Privacy and data retention policy
Last Updated: 22nd November 2021
Bluecube’s core service offerings include IT support services and computing platforms for companies to facilitate their IT needs whilst they remain the administrator and controller of their own IT environment and data.
We take personal data security seriously and take care to ensure that the infrastructure and platforms we provide, and the employees supporting you, follow best practices of data security, which are certified to ISO 27001 standards.
Bluecube is a Data Processor in this arrangement and will report any personal data breaches directly to its clients without undue delay and within a target of 24 hours from discovery. We will work with our clients to resolve any underlying technological issues.
Our clients, as Data Controllers in this arrangement, retain full control of their data, and associated policies.
What information do we collect?
Registration: If you contact us from our website, we will collect your name, email, company name and address, and other details relevant to your enquiry.
Your use of the site: we will record which services you are interested in and monitor traffic patterns and site use.
By filling out an enquiry, you are consenting to allow us to contact you directly about your enquiry.
Please tell us immediately if you wish for your data to be removed or if any of your personal details (name, address etc.) change, so that we can ensure our records are up to date. This data will be kept for a maximum of 90 days, following resolution to your enquiry.
Lighthouse registered users
Registration: On registration within Lighthouse you will be prompted to enter your name, email address, company name, address, and other details relevant to facilitate the support of our clients’ IT support queries.
As a registered user of Lighthouse, you can choose to access, modify or remove your account or the data held at any time.
What we do with the information we collect
We will use the information to: Identify users of our services, Profess any orders or requests, Enable us to provide you with a better service, Allow us to contact you with information relating to Bluecube.
We may monitor your use of our website in order to identify customer preference and track the volume of traffic on particular pages.
Lighthouse registered users
We will use the information to: Contact the end user in relation to any support request or service query, Profess any orders or requests, Enable us to provide you with a better service, Allow us to gather feedback on our service (to include metric reporting).
Bluecube shall only use your personal data to send you services information, newsletters and other marketing material via email if you have provided your prior and explicit consent hereto, unless applicable legislation allows us to contact you without such consent.
If you want to withdraw your permission for receiving marketing communications from Bluecube, you can do that by: Using the ‘unsubscribe facility’ in the email communication itself; Emailing us on our web page at firstname.lastname@example.org; or Contacting us using the phone number or email address at the bottom of this page
Disclosure of your information
We will not sell, trade, or rent information about you to others. We may pass the information to other companies associated with Bluecube but only in the capacity of fulfilling the contractual service that our clients have signed up to. As we continue to develop our business, we might sell or buy assets. In such transactions, the information we have collected about you will generally be one of the transferred business assets. In addition, in the unlikely event that Bluecube or its assets are acquired, this information will of course be one of the transferred assets.
Bluecube uses third party suppliers in the provision of some services. Where possible end users are administrators of their own data where we use a supplier relationship, such as Office 365. This means data retention and access policies can be determined by our clients.
In the instances where there is not direct access available to the client then data is automatically removed as part of our data retention policies. Please see our data retention policy below for more information.
Transferring your information overseas
We will not transfer your information outside the European Economic Area.
What about cookies?
You have a right to access the personal data that is held about you. To obtain a copy of the personal information Bluecube holds about you, you should write to us at the following address: Bluecube Technology Solutions Ltd, Norfolk House, 106 Saxon Gate West, Milton Keynes, MK9 2DN, United Kingdom. Please include contact details, since we will need to confirm your identity.
As required by the Data Protection Act 1998 “the Act”, the General Data Protection Regulation (GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003, we follow strict security procedures and take appropriate measures to prevent unauthorised access, and to ensure that the information about you is not damaged, destroyed, or disclosed to a third party without your permission. This means that we may require you to co-operate with our security checks before we can disclose information to you. For the purpose of the Act, the Data Controller is Bluecube Technology Solutions Ltd, Norfolk House, 106 Saxon Gate West, Milton Keynes, MK9 2DN, United Kingdom.
This website and its content is copyright of Bluecube Technology Solutions Ltd © Bluecube Technology Solutions Ltd 2016. All rights reserved. Any redistribution or reproduction of part or all of the contents in any form is prohibited other than the following:
You may print or download to a local hard disk extracts for your personal and non-commercial use only. You may copy the content to individual third parties for their personal use, but only if you acknowledge the website as the source of the material. 'Bluecube Technology Solutions Ltd' and 'Bluecube' are trading styles of Bluecube Technology Solutions Ltd whose registered address is Bluecube Technology Solutions Ltd, Norfolk House, 106 Saxon Gate West, Milton Keynes, MK9 2DN, United Kingdom. Bluecube Technology Solutions Ltd. is registered in England and Wales number 04709978, our VAT registration number is GB 813 1794 37.
Our data backups are retained for 90 days.
Backup data is encrypted and not accessible unless a restoration is required. Hence removal of personal data from data backups may be unreasonable and the risk of a personal data Breach negligible.
Confidentiality & Information/Data security
Bluecube shall keep and shall procure that any technicians supplied to the Client shall keep in strictest confidence details of programs and systems to which the programs belong and the affairs of the Client, or of the Clients customers which may come to their knowledge during the course of providing services hereunder. This undertaking does not relate to information or details which are already known to Bluecube; which is or becomes public knowledge; or which is disclosed to Bluecube by a third party in breach of any duty of confidentially owed to the Client.
Bluecube Technology Solutions Ltd.
Norfolk House, 106 Saxon Gate West, Milton Keynes, MK9 2DN, United Kingdom
Data retention policy
Last Updated: 31st July 2019
This policy details the procedures for data retention and disposal of personal data about Bluecube employees and the context in which it is used. It applies to all employees and to anyone else working for the company.
Unless otherwise specified the retention and disposal policy refers to both hard and soft (electronic) copy documents.
The guidelines in this document are used to ensure the retention of business information for as long as it is needed. It takes account of the context in which Bluecube operates including the legal and regulatory environment.
The primary factors that inform decisions on retention are: Their value to the company as a source of information about the individual; Business need - as agreed by the Executive Team. Legislative and regulatory requirements – for example compliance with the Fifth data protection principle.
Personal data records will be disposed of in line with the data retention schedule. Records can be destroyed in the following ways: Hard copies will be shredded Electronic copies will be hard deleted
Where data has been shared or utilises a third party, it will be the responsibility of Bluecube to ensure that the third party removes data in line with the retention and destruction timeframes.
Where there are complex constraints preventing destruction of data in line with the established timeframes these must be audited on a case-by-case basis to determine if the rights of the individual are put at risk by the delay. Should there be a potential risk to the individual then they must be notified along with the ICO.