| Policy review: | April 2025 | |
| Reviewed by: | Nick Rutter (Director) | |
| Next Review: | April 2026 |
Introduction
Nicom IT Services Ltd is a computer repair and network support company. The aim of this document is to ensure that clients understand what data we store on them and for what purpose,
What we store
We store data on current, past and future clients. The data we store is limited to.
- Names, first and last
- Phone Numbers, landline and mobiles
- Addresses
- Email Address
- Passwords (Only whilst we are actively working for a client)
- Email / Account information (Only whilst we are actively working for a client)
Any data that we hold on to regularly customers who have an agreement with us will be kept either securely with a password, if there was a reason to keep a paper copy, this will be kept in a locked filing cabinet/cupboard.
All our client data is secured by a password, as well as two factor authentication and is accessible from a computer onsite that are also password protected
Stored data is used primarily for contact with the client. From time to time, we may contact the client to follow up jobs or sales.
Website
We never collect any information from visitors to our websites. We have a contact form that emails the information of enquiries, none of this is stored elsewhere other than in the email that gets sent. Our booking form does store the information you provide and inputs it into our ticket system. You have the right to request that any of these details are removed. Please note that this could make it difficult to contact you in future for warranties etc.
Mailing lists
We have a list of client’s email addresses on our mailing list, they are all given the opportunity to opt out of these lists at any time.
Company Data
As part of our ongoing work with supporting companies with their IT. We may hold passwords to help speed up the IT Support. These are stored within a system that is password protected and has two factor authentication. You can request that these details are removed at any point, with the understanding that this may slow down future support requests.
Password Policy
We have a policy that we follow. Copies of this can be requested by emailing info@nicomit.co.uk
Data retention
Some jobs require us to backup data onto one of the Nicom IT Services Hard disks. With the sole purpose of restoration, either onto a new Hard drive or other media. For the purpose of client wellbeing, we store these backups for a maximum of 30 days. After this time, they will be wiped securely from the device on which they are held. Customers can request immediate deletion of this data and therefore agree if data is missing, they are liable.
Any data that is stored by Nicom IT Services will be stored on a password protected device and will be always kept securely when not in use.
The client will be asked to sign when booking in if we intend on copying data. They will need to give consent for us to transfer their data. The client will also be given the opportunity to say no to any data retention.
Client Data
Some jobs require us to remove broken hard drives from client’s devices, although we will always offer the faulty equipment back to the client, we are usually left with it. Hard drives/memory pens and CD’s should be securely destroyed either by.
- Physical destruction
- Secure wiping (with certificate of destruction from a certified destruction company)
Disks will be stored for 1 month before destruction to ensure that any data loss is kept to a minimum.
If hardware if given to us with the intention of Nicom IT Services reusing it or for disposal. The disks will be securely wiped using software that will pass through the disk no less than 10 times.
To keep our client’s data safe, Nicom IT Services Ltd agrees to change its passwords every 180 days.
CCTV
Nicom IT Services Ltd records 24-hour CCTV in its stores for the sole purpose of crime prevention. The recordings will never be release, unless to an authorised authority such as local authorities (Police) or our insurance company. CCTV will never be shared or used for entertainment purposes.
Legal Requirements
- Registration
Nicom IT Services must be registered as a Data Controller on the Data Protection Register held by the Information Commissioner. http://ico.org.uk/for_organisations/data_protection/registration
- Information for Data Subjects
In order to comply with the fair processing requirements of the DPA, Nicom IT Services will inform clients of the data they collect, process and hold on them, the purposes for which the data is held and any the third parties that might hold data on them. This privacy notice will available on the website at www.nicomit.co.uk/privacynotice.pdf and in paper format from their store.
For any queries relating to this or FOI requests please contact the DPO who is Nick Rutter on info@nicomit.co.uk