Gray IT Ltd will be what’s known as the ‘Controller’ of the personal data you provide to us. We may collect basic personal data about you which can include special types of information or location-based information. This may include name, address, email, phone number.

Why we need your data

We need to know your basic personal data in order to provide you with on-going organisational updates in line with any contracts we have in place with you. We will not collect any personal data from you we do not need in order to provide and oversee this service to you.

What we do with your data

All the personal data we collect and process is processed by our staff in the UK and this information, including encrypted backups, hosting and maintenance is located on servers within the European Union. No third parties have access to your personal data unless the law allows them to do so.

We have a Data Protection regime in place to oversee the effective and secure processing of your data. More information on this can be provided by emailing our Data Protection Officer (see contact details below).

How long we keep your data

If you have entered into a contract with us, we are required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years after which time it will be destroyed.

What are your rights

If at any point you believe the information we process on you is incorrect you can request to see this information and have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you can contact us to have the matter investigated – dpo@grayit.co.uk

If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office https://ico.org.uk/