HomePrivacy Policy - Zeus Tech Solutions

Zeus Tech Solutions Ltd – Privacy Policy

1. Legal Notices & Terms of Use

This policy sets out how Zeus Tech Solutions Limited, a company registered in England and Wales with number 10506483. Registered office: 1 Old Hall Street, Liverpool L3 9HG (“ZEUS”, “we”, “us” and “our”) uses and protects any information that you provide when you use its business website. Here you can read further information about how we use your data or explore in more detail how and why we use cookies to enhance your browsing experience. By using zeustechsolutions.co.uk, or related online portals including any sub-domains e.g. portal.zeuscs.co.uk, you are agreeing to the terms set out, and consenting to the use of data described, in this policy.

Zeus Tech Solutions Limited is registered with the Information Commissioners Office, registration number ZA446748.

2. Data Protection Complaints Procedure

a. Our Complaints Procedure

You have a right under the General Data Protection Regulation (GDPR) to raise a formal complaint if you feel your data has been unlawfully processed. This same right entitles you to obtain details of what information we hold about you. This is known as a Data Subject Access Request (DSAR). Should you have any queries concerning this right or wish to make a complaint, please contact our registered office, details as follows:

FOA: Data Protection

Zeus Tech Solutions Limited

1 Old Hall Street

Liverpool

L3 9HG

Alternatively, you can email: dataprotection@zeuscs.co.uk

b. External Complaints Procedure (“Supervisory Authority”)

If you feel that your complaint has not been adequately resolved, you are entitled to make a complaint with the “supervisory authority” (the Information Commissioners Office) by navigating to https://ico.org.uk/concerns/ and completing the necessary. Where applicable please reference the Zeus Tech Solutions Limited registration number: ZA446748.

3. Data Processing Obligations (Contractual)

To the extent that Zeus Tech Solutions Limited is acting as a Processor for and on behalf of the Customer, it shall:

a. Process Personal Data for and on behalf of the Customer for the purposes of performing its obligations under an Order, and only in accordance with the terms of that Order and any documented instructions from the Customer;

b. notify the Customer immediately (and in any event within 24 hours of becoming aware of the same) if it believes (or ought reasonably to have been aware) that any of the Customer’s written instructions infringe the Data Protection Legislation;

c. implement and maintain appropriate technical and organisational security measures which are sufficient to comply with at least the obligations imposed on the Customer by the Security Requirements;

d. take all reasonable steps to ensure the reliability and integrity of any Zeus Personnel who shall have access to the Personal Data;

e. ensure that access to the Personal Data is restricted to only those members of Zeus’ Personnel who require it in order to discharge Zeus’ obligations under an Order;

f. notify the Customer promptly (and in any event within 2 Business Days) following its receipt of any Subject Access Request or correspondence from the UK Information Commissioner’s Office or any other European data protection authority, and together with such notices, shall provide a copy of such Subject Access Request or correspondence and reasonable details of the circumstances giving rise to it; and

g. with respect to a Subject Access Request, not disclose any Personal Data in response without the express written authorisation of the Customer.

Where Zeus becomes aware (or reasonably should have become aware) of an actual or suspected Personal Data Breach, it shall:

h. notify the Customer as soon as is practicable, but in any event within 48 hours, including details of how the breach occurred and what Personal Data may have been compromised;

i. implement any measures necessary to restore the security of compromised Personal Data; and

j. assist the Customer to make any notifications to the UK Information Commissioner’s Office and affected Data Subjects.

Except to the extent required by Applicable Law, upon the termination of an Order for any reason, or earlier if instructed in writing by the Customer to do so, Zeus shall cease Processing all Personal Data and return and/or permanently and securely destroy so that it is no longer retrievable (as directed in writing by the Customer) all Personal Data and all copies in its possession or control (and it shall provide the Customer with a certificate signed by a duly authorised representative confirming it has done so). Where the Customer makes any such request prior to the termination of an Order, and it serves to hinder or prevent Zeus’ obligations thereunder, the Order shall continue despite such reduced performance, and the Charges which have been paid or which will become payable shall not be affected thereby.

