The Purpose of this privacy statement is to explain how The Computer Wiz Ltd processes personal data to fulfil its data protection responsibilities. This statement will be supplemented by ‘specific to client’ privacy notices when needed. The scope of this statement covers all related activities by the staff of The Computer Wiz Ltd referred to as CPWIZ for the remainder of this document.
The Role of CPWIZ in data protection terms is that of a data controller where it determines the purpose and use of personal data collected. Once received it becomes the responsibility of the CPWIZ privacy manager (PM) to ensure that it is processed in accordance with the latest UK data protection legislation. You can contact the PM using firstname.lastname@example.org.
The personal data processed by CPWIZ will be basic contact information for the purposes of responding to general enquiries, business development, preparing contracts and setting up invoices. If CPWIZ is not given all of the required personal data, it may result in an incomplete service being provided.
CPWIZ’s duty of confidentiality means that DWB staff will treat clients’ personal data with due respect and in confidence. It is only disclosed to those that need to know it. CPWIZ also expects the same duty of confidentiality of all third parties with whom it shares personal data. CPWIZ uses reasonable organisational and technical measures to ensure personal data is kept secure.
CPWIZ processes personal data against a lawful basis as described below:
In all cases the processing of personal data by CPWIZ shall be:
CPWIZ will share personal data, but only when absolutely necessary, with some or all of the following third parties:
CPWIZ operates in a paperless environment where the first line processing takes place on standard office IT equipment based in and around the company’s registered premises. In addition, use is made cloud services such as Microsoft One Drive, Dropbox, Backblaze and Remarkable (for unstructured notes) based in the EEA. CPWIZ uses SAGE accounting.
CPWIZ follows a retention schedule to determine the length of time it holds different types of personal data. The retention schedule is shown below:
At the end of the retention schedule CPWIZ will either return, destroy or delete your personal data and any associated emails or relevant documentation. If it is technically impractical to delete electronic copies of personal data, it will put it beyond operational use. It should be noted that CPWIZ allows up to 3 months after the retention schedule to complete the action.
The CPWIZ website links to appropriate business websites of interest. If these are used, you should be aware that the CPWIZ has no responsibility for the control, content or handling of your personal data by these other websites.
The General Data Protection Regulation defines the rights that you have (although these do not apply in all situations), For convenience, these rights are shown below:
Further details on your rights can be found on the ICO’s website: https://ico.org.uk.
Raising concerns, exercising rights or making queries about CPWIZ’s processing of personal data can be done by contacting the privacy manager. Please be aware that we will need to determine your identity before responding fully, therefore, you may be asked for proof of ID or other material that, in context, will enable us to confirm your identity. Alternatively, you may wish to contact the ICO directly, using the details provided above.