Privacy Notice

SCOPE OF OUR PRIVACY POLICY

This privacy policy explains how we use any information we collect about you, how you can tell us if you prefer to limit the use of that information and the procedures that we have in place to safeguard your privacy.

For the purpose of the Data Protection Act 2018 and the General Data Protection Regulation (GDPR) (EU) 2016/679 the data controller is our Customer.

All changes to this policy will be communicated with affected parties.

SUMMARY

Your privacy is important to us. We only use the information you provide about yourself and your company when using our website or application(s) or by contacting us directly via email to answer your enquiry, to complete our Supplier & Subcontractor Evaluation form, or to help us to improve our service to you. We do not share this information with any third party except to the extent necessary to answer your enquiry if that enquiry requires the involvement of a third party.

We use return email addresses to answer the email we receive. Such addresses are not used for any other purpose and are never shared with outside parties.

INFORMATION THAT WE COLLECT

In brief, we may collect and process the following data about you:

• Customer user information in order to use the Zinc Synapse applications (Synapse) – described in more detail below
• Information in relation to suspects, victims and witnesses stored and used within Synapse – also described in more detail below
• Information that you provide to us by filling in our Supplier & Subcontractor Evaluation form. This typically includes your name, company name, insurance details, accreditations, telephone number, email address and bank payment details. This information may be used to support requests by our Clients for information on subcontractors used on our projects.
• If you contact us, we may keep a record of that correspondence.
• All technical correspondence relating to current projects you may be working on with us.
• Details of your visits to our website or applications(s) including, but not limited to, web server statistics, traffic data, location data and details of the web pages and resources that you access.

CUSTOMER USER INFORMATION

Synapse is an incident management SaaS platform, configured in a variety of ways by our clients depending on their needs. It enables users to record incident information, communicate internally within their organisation or to a wider audience (mass communication), analyse incident information for trends and to produce management information for audit purposes. For these purposes, the system allows customers to upload basic contact information into Synapse, including a user’s name, role and department, mobile phone numbers, landline number and work email address. This administration is carried out by designated customer ‘admin’ users independently from Zinc Systems. 

SUSPECT, WITNESS AND VICTIM INFORMATION

Depending on the nature of business, Synapse gives customers the capability to record information about suspects, witnesses and victims in relation to criminal activity. This could be for example relations to theft impacting our retail customers, an act of violence or an environmental crime – to name a few. In these scenarios, personal  information can be gathered by our customers and stored within Synapse for their purposes. Information on these types of subjects can include one’s name, gender, a photographic image (such as CCTV), ethnicity and contact information – all of which will be defined by our customers based on their needs. 

OUR USE OF IP ADDRESSES AND COOKIES

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to analyse aggregate information. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.

For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site or application(s) and to deliver a better and more personal service. They enable us:

• To estimate our audience size and usage pattern.
• To store information about your preferences, and so allow us to customise our site or application(s) according to user needs.
• To recognise you when you return to our site or application(s).

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log onto our site or application(s).

HOW WE PROTECT YOUR INFORMATION

All information you provide to us is stored within our secure hosting infrastructure held within Amazon Web Services (AWS). We recognise that, unfortunately, the transmission of information via the Internet cannot be guaranteed to be completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of the data that you transmit to our site or application(s); any transmission is therefore at your own risk. Once we have received your information, we will use strict internal procedures and security features to try to prevent unauthorised access. We also keep your information confidential. 

We hold ISO27001 accreditation and are Cyber Essentials certified, so ensure we have robust information security measures and policies in place to protect our customer’s information.

HOW WE USE YOUR INFORMATION

We use information held about you in the following ways:

• To provide you with information or services that you request from us only when you have consented to be contacted for such purposes.
• To carry out our obligations arising from any contracts entered into between you and us.

If you are an existing customer/client, we will only contact you by electronic means (email) with information about services similar to those which you have previously received.