4. Data Protection Arrangements (Contractual)

The parties acknowledge that the factual arrangement between them dictates the classification of each party in respect of the Data Protection Legislation. However, the parties anticipate that the Customer shall act as a Controller and Zeus shall act as a Processor and in any such case:

a. Zeus shall be a Controller where it is collecting and using Personal Data in relation to the management of its Customer accounts; and

b. Zeus shall be a Processor where it is Processing Personal Data in relation to the Data Processing Particulars in connection with performing its obligations under an Order.

Zeus shall comply with, and shall procure that any Affiliates comply with, the provisions of the Data Protection Legislation in relation to all Personal Data that is Processed by it in connection with an Order.

Zeus shall be permitted to appoint sub-contractors, and to disclose Personal Data to them for Processing in accordance with the relevant Contract, provided always that the sub-contractor’s right to Process the Personal Data terminates automatically on expiry or termination (for whatever reason) of the relevant Order for which the sub-contractor was engaged.

5. Data Collection & Processing for our Customers (Contractual)

Data collected and processed under an Order (or Customer contract) may include:

  • Email

All Email is stored and processed using the Microsoft Office 365 cloud product. Data is secured & encrypted “in transit” using the TLS protocol;

  • Telephone

All telephone calls are recorded. Call recordings are stored in a private cloud with encryption applied to secure recording stored “at rest”;

  • Mobile Media

Should a customer wish to transfer personal information using mobile media i.e. on a USB drive, it is the responsibility of the Customer to secure the information. It is advised to encrypt the device, and communicate authentication details “out of band” i.e. via the telephone to the recipient at Zeus;

  • Web Services & File Transfers

Depending on requirements the customer may be presented with a web service or file transfer application e.g. SFTP, to transfer and receive data. All webservices & file transfer applications offered by Zeus Tech Solutions Ltd use strong encryption, specifically SSL when transmitting data between the parties;

  • Development & Release Procedures

When connecting to a Customer site remotely, the employee responsible for undertaking the data processing activity will have their Computer session recorded throughout the activity. The purpose of this activity is to:

    • Confirm contractual agreed activities;
    • Repudiate the connection specifically;
    • Prevention of data loss;
    • Confirm activity in the event of a disaster recovery or business continuity concern;
    • Maintain compliance;
    • Secure and mitigate error;

All recordings are secured within the Zeus Tech Solutions Ltd private cloud infrastructure, with access restricted to the Managing Director and IT & Security Director specifically. Access to the recordings is monitored with logging to maintain confidentiality and integrity. A 30-day retention policy has been applied to automatically delete and make irretrievable the data once the policy has been met.

6. Data Collection & Processing (our Websites)

Zeus Tech Solutions Limited gathers and stores information in many ways, including but not limited to the following:

a. Information you give us

We receive and store any information you enter on our website, either using our contact forms or utilising the online live chat service.

The live chat service is provided HubSpot Inc. Information on how the data is processed and stored can be viewed here: https://www.hubspot.com/security

b. Automatic Computing information

We receive and store certain types of information whenever you interact with us. For example, like many websites, we use “cookies” and we obtain certain types of information when your Web browser accesses zeuscs.co.uk. Several companies offer utilities designed to help you visit websites anonymously. Although we will not be able to provide you with a personalised experience at zeuscs.co.uk if we cannot recognise you, we want you to be aware that these tools exist.

c. Normal course of business

When you contact Zeus Tech Solutions Limited, we may keep a record of your communication to help solve any queries or issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements.

d. Marketing and communications channels

Zeus Tech Solutions Limited may use Twitter, Facebook, LinkedIn or other social media outlets to market and promote its offerings and services. Any communications you make with Zeus Tech Solutions Limited using these media may be used by Zeus Tech Solutions Limited in accordance with this notice.

e. Lawful Basis for Processing

By submitting your personal information within our contact forms found on this website, you have options to “Consent” to Zeus Tech Solutions Limited processing it on your behalf. You have the right to withdraw this “Consent” at any time in writing to dataprotection@zeuscs.co.uk

7. Suppliers, or Other Access to your Information

We may provide access to your personal information to our affiliates or other trusted businesses or persons to process it for us, based on our instructions and in compliance with our Privacy Notice and any other appropriate confidentiality and security measures. We will always seek your “Consent” before doing so.

