Raycon takes privacy very seriously and this policy sets out to provide a clear understanding on how we manage and use personal data in accordance to all Data Protection legislation including the Data Protection Act 1998, the General Data Protection Regulation ((EU) 2016/679) and any subsequent legislation or laws that come into effect from time to time. This Privacy Policy may be reviewed from time to time to comply and adhere to updates or changes in legislation, our business practices or advances in technology.
Raycon is a trading name of Harvest Systems Support Ltd (Company Registration No. 4657583), an IT Support Services company providing a wide range of IT products and services across the UK.
Raycon will only use your personal data when the law allows us to. We may be required to collect certain personal information in order to:
The type of information we collect may include (but not be limited to):
Please note that personal data will not be collected without the Consent of a data subject. Data will only be processed if there is a lawful basis for doing so.
Raycon may use your information for the following purposes:
We will collect information in the following ways:
Any data we hold is stored securely on our systems based in the UK. We do also use a number of Cloud Service Providers (CSPs), some of which have data centres in a number of locations globally, however we have ensured that they have the appropriate policies and procedures in place to comply with GDPR.
We do not purchase or sell any personal information. We do not share personal information unless lawfully required to do so or unless we have full written consent from the data subject.
We will only retain personal information for as long as necessary to fulfil the purposes it has been collected for, including for the purposes of satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Once you are no longer a customer of Raycon we will retain and securely destroy your personal information in accordance with applicable laws and regulations.
Our Information Security Management System is certified to ISO 27001 standard which in turn shows commitment to our clients by ensuring that adequate security controls are in place to protect information and personal data from being accessed, corrupted, lost or stolen. We limit access to your personal information to employees and contractors within the business.
We do not store or transfer your personal data outside the European Economic Area, however should we do so, we will ensure our Suppliers are compliant with GDPR processes and procedures.
We currently have procedures in place to deal with any potential data breaches and will notify yourselves or regulators when we are legally required to do so.
As a data subject whose personal information we hold, you have certain rights. If you wish to exercise any of these rights, please email service@raycon.co.uk or use the information supplied in the Contact us section of our website. In order to process your request, we will ask you to provide two valid forms of identification for verification purposes. Your rights are as follows:
The right to be informed
We are obliged to provide clear and transparent information about any data processing activities we may undertake. This is provided by this privacy policy and any related communications we may send you.
The right of access
You may request a copy of the personal data we hold about you free of charge. Once we have verified your identity and, if relevant, the authority of any third-party requestor, we will provide access to the personal data we hold about you as well as the following information:
If there are exceptional circumstances that mean we can refuse to provide the information, we will explain them. If requests are frivolous or vexatious, we reserve the right to refuse them. If answering requests is likely to require additional time or occasions unreasonable expense (which you may have to meet), we will inform you.
The right to rectification
When you believe we hold inaccurate or incomplete personal information about you, you may exercise your right to correct or complete this data. This may be used with the right to restrict processing to make sure that incorrect/incomplete information is not processed until it is corrected.
The right to erasure (the ‘right to be forgotten’)
Where no overriding legal basis or legitimate reason continues to exist for processing personal data, you may request that we delete the personal data. This includes personal data that may have been unlawfully processed. We will take all reasonable steps to ensure erasure.
The right to restrict processing
You may ask us to stop processing your personal data. We will still hold the data, but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies you may exercise the right to restrict processing:
The right to data portability
You may request your set of personal data be transferred to another controller or processor, provided in a commonly used and machine-readable format. This right is only available if the original processing was on the basis of consent, the processing is by automated means and if the processing is based on the fulfilment of a contractual obligation.
The right to object
You have the right to object to our processing of your data where
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.