(GDPR Compliant v1.5) Last updated 2020-12-10.
We are registered with the Information Commissioners Office, our registration number is Z3318791, this is renewed every year in August as an ongoing policy. Since initial registration, we have had ZERO complaints logged against Connected.
Connected is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement and for the purpose you specifically requested.
Connected may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
The legal basis for privacy in connection with our services is provided by the EU General Data Protection (GDPR) regulation and the upcoming ePrivacy regulation. from January 1st 2021, this changed to The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019
All data transmitted to and from our digital services are secured using SSL/TLS 1.0 encryption with the exception of email as there is no standardised method of encrypting email.
No digital service we use requires the compulsory use of email and you may opt-out of using email services to communicate with us.
There may be additional charges to cover our cost of you opting out of email (e.g. the cost of printing and sending invoices) or you may find it more acceptable to use anonymous email to protect your privacy.
Password and credit card information is held securely in LastPass Enterprise.
Fingerprinting and IP address logging
We do not store your IP address beyond the raw server logs that are required for the correct operation of our services. We do not fingerprint you in any way and do not mine the device and software that you use to access our services (such as browser and personal computer) for information that can lead to your identification. We do not obtain in any way and do not store any information about you that you do not provide to us explicitly. We do store some personally identifiable information as required for delivery of some of our services, as explained below.
Personally identifiable information (PII)
The only pieces of personally identifiable information (PII) that we will request to store is your email address and full name. We will never share your PII with a 3rd party without your explicit permission to provide you with access to that service. From January 1st 2021 we no longer process any PII belonging to residents of the EU, their data will be destroyed. Citizens of the UK will be protected by the 2018 DPA Act.
We don’t insist on you using a personal, work or verified email address for our services – the email address you use may be anonymised, generic, routed, or one-time use.
However, we make extensive use of third-party services with or on behalf of our clients that may require PII. These are listed below with links to their respective privacy policies:
- Zendesk, for managing support tickets and work flow.
- Slack, for communications.
- Skype, for communications. Ergo Microsoft, too.
- Penelope, for virtualised, in the cloud, inbound phone call management
- Google Hangouts, for communications.
- Basecamp, for project management.
- Quickbooks Online, for accounting purposes we hold personal information linked to employer and corporate details.
- Amazon AWS, for hosting & DNS services.
- WPEngine, for hosting.
- WordPress, for a digital services platform.
- Google Email, for the transmission, reception, and processing of email communication.
- LastPass, to store login, password, and other secure information that is required for us to provide you with services.
We are not responsible for the privacy policies of the third-party service providers but do check from time to time that our partners and suppliers are compliant with local privacy and data protection laws and that may include GDPR, ePrivacy, Privacy Shield, and Safe Harbor.
Non-personally identifiable information (n-PII)
Information is considered to be non-personally identifiable (n-PII) if it cannot be linked to you unless your email address or other personally-identifying information is provided with it. We collect and store the following (n-PII):
- A list of web pages and services you have visited to provide a history of usage.
- Your rating of a completed support ticket to allow independent auditing by Zendesk
- A searchable history of chat in Slack, Skype, and Hangouts to allow us to find useful information to help you in the provision of services.
- Passwords provided by you to access services on your behalf and with your permission.
- Credit card and other payment details, to enable us to process payments from you to us and third-party services.
- Your place of work to permit the filtering and display of custom content (e.g. so you can see all of your employer’s support tickets)
- Your order, payment, and accounting history to enable us to report on accounting metrics required for the operation of our business including management reporting, cash flow projection, creditworthiness, year-end reporting and invoice management.
- Your project history, including content, media, dates and times to allow us to effectively manage projects. Old project data is archived no later than 1 year after a project is deemed complete.
Transient email data
Some of our services can optionally involve the relaying of email to and from your correspondents. We do not normally manually inspect and do not store the content (message body and attachments) of the email messages. We do machine inspect and rewrite part of the email message to enable its inclusion into the digital service. Once the transmission of an email message through our servers is completed, no trace of it is left on our servers but the data may exist in a repurposed form on one of our digital services.
For authentication and tracking purposes we use so-called session cookies in all the digital services we provide. The data that is saved to your computer serves exclusively for anonymous web reporting and server resource management. It may, optionally and with your permission be used to simplify the processes of logging into our digital services. This cookie will not be used to compile a user profile.
We do not use any third-party tracking on our web-site, that includes Google, Facebook et al and we never use cross-site or cross-application tracking.
If you leave a comment on our site you may opt into saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year and are optional.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Compliance with court orders
We will obey a valid court order or subpoena if these require us to provide the information that we store to law enforcement authorities or a court of law. We will only do so upon legal scrutiny and confirmation of the validity of such a requirement in the country where we are deemed to provide digital services.
Updated December 2020