8. Legal Access to Your Information

We may share personal information with companies, organisations or individuals outside of Zeus Tech Solutions Limited if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:

  • meet any applicable law, regulation, legal process or enforceable governmental request;
  • detect, prevent, investigate or otherwise address fraud, security or technical issues;
  • protect against harm to the rights, property or safety of Zeus Tech Solutions Limited, our users or the public as required or permitted by law.

9. Website Activity

a. Log Files

As is true of most Web sites, we gather certain information automatically and store it in log files. This information may include IP addresses, browser type, referring/exit pages, operating system, date/time stamp, and clickstream data. We may collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). We use this information to analyse trends, to administer the site, to track how visitors interact with the site.

b. Cookies

A cookie is a small file that is stored on a user’s computer for record-keeping purposes. Zeus Tech Solutions Limited typically uses both session ID cookies and persistent cookies. We use session cookies to make it easier for you to navigate our site. A session cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period and can be used when you return to our site to help identify you or allow you to log in, or on other third-party sites to communicate to you via online-marketing channels. You can remove persistent cookies by following directions provided in your Internet browser’s help file.

If you fail to accept cookies, you may still use our website, but your ability to use some areas of our site may be affected.

10. How We Protect Your Personal Information

Zeus Tech Solutions Limited safeguards the security of the data you send us with physical, electronic, administrative and managerial procedures. Likewise, we urge you to take every precaution to protect your personal data when you are on the Internet. These precautions include storing passwords in a reputable password manager, using unique passwords for every website or application, changing your password often, using a combination of letters, numbers and symbols, and using a secure browser over a secured network.

a. Location

This website is hosted from within the United Kingdom and will never be hosted outside of the European Economic Area (EEA).

b. Website Security

The Zeus Tech Solutions Limited website currently uses at least TLS v1 encryption on all web pages where personal information is submitted. This is designed to protect the confidentiality of your personal information as it is transmitted to us over the Internet.

c. Right to be Forgotten / Data Retention

(This Website) You have a right to be forgotten. We only retain your name, email address and telephone number as submitted by yourself when using our contact forms. This data is retained for a period of 12 months, after which it is purged and made irretrievable from our databases. We will only keep your personal information for as long as necessary to provide our services.

d. Right to Rectification

At your own submission, we will only store or process your name, email address and telephone number as per the website contact details. If you enter this incorrectly you may request that we amend this for you, otherwise we will assume the information you have input is accurate.

e. Automated Decision Making & Profiling

Zeus Tech Solutions Limited does not sell or trade your personal information and does not process your information automatically without your “consent”. Under no circumstance will Zeus Tech Solutions Limited sell or trade your personal information with any third party or profile character using your personal data.

11. Recruitment (Curriculum Vitae)

If you wish us to consider you for employment within Zeus Tech Solutions Limited, we will need to use your personal information, usually contained within a Curriculum Vitae you communicate directly to us to consider your suitability for and to discuss with you such employment. You may communicate the details of your Curriculum Vitae within our contact forms or by way of email.

We acknowledge and agree that any personal data of yours that we handle will be processed in accordance with all applicable data protection laws. The General Data Protection Regulations (“GDPR”) and Data Protection Act 2018 applies.

Information collected and processed for finding you a suitable role is as follows:

  • your name, address and contact details, including email address and telephone number;
  • details of your qualifications, skills, experience and employment history;
  • information about your current level of remuneration, including benefit entitlements;
  • whether or not you have a disability for which the organisation needs to make reasonable adjustments during the recruitment process;
  • information about your entitlement to work in the UK; and
  • equal opportunities monitoring information, including information about your ethnic origin, sexual orientation, health and religion or belief.

12. Changes to this Privacy Policy

We reserve the right to modify this privacy policy at any time, so please review it frequently. If we decide to change our privacy notice, we will post those changes to this privacy statement on the homepage, and other places we deem appropriate so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.

13. Contact Us

If you have any questions or suggestions regarding our privacy notice, please contact us by emailing dataprotection@zeuscs.co.uk or using our contact form found on the website.