Privacy Statement

Last updated March 2024

1.1 We are committed to protecting and respecting your privacy. This statement explains what personal data (information) we hold about you, how we collect it, and how we use and may share information about you. We are required to notify you of this information under data protection legislation. Please read this Privacy Statement carefully to understand our views and practices regarding your personal data and how we will treat it. It also explains how we collect, transfer, process, use and share your data.

1.2 This Privacy Statement does not form part of any employment contract and may be amended from time to time. Please read it carefully and ensure that you understand it. Your acceptance of our Privacy Statement is deemed to occur upon your first use of this site. If you do not accept or agree with this Privacy Statement you must refrain from utilising the site immediately.

1.3 Principles: (a) We will comply with the data protection principles when gathering and using personal information. (b) Any breach or attempted breach of this Privacy Statement will be viewed very seriously by AIM Computing and we will take appropriate disciplinary action against any employee found to be facilitating a breach of this Privacy Statement. If any employee knows of, or suspects, that this Privacy Statement is not being complied with, you must tell the Managing Director as soon as possible. Any report made will be treated in confidentiality.

2.1 We may collect, store and use information about you in order to provide you our products and services. We will have a legal basis and a purpose for all processing, as set out below: (a) processing is necessary in order to comply with legal obligations which apply to us; (b) processing is necessary for the performance of a service contract, or to take steps to enter into a contract; (c) processing is necessary in order to fulfil our legitimate interests or a third party (such as a benefits provider), but only if these are not overridden by your interests, rights or freedoms. This may include the administration and management of our employees and our business; or (d) the law otherwise permits or requires the processing.

3.1 We seek to ensure that our information collection and processing is always proportionate. We will notify you of any material changes to information we collect or to the purposes for which we collect and process it.

3.2 We may collect the following information during the provision of our products and services: Your name, contact details (e.g. address, mobile phone number and email address);

3.3 In addition to the information that you provide to us, we may also collect, store and use information using the following means: monitoring of your use of our IT systems.

3.4 No automated decision-making or profiling will take place using your personal data.

4.1 We may collect this information from you, keystrokes and mouse movements, screen capture, application logs, webcams, automated monitoring of our websites and other technical systems, such as our computer networks and connections, communications systems, remote access systems, email and instant messaging systems, intranet and Internet facilities, telephones, voicemail and mobile phone records.

5.1 Your personal data will only be seen or used by those of our employees who have a legitimate business need to access your personal data for the purposes set out in this Privacy Statement.

5.2 We take your privacy seriously and have implemented appropriate physical, technical and organisational security measures designed to secure your personal data against accidental loss, destruction or damage and unauthorised access, use, alteration or disclosure.

5.3 We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

6.1 Except as explained in this Privacy Statement, we will not share your personal data with third parties without your consent unless required to do so by law.

6.2 To comply with our legal, statutory and regulatory obligations we may share your personal data with authorities including but not limited to the: HMRC, Home Office and DBS, as appropriate from time to time.

6.3 We may share your personal data with third-party service providers who assist us with the products and services we provide to you. This may include cloud providers, SaaS providers and legal services providers. Any such third parties will only be permitted to use your personal data for specific purposes in accordance with our instructions and not for their own purposes.

6.4 We may also share your personal data with third parties in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets or if we or substantially all of our assets are acquired by a third party, in which case personal data held by us about our clients will be one of the transferred assets or to protect the rights, property, or safety of the company and our employees.

6.5 For reporting and administrative purposes, it may sometimes be necessary to share some of your personal data with other members of our group of companies. We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 (where applicable).

6.6 If a business transfer or change of business ownership takes place or is envisaged, we may transfer your personal data to your new service provider. If this happens, we will inform you of this transfer.

6.7 Your personal data may involve the transfer, storage and processing by the company (or on behalf of the company by a third party supplier) of such data outside the European Economic Area such as countries where servers and/or suppliers may be based, we will ensure that any personal data being transferred have an adequate level of protection and will have reviewed, approved and/or negotiated an agreement with these third parties.

7.1 We will not retain personal data about you for any longer than is necessary. What is necessary will depend on the personal data in question and what it is needed for, including for the fulfilment any legal, accounting or reporting requirements imposed by law or regulation.

7.2 We may retain personal data about you for statistical purposes. However, wherever possible, where data is retained for statistical purposes it will be anonymised.

8.1 It is important that the information we hold about you is accurate and up to date. If you think any of the personal data, we hold about you is inaccurate or incomplete, you should let us know as soon as possible and we will endeavour to correct any mistakes in the information we hold.

8.2 We hope that this Privacy Statement will provide you with the information you need about what personal data we are processing about you, why it is being processed, what we are using it for and how long it will be retained for. However, you have the right to access the personal data we hold about you by making a subject access request.

8.3 In certain circumstances (e.g. if you think we are unnecessarily processing personal data about you), you may be able to ask us to erase your personal data, or to stop or restrict the processing your personal data. You may also request that we transfer your personal data to another party.

8.4 For more information on your rights and how to use them, or if you would like to exercise any of your rights, please contact us using the details set out in section 9 below.

8.5 For further information on your rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the General Data Protection Regulation.

9.1 The Company (and its subsidiaries or associated entities) are data controllers, because we collect personal data about you and determine how and why it will be used. Our contact details are: AIM Computing Ltd, SJD KD Tower, Cotterells, Hemel Hempstead, England, HP1 1FW.

9.2 If you have any questions or concerns about how we handle your personal data, please contact the Managing Director.

9.3 If you are unsatisfied with our response to any data protection issues you raise with us or the Data Protection Officers, you have the right to make a complaint to the Information Commissioner’s Office (ICO). The ICO is the authority in the UK which is tasked with the protection of personal data and privacy.

10.1 We hope that we can resolve any query or concern you raise about our use of your information by contacting us on [email protected]. If not, contact the Information Commissioner at ico.org.uk/concerns or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.

11.1 Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

11.2 Changing your cookie settings: The majority of popular browsers allow you to control your cookies. This can generally be achieved by navigating to the settings in your browser. To find out more about cookies, including how to see what cookies have been set, please visit www.aboutcookies.org or www.allaboutcookies.org.