personal data in line with your objection until we have investigated the matter. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise, we will provide you with our justification as to why we need to continue using your data. You may contest a decision made about you based on automated processing. You may also object to us using your personal data for direct marketing purposes and we will comply with your request. If you would like to do so, please use our unsubscribe tool or contact us at the details at the end of this policy.

Erasing your personal data or restricting its processing. In certain circumstances, you may ask for your personal data to be removed from our systems by emailing or writing to us at the address at the end of this policy. Unless there is a reason that the law allows us to use your personal data for longer, we will make reasonable efforts to comply with your request. You may also ask us to restrict processing your personal data where you believe it is unlawful for us to do so, you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings. In these situations, we may only process your personal data whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes or in connection with legal proceedings.

Transferring your personal data in a structured data file (“data portability”). Where we rely on your consent as the legal basis for processing your personal data or need to process it in connection with your contract, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file. You can ask us to send your personal data directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal data if this concerns other individuals or we have another lawful reason to withhold that information.

Complaining to the data protection regulator. You have the right to complain to a data protection authority, which in the United Kingdom is the Information Commissioners Office (ICO), if you are concerned about the way we have processed your personal data. Please visit the ICO’s website at https://ico.org.uk/ for further details.

13. CHANGES TO THIS POLICY

We may review this policy from time to time and any changes will be notified to you by posting an updated version on our website and/or by contacting you by email. Any changes will take effect 7 days after the date of our email or the date on which we post the modified terms on our website, whichever is the earlier. We recommend you regularly check for changes and review this policy whenever you visit our website. If you do not agree with any aspect of the updated policy you must immediately notify us and cease using our services.

This policy was last updated on 22nd February 2023.

14. CONTACT US

Please direct any queries about this privacy policy or about the way we process your personal data using our contact details below.

  • Email: Our email address for data protection queries is [email protected]
  • Post: If you wish to write to us, please write us at DPO, Connexin Limited, K3 Business Park, 200 Clough Road, Hull. HU51SN
  • Phone: If you would prefer to speak to us by phone, please call 01482 363738

Privacy Policy Query