Privacy Policy

(GDPR Compliant v1.4) Last updated 2019-03-19.

This privacy policy sets out how Connected-uk.com LLP [Connected] uses and protects any information that you give Connected when you use this website or any of our digital services.

This Privacy Policy applies to all of the products, services, websites, and digital services offered by Connected-uk.com LLP or its subsidiaries or affiliated companies. It is intended to provide a clear, transparent, and GDPR compliant privacy policy.

We are registered with the Information Commissioners Office, our registration number is Z3318791, this is renewed every year in August as an ongoing policy. Since initial registration, we have had ZERO complaints logged against Connected.

We may post product-specific privacy notices to explain our products in more detail but these never supersede this privacy policy unless specifically requested and agreed to by you.

If you have any questions about this Privacy Policy, please feel free to contact us.

Connected is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement and for the purpose you specifically requested.

Connected may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

This policy is effective from 4th September 2017, last changed on 4th September 2017 and supersedes our previous privacy policy dated 1st February 2012 (updated on 24th October 2013).

The legal basis for privacy in connection with our services is provided by the EU General Data Protection (GDPR) regulation and the upcoming ePrivacy regulation.

This privacy policy will be updated from time to time to reflect the changes in our service and product offering or in applicable laws.

Data security

All data transmitted to and from our digital services are secured using SSL/TLS 1.0 encryption with the exception of email as there is no standardised method of encrypting email.

No digital service we use requires the compulsory use of email and you may opt out of using email services to communicate with us.

There may be additional charges to cover our cost of you opting out of email (e.g. the cost of printing and sending invoices) or you may find it more acceptable to use anonymous email to protect your privacy.

Password and credit card information is held securely in LastPass Enterprise.

Data minimization

We aim to never collect or store any information that is not required for the delivery of the services to which you subscribe. Any information that we do collect is and will always be explicitly accounted for in this Privacy policy.

Fingerprinting and IP address logging

We do not store your IP address beyond the raw server logs that are required for the correct operation of our services. We do not fingerprint you in any way and do not mine the device and software that you use to access our services (such as browser and personal computer) for information that can lead to your identification. We do not obtain in any way and do not store any information about you that you do not provide to us explicitly. We do store some personally identifiable information as required for delivery of some of our services, as explained below.

Personally identifiable information (PII)

The only pieces of personally identifiable information (PII) that we will request to store is your email address and full name. We will never share your PII with a 3rd party without your explicit permission to provide you with access to that service.

We don’t insist on you using a personal, work or verified email address for our services – the email address you use may be anonymised, generic, routed, or one-time use.

However, we make extensive use of third-party services with or on behalf of our clients that may require PII. These are listed alphabetically below with links to their respective privacy policies:

• Zendesk, for managing support tickets and work flow.
• Slack, for communications.
• Skype, for communications. Ergo Microsoft, too.
• Twitter DM, for client support and communications
• Penelope, for virtualised, in the cloud, inbound phone call management
• Google Hangouts, for communications.
• Basecamp, for project management.
• Quickbooks Online, for accounting purposes we hold personal information linked to employer and corporate details.
• Amazon AWS, for hosting & DNS services.
• HubSpot, for client relationship management, outbound email communications and website conversion tracking.
• WPEngine, for hosting.
• WordPress, for a digital services platform.
• Google Email, for the transmission, reception, and processing of email communication.
• LastPass, to store login, password, and other secure information that is required for us to provide you with services.

We are not responsible for the privacy policies of the third-party service providers but do check from time to time that our partners and suppliers are compliant with local privacy and data protection laws and that may include GDPR, ePrivacy, Privacy Shield, and Safe Harbor.

Non-personally identifiable information (n-PII)

Information is considered to be non-personally identifiable (n-PII) if it cannot be linked to you unless your email address or other personally identifying information is provided with it. We collect and store the following (n-PII):

• A list of web pages and services you have visited to provide a history of usage.
• Your rating of a completed support ticket to allow independent auditing by Zendesk
• A searchable history of chat in Slack, Skype, and Hangouts to allow us to find useful information to help you in the provision of services.
• Passwords provided by you to access services on your behalf and with your permission.
• Credit card and other payment details, to enable us to process payments from you to us and third-party services.
• Your place of work to permit the filtering and display of custom content (e.g. so you can see all of your employer’s support tickets)
• Your order, payment, and accounting history to enable us to report on accounting metrics required for the operation of our business including management reporting, cash flow projection, credit worthiness, year-end reporting and invoice management.
• Your project history, including content, media, dates and times to allow us to effectively manage projects. Old project data is archived no later than 1 year after a project is deemed complete.

Transient email data

Some of our services can optionally involve the relaying of email to and from your correspondents. We do not normally manually inspect and do not store the content (message body and attachments) of the email messages. We do machine inspect and rewrite part of the email message to enable its inclusion into the digital service. Once the transmission of an email message through our servers is completed, no trace of it is left on our servers but the data may exist in a repurposed form on one of our digital services.

Cookies

For authentication and tracking purposes we use so-called session cookies in all the digital services we provide. The data that is saved to your computer serves exclusively for anonymous web reporting and server resource management. It may, optionally and with your permission be used to simplify the processes of logging into our digital services. This cookie will not be used to compile a user profile.

Third-party services as listed above will store and use cookies in a variety of ways and means. Please familiarise yourself with the relevant cookie usage rules and opt-outs available for each of the services you use.

Compliance with court orders

We will obey a valid court order or subpoena if these require us to provide the information that we store to law enforcement authorities or a court of law. We will only do so upon legal scrutiny and confirmation of the validity of such requirement in the country where we are deemed to provide digital services.