If you are a new customer/client, we will contact you by electronic means only if you have consented to this.

If you do not want us to use your data in this way, please contact us.

CCTV

A CCTV system is in operation within the Zinc Group offices, both internally and two cameras positioned externally. The system is not actively monitored and will only be accessed in the event of an incident to investigate and is only retained for thirty days.

The external cameras are angled to capture the Zinc building car parking area and the requisite notices are in place to inform members of the public of their presence.

WHEN WE MIGHT DISCLOSE YOUR DATA TO THIRD PARTIES

We may disclose your personal information to third parties in a very limited number of circumstances:

• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our standard terms & conditions and other agreements; or to protect the rights, property, or safety of our Customer or others. This includes exchanging information with other companies or organisations for the purpose of fraud protection and credit risk reduction.
• In the event that we sell our business, in which case we may disclose some personal data to the prospective buyer of our business, such as staffing data or contact information for due diligence purposes. We will not disclose offender, witness or victim information in this scenario.

DATA RETENTION

In respect of contact information and personal data involving suspects, witnesses and victims (described above) as the data processor for our customers, we are led by their need to retain information that wish to store within Synapse and their requirements vary in timescale. For all information, it will only be held for as long as is necessary and for the purpose for which is was initially intended, for example for the prevention and detection of crime, or for a customer to be able to reach its users in an emergency.

When we are satisfied that our customer no longer needs personal information held in Synapse, or it has no further legal basis to hold it, it will be deleted. These same principles apply in other instances listed above, such as where Zinc Systems gather personal information for commercial purposes.

YOUR RIGHTS, ACCESS TO YOUR INFORMATION AND DISPUTE RESOLUTION

• To the extent required by law, we can provide you with: (i) reasonable access to the personal data we hold about you, and (ii) the ability to review, correct and delete such personal data.
• To help protect your privacy, we’ll take reasonable steps to verify your identity before granting access to your personal data.
• If we are processing your personal data under your consent, then you can withdraw that consent at any time.
• If we are relying on legitimate interests to process your personal data, then you can object to that processing.
• If the processing of your personal data is under dispute, then you can prevent further processing until we’ve addressed your concerns.

The Data Protection Act 2018 and General Data Protection Regulation (GDPR) gives you the right to access any information held about you. Your right of access can be exercised in accordance with this Act.  Any access request will be subject to a fee of £15 to meet our costs in providing you with details of the information we hold about you. To access your information, please contact us at DSARS@zinc.systems.

We are committed to protecting your privacy. If you have any questions or concerns about how we process your personal information, please contact us at DSARS@zinc.systems. 

If you have any concerns over our processing of your personal data, then please raise them with us by emailing or writing to us at the addresses shown in the “How to Contact Us” section at the bottom of this page.

If you are not satisfied with our response, you can raise the matter further with the Information Commissioner’s Office (https://ico.org.uk/make-a-complaint).

By submitting your information, you consent to the use of that information as set out in this policy. If we change our privacy policy, we will post the changes on our website or application(s) so that you may be aware of the information we collect and how we use it at all times.

Continued use of the service will signify that you agree to any such changes.

YOUR CONSENT

By submitting your information, you consent to the use of that information as set out in this policy. If we change our privacy policy, we will post the changes on our website or application(s) so that you may be aware of the information we collect and how we use it at all times.

Continued use of the service will signify that you agree to any such changes.

CHANGES TO THIS POLICY

Zinc Systems is a fast growing company. This version of the policy is based on our current customer’s uses, which may changes time to time as we grow. You can find the latest version by visiting https://www.zinc.systems/privacy-policy/. 

CONTACT DETAILS

If you have any queries or comments, or if any of the information that you have provided to us changes, please contact us via email at ISMS@zinc.systems, by telephone at 01604 59 89 89 or you can write to the address below:

Zinc Systems

33 Bedford Road

Little Houghton

Northampton

NN7 1AB