Privacy Policy

This document was last updated May 22, 2018.
Effective from May 25, 2018.

Overview
1. Terms and Conditions
2. Consent
User Data
Security
Third party
1. Sharing and disclosure of data
Email
1. Newsletter and Marketing Emails
2. Email tracking
Compliance
1. EU General Data Protection Regulation
2. Children’s Online Privacy Protection Act Compliance
Privacy policy changes
Contact details

1. Overview

DYSC place the utmost value in your data protection rights. Therefore, we ensure that our technical and organisational measures in place keep your rights protected.

This Privacy Policy describes how we manage, process and store personal data submitted in the context of providing our services.

By accessing or using our Services, you agree to the terms of this Privacy Policy.

1.1. Terms and Conditions

Our terms and conditions are documented in the “terms and conditions” section of our website; listing all our disclaimers and liabilities. You can find it using the link: https://dysc.co.uk/terms-conditions

In subscribing to our services or filling in a contact form on our website (dysc.co.uk)or other sites owned by DYSC, you agree and accept that we may gather, process, store and/or use the personal data submitted in accordance with the rules set forth below.

By giving your consent to us, you also retain the right to have any personal data rectified, to be forgotten and/ or to be erased.

2. User Data

2.1 Data DYSC Collects

If you are a visitor to the Website or a DYSC client who registers or signs into on of our services on our websites, we may obtain the following types of information from you or concerning your computer or device, which may include information that can itself be used to identify and/or contact you.

Name
Email address
Phone number
Website name and URL
User session information (log in time and length)
Financial information such as credit card or bank account numbers in connection with a transaction
Additional information we are required by applicable law to collect
Any information you supply related to the product/service you are using

DYSC may also receive certain information that may be provided by your browser or mobile device, including:

Pages accessed
Time of visit
Time of last visit
Name of the owner of the IP address
Reverse domain of the IP address
Referring site, application or service, including the relevant search queries that les you to our website
Browser information
Operating system information
Device information (mobile operating system, screen size, etc.)
Demographic information (country, county, postcode, street address, etc.)

2.2. Sites Hosted with DYSC

DYSC obtains basic information regarding activities of visitors our Client’s websites hosted with us. This information is for the purpose of detecting and preventing fraud and unauthorized system access, and ensuring the security of your systems. This includes:

Pages accessed
Time of last visit
IP address

2.3. Cookies

A cookie is a small piece of information in the form of a text file, sent by a web server and stored on the computer of a visitor to a website. It can then be read back later by the web server or web browser when required. The use of cookies is a convenient way of allowing a computer to remember specific information relating to a website.

We only use session cookies. We use these cookies in three ways;

To collect web site usage information via Google Analytics
User Session

Google Analytics

We use cookies to collect web site usage information via Google Analytics.

The data collected related to each specific visit to the website. The information gathered includes the duration of the visit, the path taken between pages, the type of computer that is being used and the approximate location of the visitor.

Google Analytics does not collect any personal information such as a user’s name or email address.

How is the data used?

Data collected by the Google Analytics service is stored in the United States and non-personally identifiable information may be used by Google and its partners (for further details visit www.google.com/analytics/terms/gb.html).

User Session

We use cookies to keep track of the information you supply to us from one page to another. For example if you initiate a chat with us on our website we use a non-personally identifiable key to allow the chat information to be shown from page to page. User session cookies are not used to collect any personal information such as usernames or email addresses.

Managing Cookies

If you do not want to use cookies with our website then please leave and clear your cookies from your browser.

The documentation for your web browser (usually accessible from the ‘Help’ menu) will provide you with instruction on how to manage cookies, but you can also find out more from http://cookiesandyou.com/.

2.4. How we use your data?

Any of the information we collect from you may be used in any or all the following ways:

To provide you use of and access to our Website and the Services
To operate, improve and personalise our Website and the services
To give you access to your account information, provide you with customer service or customer support and to contact you to resolve disputes, collect fees, and troubleshoot problems with your account
To send emails using the email address you provided for us to contact you regarding inquiries, and/or other requests or questions
To process payment transactions
To comply with the law, enforce our Website policies, prevent, detect, and investigate fraud, security breaches, potentially prohibited or illegal activities and to protect ours or others’ rights, property, or safety.

2.5. Data Retention Periods

DYSC collects your personal data for the requirements of carrying out its contractual obligations as well as information about how and when you use our services and we retain this data in active databases, log files or other types of files so long as you use our service, and in accordance with the current regulations in force.

