Glo Networks Limited

Privacy Statement

This Privacy Statement was published in compliance with the EU-General Data Protection Regulation (GDPR).
At Glo Networks Limited we are committed to protecting and respecting your privacy in compliance with the General Data Protection Regulations which take effect from the 25th May 2018. This Privacy Statement explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others, and how we keep it secure. This Privacy Statement applies to our products and to our sales, marketing and customer contract fulfillment activities for business purpose use.

Who are we?
Glo Networks Limited is an IT Company which provides IT Help, support and consultancy via GloHelp - a helpdesk style support ticketing platform.
We also provide the following services:

  • Cloud Hosted Solutions
  • Data Handling & Recovery
  • Computer systems
  • Remote IT Management
  • Network Infastructure
  • Office 365 Migration
  • Virtualisation
  • Cyber Security
  • Glo Networks Limited is the ‘Data Controller and/or Data Processor’

Definitions:
‘Business purposes’ means the purposes for which personal data may be used by us being personal, administrative, financial, regulatory and business purposes.

‘Data controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by law.

‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

The Principles:
Glo Networks shall comply with the principles of data protection (the Principles) enumerated in the EU General Data Protection Regulation. We will make every effort possible in everything we do to comply with these principles. The Principles are:

  1. Lawful, fair and transparent: Data collection must be fair, for a business or legal purpose and we must be open and transparent as to how the data will be used.
  2. Limited for its purpose: Data can only be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes.
  3. Data minimisation: Any data collected must be necessary and not excessive for its purpose.
  4. Accurate: The data we hold must be accurate and kept up to date and every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.
  5. Retention: We cannot store data longer than necessary.
  6. Integrity and confidentiality: The data we hold must be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

What is Personal Data?
‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

When do we collect personal data about you?
The purposes for which personal data may be used by us:

  • To carry out obligations arising from any Contracts entered into between you and us (e.g. Glo Support).
  • To keep our internal records up to date.
  • To notify you of any changes to our service.
  • When you are using our products.
  • When you interact with us in person, through correspondence via email or post, by phone, by posting messages via Glo Help, by social media or through our website using the Contact form.
  • When we collect personal information from other legitimate sources, such as third-party data aggregators, Glo Networks marketing partners, public sources or social networks. We only use this data if you have given your consent to them to share your personal data with others.
  • We may collect personal data if it is considered to be of legitimate interest, and if this interest is not overridden by your privacy interests. Before data is collected we make sure an assessment is made, ensuring that there is an established mutual interest between you and Glo Networks Limited.

Why do we collect and use Personal Data?
We collect and use personal data mainly when setting up a new customer and a GH account relating to a Support Contract but also to perform direct sales, direct marketing and customer services. We also collect data about suppliers and partners and persons.

We may use the information for the following purposes:

  • To set you up as a new customer with a Support Contract or carry out work on your behalf.
  • Send you marketing communications which you have requested. These may include information about our products and services, events, activities and promotions of our associated partners’ products and services. This communication is subscription based and requires your consent.
  • Send you information about the products and services that you have purchased from us.
  • Perform direct sales activities in cases where legitimate and mutual interest is established.
  • Reply to a ‘Contact me’ web form you have completed on the Glo Networks Limited website.
  • Follow up on incoming requests (customer support via GH messages, emails, chats and phone calls or face to face meetings).
  • Provide you with access and services related to Glo Help if you have a Support Contract with Glo Networks Limited.
  • Perform contractual obligations such as order confirmation, license details, invoice, reminders, Statements and similar. The contract may be with Glo Networks Limited directly or with a Glo Networks Limited partner.
  • Notify you of any disruptions to our services (systems messages).
  • Contact you to conduct surveys about your opinion on our productions and services.


Our legal basis for collecting personal data: Collecting personal data on consents:
The collection of personal data based on consent from the data subject will be done by agreeing to consent via Glo Help. Individual consents will always be documented on our system.

Collecting personal data based on contracts:
We use personal information for fulfilling our obligations related to contracts and agreements with customers, partners and suppliers.

Collecting personal data based on legitimate interest
We may use personal data if it is considered to be of legitimate interest, and if the privacy interests on the data subjects do not override this interest. Normally, to establish the legal basis for data collection, an assessment has been made during which a mutual interest between Glo Networks Limited and individual person has been identified. This legal basis is primarily related to the use of Glo Help, and sales and marketing purposes. We will always inform individuals about their privacy rights and the purpose for collecting personal data.

What type of personal data is collected?
We collect name, phone numbers, title and email address, in addition to your company’s name and contact information. We may also collect feedback, comments and questions received from you in service related communication and activities, such as meetings, phone calls, documents and emails. From our website we may collect IP address and action taken on the site. Any information added to the GloHelp support platform can be read by any member of the Glo Help team.

We do not collect or process any special categories of personal data. The term 'special categories' refers to information about an individual’s:

  • Race
  • Ethnic origin
  • Politics
  • Religion
  • Trade union membership
  • Genetics
  • Biometrics (where used for ID purposes)
  • Health
  • Sexual orientation
'Special categories' was previously known as 'sensitive personal data' - and this referred to data about an individual which is considered more sensitive. Personal information that falls under 'special categories' requires more protection, as this kind of data could create more significant risks to a person’s fundamental rights and freedoms. For example, use of this information could put them at risk of unlawful discrimination.

How long do we keep your personal data?
We store personal data for a long as we find it necessary to fulfil the purpose for which the personal data was collected, while also considering our need to answer your queries or resolve possible problems, to comply with the legal requirements under applicable laws, to attend to any legal claims/complaints, and for safeguarding purposes.

