Our Privacy Statement
By using our site, you consent to us processing your data and you warrant that all data provided by you is accurate.
Information about us
We are Xplus London, Studio 123, Trident Court,1 Oakcroft Road, Chessington KT9 1BD, UK VAT No 301449242 – Company Registration No 09182095 – Registered in England and Wales. Logo is trademarked – IPO Trade Mark No: UK00003320013
For more information, please see our Contact Us page and/or the footer of this website.
We do not collect any personal information about website users other than:
- information provided by Users when completing forms on the website including but not limited to the contact and website registration form.
- that facilitated by the use of “cookie” technology. “Cookies” are designed to enhance your online visit and permit you to access the full service within the website.
Correcting/Updating Personal Information
If a user’s personally identifiable information changes (such as your postcode) the User can update or remove that user’s personal data provided to us in the User’s personal profile page or by sending an email to firstname.lastname@example.org.
We use IP addresses to analyse trends, administer the site, track user’s movement, and gather broad demographic information for aggregate use.
Surveys & Contests
From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.
This website takes every precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected both online and offline.
When our registration form asks users to enter information, that information is encrypted and is protected with the best encryption software in the industry – SSL. While on a secure page, such as the user profile page, the lock icon in the address bar of Web browsers such as Internet Explorer, Chrome and Firefox becomes locked, as opposed to un-locked or open, as will be the case for most of the time that a user is browsing the web.
If you have any questions about the security at our website, you can send an email to email@example.com
Notification of Changes
If you register as a user of the website you will be asked for some basic information. Please note that registration is not required for all areas of the website, however we do encourage you to register in order to gain full access to the website content/information and online services. There are technological and operational security systems in place that provide protection for personally identifiable information from loss or misuse.
Where links are provided to other websites it should be noted that they are not and cannot be governed by our Privacy Statement. We cannot guarantee your privacy when you access other websites through any link provided on this website.
Notices and Disclaimers
These disclaimers also extend the above rights to our website provider – see service agreement, terms and conditions.
A cookie is a small text file written to your hard drive that contains information about you. Cookies do not contain any personal information about users.
Services delivered via the website such as video or embedded content from external providers may also place cookies on your machine (computer).
By continuing to use this site you are deemed to be accepting the terms and conditions and consenting to the website placing cookies on your machine (computer) as set out in the Cookies information page.
What do we do with your information?
All information is stored within the European Economic Area (EEA) and complies with GDPR.
We will read your message and normally respond to you either via telephone or via email. We will use the basis of legitimate interest to send you further information that we think may be of benefit to you. Should you wish to unsubscribe you will find a link on any correspondence or email.
We will not use the information to make any automated decisions that might affect you.
Your rights over your information
By law, you can ask us what information we hold about you, you can see it, and you can ask us to correct it if it is inaccurate.
You can also ask for it to be erased and you can ask for us to give you a copy of the information.
You can also ask us to stop using your information at any time, either by clicking the unsubscribe link at the end of any email communication, or by emailing, writing or telephoning us using the contact details above.
Your right to complain
If you have a complaint about our use of your information, you can contact the Information Commissioner’s Office via their website at www.ico.org.uk/concerns or write to them at:
Studio 123, Trident Court
1 Oakcroft Road
The General Data Protection Regulation (GDPR) is a Regulation of the European Union and, from 25 May 2018, it applies to all organisations that collect and process the personal data of EU citizens.
As a responsible, forward-looking business, Xplus London recognises at senior levels the need to comply with the GDPR and ensure that effective measures are in place to protect the personal data of our customers, employees and other stakeholders, and to ensure that it is processed lawfully, fairly and transparently.
Commitment to the security of personal data extends to senior levels of the organisation and is demonstrated through the relevant policies and the provision of appropriate resources to establish and develop effective data protection and information security controls.
As part of meeting our legal obligations, we have put in place a comprehensive programme to understand and validate our use of personal data and to confirm the lawful basis of our processing.
Further to this, we can confirm that:
- A policy is in place for the protection of personal data within Xplus London which has been approved by management and communicated to all employees and other relevant people
- All employees have received awareness training regarding data protection and the GDPR
- Everyone understands their roles in the protection of personal data, and has received training where needed
- We have identified the personal data we process.
- For each occasion we process personal data, we have established the lawful basis of the processing under the GDPR
- Where we have used the lawful basis of legitimate interest, we have conducted a documented balancing test to assess the benefits versus the impact on the data subject of the processing
- In those cases where our processing is based on consent, we have taken steps to ensure clear, free consent has been given and is recorded, including consideration of parental consent for children
- Tested procedures and online user facilities are in place to promptly process and fulfil data subject access requests, such as consent withdrawal, access and rectification
- The length of time we keep personal data for, or the way we decide this, has been defined in each area of processing, and has been minimised
- We are keeping records of processing as required by the GDPR
- Where we are a controller, all of our contracts with processors have been updated to comply with the requirements of the GDPR
- Where we act as a processor, we have contractually committed to complying with the requirements of the GDPR
- All of our employees are subject to confidentiality obligations with respect to personal data.
- Where we transfer personal data internationally, we have ensured that the transfer is legal under the GDPR
- Where appropriate, a data protection impact assessment approach which is in line with the requirements and recommendations of the GDPR and relevant best practice, will be used
- By default, we plan for data protection in new or changed services and systems, including minimising our use of personal data.
- We have tested procedures in place to fulfil our obligations in the event of a breach of personal data, both as a controller and as a processor
- We have policies and other controls in place to provide appropriate protection of personal data, based on a careful assessment of risk
- We have appointed a Data Protection Officer whose contact details are as follows: firstname.lastname@example.org
We will continue to develop and improve our data protection policies and controls over time, guided by legal requirements and the needs and preferences of our customers and partners.