Overview

Hexagon Computers Ltd trading as Hexagon IT and Hexagoncloud (“We”, “Us” or “Our”) take the security of personal information and your privacy seriously. With regard to information that you share with us, we make every effort to ensure to its recorded accurately, retained securely and used only according to your wishes.
We protect your personal information and adhere to all current data protection act legislation with respect to protecting privacy. We do not give out, sell or trade our mailing list data with external organisations. We comply with the Data Protection Act 1998, the Privacy and Electronic Communications Regulations (PECR) and the new General Data Protection Regulations (GDPR) 2018.

Information we collect

We collect personal data that you may volunteer as part of the registration process to receive further information, request a call back or for us to carry out contracted services. Personal information we collect may include:
– Your full name, email, phone number, employer, employer address
– In line with many other websites, we automatically gather information to help us improve our websites including IP address, browser type, internet service provider, pages visited, , entering/exit page, operating system, date/time stamp

We will also collect and hold information about any contact you have with us and may include details of:
– Contact preferences
– Details of correspondence sent to you, or received from you
– Any other information provided by yourself

When we ask you to provide your personal information we will let you know why we are asking and how we will use your data by directing you towards this notice

How we use the information we collect

Depending on your relationship with us and the preferences you have indicated, data we hold may be used to send you promotional and marketing information by post, telephone or electronic means.

These types of communications can include:
– Informing you of our services, events and offers
– News and updates about us, Cyber Security, IT and networks
– Other relevant communications based upon your relationship with us

Accessing and Changing Your Personal Information

We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate. If you wish to exercise any of your rights as listed below, please write to us at privacy@hexagon-it.co.uk.

– Access to your personal information
– Objection to processing of your personal information
– Objection to automated decision-making and profiling
– Restriction of processing of your personal information
– Your personal data portability
– Rectification of your personal information
– Erasure of your personal information

If you make a request relating to any of the rights listed above, we will consider each request in accordance with the General Data Protection Regulations. We will acknowledge the request with 72 hours and then a response will be provided within 30 days. Upon successful verification of your identity you are entitled to obtain the following information about how your personal information is processed.

– The purposes of the collection, processing, use and storage of your personal data
– The categories of personal data stored about you
– The use of any automated decision-making and/or profiling

You can make the above request by emailing us at: privacy@hexagon-it.co.uk, or writing to Hexagon Computers Ltd Hamilton House, The Marlowes, Hemel Hempstead HP11BB

Security

We use strict procedures and advanced security features to ensure processing is carried out in accordance with Article 5 (f) of the GDPR and to prevent unauthorised access. We will process, disclose or share your personal data only if required to do so by law.

ISO27001:2013

Once a year we are audited for compliance to ISO27001:2013 by an accredited third party certification body, providing independent validation that applicable security controls are in place and operating effectively. As part of this compliance verification process, the auditors validate in their statement of applicability that our in-scope services and commercial technical support services have incorporated ISO 27001 control. To remain compliant, we must be subject to annual third-party reviews.

ISO27018

We are adopting the ISO27018 code of practice for cloud privacy.

Third Party Links

You might find links to third parties (e.g. external organisations and suppliers) on our Website. These websites should have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them. In cases when we use external websites provided by other organisations such as Twitter, Instagram, YouTube or Facebook, then we would ask you to consult their privacy policies.

Google Analytics

When someone visits our websites, we use Google Analytics to collect statistical data and details of visitor patterns which tell us which parts of our website visitors use most often. This is processed in a way that does not identify individuals. We do not make any attempts to find out the identities of individuals visiting our websites.

Customer Service

Based on the information you provide to us, we may contact you via telephone or email to provide information requested, services requested and to manage your account.

Newsletters and Promotions

You may opt-in to receive newsletters and promotions or these may be sent as part of the service we provide to you. These will be sent by email. We will use your name and email address to communicate with you. You can unsubscribe and stop receiving these emails at any time by clicking the unsubscribe link on each email.

Change of Control / Asset Transfer

As the Company develops, we may buy other businesses or their assets or sell all or parts of our business assets. Customer information is generally one of the business assets involved in such transactions. Thus, in the event that the assets of the Company in whole or in parts are acquired by a third-party, customer information, including any visitor information collected through the Site or the Service, would be one of the transferred assets. In the event of a corporate change in control or sale of all or parts of our business assets our users will be notified in accordance with the “Changes to this Policy” section of the policy if their personal information is provided to the new corporate entity or asset purchaser.

This Privacy notice was last updated: May 2018.