Privacy Policy – Urgiz Ltd

Updated October 2022

This privacy policy describes our principles and approach to privacy, and we shall regularly review both the policy and the practices and procedures which are intended to ensure it is effective.

Terminology

Urgiz Ltd “Urgiz” or “we” or “company”

Introduction

Urgiz is a skilled, qualified and experienced provider of secure IT services to SMEs and organisations in the UK, Europe and around the world. At Urgiz, we consider that the privacy of all data we hold is fundamental to the continued success of the company.

Urgiz values its relationships with its clients, contacts and prospective clients and recognises that a failure to protect any of the data it holds would undermine those relationships, and we would fail to honour our obligations. Accordingly, Urgiz commits to implement this policy effectively and consistently.

 

Personal Information

Urgiz offers services to other businesses and these services are not targeted primarily toward individuals. As such, we do not intend to hold personal data for individuals other than our staff and stakeholders, and the contact details of our clients. An exception to this position shall be a marketing database for the promotion of our services.

In certain instances, Urgiz may hold personal data included amongst other business data which is stored on behalf of a client. In such a case, Urgiz may have no knowledge of this data and we do not index or search through client data in its unencrypted form. Such data shall be isolated and protected and not processed in any way and, finally, it shall be deleted at the cessation of provided service.

Contractual Requirements

Where Urgiz provides services to any client organisation or individual, we shall have a contractual requirement to hold relevant information about those services. Besides holding the official contact details of individuals acting for the client, the nature of the services being provided may include consequential processing of personal information. Urgiz shall store and process data for as long as we provide the client with services, followed by an appropriate retention period following the cessation of any services.

 

Marketing Communications

Urgiz may maintain a marketing database of professional individuals who have consented to our periodic correspondence. This database may include the name, telephone numbers, email address, professional relevance to us, and a record of the correspondence we have had with each person.

These individuals may ask to inspect their personal contact details, correct them or unsubscribe from our communications at any time. The email address of individuals wanting to unsubscribe may be retained so that we know that they should never be contacted again.

Children’s Data

Urgiz shall not intentionally store the personal information of children under the age of 13. Wherever the personal data of a child may be discovered, its discovery shall be acknowledged and all instances shall be deleted.

 

Website Data Collection

Urgiz follows common practices by analysing website visits, using cookies, and storing data about each session and the device used. This data is anonymous and not correlated with any personal information. The purpose of gathering this information is to improve the content and design of our website, and not to profile individuals or capture any personal information.

Where we may provide services on our website which require a login and personal identification information, the individual shall be advised that they are giving consent to our creating an individual account for them. The individual shall have the right to close their account with us and request all their data is deleted after a period of appropriate retention.

Information Security Measures

Urgiz operates an Information Security Programme to protect all the data it holds, including personal information. This means that there are technical controls in place to protect all computers and devices used to store, process and access confidential information, with additional access controls, staff training and regular reviews of these measures.

Encryption

Urgiz shall always encrypt the personal data it holds, both in transit and when at rest. Generally, wherever possible and appropriate, encryption techniques shall be deployed to avoid unnecessary risk; as a baseline, it shall be ensured that data is always encrypted across public networks and when stored on devices in the public realm.

Third Party Due Diligence

Urgiz uses technical services from external providers, including services on the internet, to make its operations more effective, for example – operating resilient systems on the Microsoft Azure cloud platform, or processing payments through an online payment provider such as PayPal. In such cases, we will conduct due diligence on the service provider to make sure their data protection measures are sufficient to protect the personal information they will hold on behalf of Urgiz.

 

Before using a service provider for data processing, Urgiz shall conduct a risk assessment of the vendor. A contract between Urgiz and each data processor shall provide the assurance that personal data is protected appropriately, and individual rights are respected.

Rights of the Individual

Individuals have a right to see any personal information that Urgiz may hold about them, and to ask that it is corrected if inaccurate, and even to ask that their personal information is deleted. Any person wishing to exercise these rights should make a formal written ‘subject access request’ to the address at the end of this policy.

In some circumstances, Urgiz may be obliged to keep records even after an individual has requested that it is deleted. However, this would be unusual and we would delete any such information as soon as our obligation has expired.

We cannot respond to requests for personal information made by email, because we cannot ensure the privacy of the communication, so requests of this type must be made by post.

No Sharing

Urgiz shall not share, disclose or move personal information to any other person or organisation.

If we find a good reason to work together with any other organisation in the future, we will let you know our plans and ask for your approval before sharing your information.

Where disclosure of personal data is required by a court of law, or other similar authority, we shall honour the law of the land.

Policy Change

Urgiz may change this Privacy Policy from time to time. This may be to improve clarity, communication, or to reflect changes we have made to our privacy practices.

The privacy policy is available on our website at https://urgiz.com/privacy-policy/

Questions

If you have any questions or feedback about this policy or your privacy, contact us by email privacy@urgiz.com or in writing at the following address:

Urgiz Ltd
Twining House
43-57 London Road
Twickenham
TW1 3SZ