Privacy Policy

 

Our Privacy Statement

 

By using our site, you consent to us processing your data and you warrant that all data provided by you is accurate.

 

Information about us

 

We are Xplus London, Studio 123, Trident Court,1 Oakcroft Road, Chessington KT9 1BD, UK VAT No 301449242 – Company Registration No 09182095 –  Registered in England and Wales. Logo is trademarked – IPO Trade Mark No: UK00003320013

For more information, please see our Contact Us page and/or the footer of this website.

 

Personal information

 

We do not collect any personal information about website users other than:

  • information provided by Users when completing forms on the website including but not limited to the contact and website registration form.
  • that facilitated by the use of “cookie” technology. “Cookies” are designed to enhance your online visit and permit you to access the full service within the website.

 

Correcting/Updating Personal Information

 

If a user’s personally identifiable information changes (such as your postcode) the User can update or remove that user’s personal data provided to us in the User’s personal profile page or by sending an email to info@xpluslondon.com.

 

Log Files

 

We use IP addresses to analyse trends, administer the site, track user’s movement, and gather broad demographic information for aggregate use.

 

Google Analytics

 

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies“, which are text files placed on your computer, to help the website analyze how Users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

 

Surveys & Contests

 

From time-to-time our site requests information from users via surveys or contests. Participation in these surveys or contests is completely voluntary and the user therefore has a choice whether or not to disclose any information requested. Information requested may include contact information (such as name and delivery address), and demographic information (such as postcode, age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the functionality of the site.

 

Security

 

This website takes every precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected both online and offline.

When our registration form asks users to enter information, that information is encrypted and is protected with the best encryption software in the industry – SSL. While on a secure page, such as the user profile page, the lock icon in the address bar of Web browsers such as Internet Explorer, Chrome and Firefox becomes locked, as opposed to un-locked or open, as will be the case for most of the time that a user is browsing the web.

If you have any questions about the security at our website, you can send an email to info@xpluslondon.com

 

Notification of Changes

 

If we decide to change our privacy policy, we will post those changes on this page so our users are always aware of the information we collect and how we use it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

If you register as a user of the website you will be asked for some basic information. Please note that registration is not required for all areas of the website, however we do encourage you to register in order to gain full access to the website content/information and online services. There are technological and operational security systems in place that provide protection for personally identifiable information from loss or misuse.

Where links are provided to other websites it should be noted that they are not and cannot be governed by our Privacy Statement. We cannot guarantee your privacy when you access other websites through any link provided on this  website.

 

Notices and Disclaimers

 

These disclaimers also extend the above rights to our website provider – see service agreement, terms and conditions.

 

Cookies

 

A cookie is a small text file written to your hard drive that contains information about you. Cookies do not contain any personal information about users.

The website provider uses cookies to personalise your experience of the Website. Most web browsers allow you to control how cookies are accepted by adjusting your web browsers settings. If you set up your browser to reject the cookie, you may still use the Website.

Services delivered via the website such as video or embedded content from external providers may also place cookies on your machine (computer).

By continuing to use this site you are deemed to be accepting the terms and conditions and consenting to the website placing cookies on your machine (computer) as set out in the Cookies information page.

 

What do we do with your information?

 

All information is stored within the European Economic Area (EEA) and complies with GDPR.

We will read your message and normally respond to you either via telephone or via email. We will use the basis of legitimate interest to send you further information that we think may be of benefit to you. Should you wish to unsubscribe you will find a link on any correspondence or email.

We will not use the information to make any automated decisions that might affect you.

 

Your rights over your information

 

By law, you can ask us what information we hold about you, you can see it, and you can ask us to correct it if it is inaccurate.

You can also ask for it to be erased and you can ask for us to give you a copy of the information.

You can also ask us to stop using your information at any time, either by clicking the unsubscribe link at the end of any email communication, or by emailing, writing or telephoning us using the contact details above.

 

Your right to complain

 

If you have a complaint about our use of your information, you can contact the Information Commissioner’s Office via their website at www.ico.org.uk/concerns or write to them at:

Studio 123, Trident Court
1 Oakcroft Road
Chessington
KT9 1BD,

 

GDPR

The General Data Protection Regulation (GDPR) is a Regulation of the European Union and, from 25 May 2018, it applies to all organisations that collect and process the personal data of EU citizens.

 

As a responsible, forward-looking business, Xplus London recognises at senior levels the need to comply with the GDPR and ensure that effective measures are in place to protect the personal data of our customers, employees and other stakeholders, and to ensure that it is processed lawfully, fairly and transparently.

Commitment to the security of personal data extends to senior levels of the organisation and is demonstrated through the relevant policies and the provision of appropriate resources to establish and develop effective data protection and information security controls.

As part of meeting our legal obligations, we have put in place a comprehensive programme to understand and validate our use of personal data and to confirm the lawful basis of our processing.

Further to this, we can confirm that:

  • A policy is in place for the protection of personal data within Xplus London which has been approved by management and communicated to all employees and other relevant people
  • All employees have received awareness training regarding data protection and the GDPR
  • Everyone understands their roles in the protection of personal data, and has received training where needed
  • We have identified the personal data we process.
  • For each occasion we process personal data, we have established the lawful basis of the processing under the GDPR
  • Where we have used the lawful basis of legitimate interest, we have conducted a documented balancing test to assess the benefits versus the impact on the data subject of the processing
  • In those cases where our processing is based on consent, we have taken steps to ensure clear, free consent has been given and is recorded, including consideration of parental consent for children
  • We have put in place a blended approach, using just in time privacy notices and a layered privacy policy, to ensure that the required privacy information is provided in clear language whenever we collect personal data
  • Tested procedures and online user facilities are in place to promptly process and fulfil data subject access requests, such as consent withdrawal, access and rectification
  • The length of time we keep personal data for, or the way we decide this, has been defined in each area of processing, and has been minimised
  • We are keeping records of processing as required by the GDPR
  • Where we are a controller, all of our contracts with processors have been updated to comply with the requirements of the GDPR
  • Where we act as a processor, we have contractually committed to complying with the requirements of the GDPR
  • All of our employees are subject to confidentiality obligations with respect to personal data.
  • Where we transfer personal data internationally, we have ensured that the transfer is legal under the GDPR
  • Where appropriate, a data protection impact assessment approach which is in line with the requirements and recommendations of the GDPR and relevant best practice, will be used
  • By default, we plan for data protection in new or changed services and systems, including minimising our use of personal data.
  • We have tested procedures in place to fulfil our obligations in the event of a breach of personal data, both as a controller and as a processor
  • We have policies and other controls in place to provide appropriate protection of personal data, based on a careful assessment of risk
  • We have appointed a Data Protection Officer whose contact details are as follows: info@xpluslondon.com

We will continue to develop and improve our data protection policies and controls over time, guided by legal requirements and the needs and preferences of our customers and partners.