This means that we may retain your personal data for a reasonable period of time after your last interaction with us. When the personal data that we have collected is no longer required, we will delete it in a secure manner. We may process data for statistical purposes, but in such cases, data will be anonymized.

Your rights to personal data:
Individuals have rights to their data which we must respect and comply with to the best of our ability. We must ensure individuals can exercise their rights in the following ways:

  1. Right to be informed:
    - Providing privacy notices which are concise, transparent, intelligible and easily accessible, free of charge, that are written in clear and plain language, particularly if aimed at children.
    - Keeping a record of how we use personal data to demonstrate compliance with the need for accountability and transparency.
  2. Right of access:
    - Enabling individuals to access their personal data and supplementary information
    - Allowing individuals to be aware of and verify the lawfulness of the processing activities
  3. Right to rectification:
    - We must rectify or amend the personal data of the individual if requested because it is inaccurate or incomplete.
    - This must be done without delay, and no later than one month. This can be extended to two months with permission from the DPO.
  4. Right to erasure:
    - We must delete or remove an individual’s data if requested and there is no compelling reason for its continued processing..
  5. Right to restrict processing:
    - We must comply with any request to restrict, block, or otherwise suppress the processing of personal data.
    - We are permitted to store personal data if it has been restricted, but not process it further. We must retain enough data to ensure the right to restriction is respected in the future.
  6. Right to data portability:
    - We must provide individuals with their data so that they can reuse it for their own purposes or across different services.
    - We must provide it in a commonly used, machine-readable format, and send it directly to another controller if requested.
  7. Right to object:
    - We must respect the right of an individual to object to data processing based on legitimate interest or the performance of a public interest task.
    - We must respect the right of an individual to object to direct marketing, including profiling.
    - We must respect the right of an individual to object to processing their data for scientific and historical research and statistics.
  8. Rights in relation to automated decision making and profiling:
    - We acknowledge the data subject’s rights in this area, however, Glo Networks Limited are exempt from this as per Article 22 of the GDPR as we do not use any form of automated decision making or profiling.

The right to request that Glo Networks Limited provides you with your personal data and, if possible, to pass on this information directly (in a portable format) to another data controller when the processing is based on consent or contract.
The right to request a restriction on further data processing, in case there is a dispute in relation to the accuracy or processing of your personal data.
The right to object to the processing or personal data, in case data processing has been based on legitimate interest and/or direct marketing.

The use of cookies and beacons:
We use cookies and web beacons to collect information as you navigate the company’s website. Website Navigational Information included standard information from our web browser, such as browser type and browser language, your Internet Protocol (IP) address and the actions you take on the company’s website, such as the web pages viewed and the links clicked.
This information is used to make websites work more efficiently, as well as to provide business and marketing information to the owners of the site, and gather such personal data as browser type and operating system, referring page, path through site, domain of ISP, etc. for the purposes of understanding how visitors use a website. Cookies and similar technologies help us tailor our website to your personal needs, as well as to detect and prevent security threats and abuse. If used alone, cookies and web beacons do not personally identify you.

Do we share your data with anyone?
We do not share, sell, rent or trade your information with any third parties without your consent, except from what is described below:

Third Party Service Providers working on our behalf:
We may pass your information on to our distributors, agents, sub-contractors and other associated organizations with the purpose of them providing services to you on our behalf.

Third Party Product Providers we work in association with:
We work closely with various third party product providers to bring you a range of products and services designed to meet your extended needs. When you enquire about or purchase one or more of these products, the relevant third party product provider will use your details to provide you with information and carry out their obligations arising from any contracts you have entered into with them. In some cases, our third party product providers will be acting as data processors of your information and therefore, we advise you to read their Privacy Policy and sign Data Processing Agreement. These third party product providers will share you information with us, which we will use in accordance with this Privacy Statement.

If required by law:
We will disclose your personal information if required by law or if we, as a company, reasonably believe that disclosure is necessary to protect our company’s rights and/or to comply with a judicial proceeding, court order or legal process. However, we will do what we can to ensure that your privacy rights continue to be protected.

Use of sub-contractors (processors and sub-processors):
We may use sub-contractors to process personal data on our behalf, we are responsible for making sure they commit themselves to adhere to this Privacy Policy and applicable data protection legislation by signing a Data Processing Agreement.
If the sub-contractor processes personal data outside the EU/EEA area, such processing must be in accordance with the EU Privacy Shield Framework, EU Standard Contractual Clauses for transfer to third countries, or another specifically stated lawful basis for the transfer of personal data to a third country.
If a new sub-contractor is signed or a change of sub-contractor is performed relating to the services we provide, the customer will be notified in line with our Terms of Service. A directory of approved sub-processors is part of our Data Processing Agreement.

Changes to this Privacy Statement:
Glo Networks Limited reserves the right to amend this Privacy Statement at any time. The applicable version can be found in Glo Help or available upon request. We encourage you to check this Privacy Statement occasionally to ensure that you are happy with any changes.
If we make changes that significantly alter our privacy practices, we will notify you by email or post a notice on our website prior to the change taking effect.

Your right to complain with a supervisory authority:
If you are unhappy with the way in which your personal data has been processed, you may in the first instance contact us at Glo Networks Limited, Regus House, Malthouse Avenue, Cardiff Gate Business Park, Cardiff. CF23 8RU.
If you remain dissatisfied, then you have the right to apply directly to the Information Commissioner’s Office (ICO) for a decision.