We retain data for no longer than 6 years after the service with you ends. After 6 years, all data subject to this status will be erased from all systems.

2.6. How to access your information

In accordance with the EU General Data Protection Regulation (GDPR) and the Data Protection Act, you have a right of access, correction and removal of your personal data which you may exercise by contacting us here. Your requests will be processed within 30 days. We may require that your request be accompanied by a photocopy of proof of identity or authority.

You are also able at any time to modify personal data by contacting us using the link above.

2.7. Testimonials

DYSC publishes a list of Customers and Testimonials on its site with information on our customer’s names and job titles. DYSC undertakes to obtain the authorisation of every customer before publishing any testimonial on its website.

2.8. Feedback and reviews

Certain features of the Website may enable you to submit communications, suggestions, ideas, comments, questions, or other information to us. This data is submitted to us at your own discretion. When you submit Feedback and Reviews, you give consent to our collection, use and disclosure of such information in any manner.

3. Security

Within the framework of its services, DYSC attributes the very highest importance to the security and integrity of its customer’s personal data.

In accordance with GDPR, DYSC undertakes to take all precautions to preserve the security of its data and to protect them against any accidental or unlawful destruction, accidental loss, corruption, unauthorised circulation or access as well as against any other form of unlawful processing or disclose to unauthorised persons.

To avoid unauthorised access, to guarantee accuracy and the proper use of our data, DYSC has put the appropriate electronic, physical and managerial procedures in place with a view to safeguarding and preserving the data gathered through its services.

3.1. Servers

Our primary server is hosted on the Microsoft Azure Network in London with certification to ISO27001:2013, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as other country-specific standards, for information about azure network security see: https://azure.microsoft.com/en-gb/overview/trusted-cloud/.

We use the services through Azure such as user access management, restricted IP Access, encription, logging and regular reviews to maintain an excellect standard of security

3.2. Encryption

All business documentation and client information is stored within on our encripted database and any files/emails are also encripted using googles gsuite. We perform regular security checks of our systems reinforce practices with staff to keep all computers and devices locked and password protected always.

We secure all web domains both public and internal using HTTPS.

3.3. Access

Client data is only accessible by those who need to access it in their work, for example, IT department. All staff contracts have a clause on confidentiality.

3.4. Data Breach

In the event of a breach of security, DYSC will directly inform those affected without undue delay, no later than 72 hours after having become aware of it.

3.5. External websites links

We may display links to third party websites. Please note that we cannot control and cannot be held responsible for the privacy policies of such websites. You should always read the privacy policy of a website to find out more about how personal information is collected and processed.

4. Third party

We may engage third-party companies service providers or business partners to process our data and to support our business. These include for example Microsoft for Hosting, payment processors such as Stripe and Google for our email/documentation

A list of our third-party service providers can be requested via privacy@dysc.co.uk

DYSC do not share or disclose information to third parties by default. The only exceptions are as follows:

Data may be disclosed to third-parties if instructed to do so by the user, or by user consent
Legal obligations such as regulations, legal processes and laws
Third-party services used by us to process our data such as server and hosting providers, payment processors and clod document storage (see section 4 above)

5. Email

DYSC emails users of our services to give details of projects and services. We may also reach out with updates/changes on our service or privacy policy.

An unsubscribe link should be included in every newsletter and marketing email sent to you from DYSC.

5.2. Email tracking

Without systematically doing so, we may analyse and track the click rates and the number of emails sent to and from you. This data is used for business intelligence to improve our service.

6. Compliance

DYSC abides by all acts and regulations that relate to providing its services.

DYSC operates from within the EU. We do our utmost to be fully compliant with the EU General Data Protection Regulation.

6.2. Children’s Online Privacy Protection Act Compliance

We follow the requirements of COPPA (Children’s Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years of age or older

7. Privacy policy changes

DYSC reserves the right to update this Privacy Policy at any time, in particular, pursuant to any changes made to the laws and regulations in force. Changes to our Privacy Policy will be posted here and communicated to our clients via email, to the extent possible, thirty (30) days at least before any changes come into force.

This policy was last modified on May 22, 2018.

8. Contact details

For all general questions you can contact us via our live chat, email address or using the link below.

DYSC IT Solutions
Regents Pavilion
4 Summerhouse road,
Northampton,
NN3 6BJ
admin@dysc.co.uk

For all questions regarding this Privacy Policy you can contact us via
privacy@dysc.co.uk