Who we are: Epos Direct are a leading provider of Retail and Hospitality solutions. We act as the data controller for our customers, employees and partners.
For the purposes of the Data Protection Act 2018 and the General Data Protection Regulations and any other applicable data protection and privacy laws and regulations ("Data Protection Legislation"), Epos Direct is the data controller for all Personal Information we determine the means and purpose of processing.
Our registration with the ICO and all of our data protection practices are aimed at ensuring we provide all of the protection required under Data Protection Legislation to Your Personal Information. This Privacy Notice is designed to inform you how we do that in a clear and concise fashion. If you have any questions about our data handling practices or require assistance in understanding this notice, please contact us via the details given in the "how you can contact us" section below.
What personal data do we collect from or about you: We may collect Personal Information about you in the following circumstances to enable us to provide you with the services we offer.
Using our Website
Whilst you can use the Website without giving out your personal data, once you contact us via the Website or upload user information, we collect information about you, which may include:
- Your name;
- Email address; and
- Telephone numbers (including mobile).
We may also collect technical information about you when you visit the Website. This information may include
- the Internet protocol (IP) address used to connect your computer to the Internet;
- your browser type and version;
- time zone setting; and
- operating system and platform, and browser plug-in types and versions
Information about your visit(s) to the Website may also be collected. The collected information is used to provide an overview of how people are accessing and using the Website. It is not used for any additional purpose, such as to profile those who access the Website.
When you have registered interest in our services
If you have provided your request for further information about our services to one of our trusted partners, we will (with your permission) receive sufficient personal information about you to allow us to contact you and reply to your enquiry, such as:
- Your name;
- email address;
- business or home address;
- telephone number; and
- Social Handles
You always have the right to opt-out of receiving marketing information from us at any time. If you have chosen to subscribe to our marketing information we will collect the minimum contact information required to provide you with our newsletter, offers and updates including:
- Your name;
- email address; and
- telephone number
When you purchase our products or services
We may need to collect and use your personal information to create an account for the business requesting our services. This will always be collected directly from you and may include:
- Your name;
- Postal address;
- Invoicing details/address;
- Information regarding the services you request;
- Supplementary information you provide us about yourself when contacting us;
- Email address; and
- Telephone numbers (including mobile).
Contacting our customer support
During your customer support we may collect the following information from you:
- Account Number;
- Your name;
- Work contact details (email address and telephone number);
- Professional information (business role and responsibilities); and
- Information regarding the services you request.
as well as any additional information you choose to volunteer to us. We will only retain the information required to provide you with the support you request.
Where a remote service is provided to resolve a service issue, we will record the session for internal use only. The recordings are used for quality and training purposes.
If you fail to provide us with Personal Information: You always reserve the right to withhold your personal information but this may affect how we provide our services
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
What do we do with the information we collect: We will only ever use your personal information when allowed to by law and always under a documented lawful basis for processing.
We may use your personal information:
- to assess your suitability for any particular service;
- to create an account for our services;
- to manage service cases as and when they arise;
- to process order requests for our services;
- to process repeat payments for services you have purchased;
- to give you information that you request from us and to improve our services;
- to notify you about changes to our services;
- to allow us to operate the Website efficiently;
- any relevant troubleshooting, testing or statistical analysis as appropriate; and
- to keep the Website secure.
We may, where we have obtained your express permission, also use the information collected to:
- provide you with information about our services that we offer via promotional emails;
- keep you up to date with features on the Website; and
- permit selected third parties to provide you with information about goods or services they feel may interest you (a list of such third parties are available on request).
You are not under any obligations to opt-in to any marketing communications and You can opt-out of any of these data uses at any time by emailing email@example.com. We will only keep your information for as long as reasonably required.
Lawful basis of Processing: we always ensure that a Lawful basis exists for all of the Personal Information we process on our websites.
We will only process your information for as long as we have a relevant lawful basis to do so. This is usually in order to provide you with the contractual services you have requested from us or if you have provided us with adequate consent to process your information for other purposes.
If we choose to process your information under the lawful basis of legitimate interests, we will always inform you of our legitimate business interest and your right to object.
If you choose to access your Personal Information under the rights afforded to you by Data Protection legislation, we will always inform you of the lawful basis under which we process your information.
How do we protect your personal data: We take our security obligations very seriously and constantly monitor for breaches and potential weaknesses.
When we collect information about you, we also make sure that your information is protected from unauthorised access, loss, manipulation, falsification, destruction or unauthorised disclosure. This is done through appropriate technical measures. We use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorise access to Personal Information only for those employees who require it to fulfil their job responsibilities.
However, you should be aware that providing information over the internet can never be guaranteed as being completely safe and if you choose to send such information to us via the internet, you do so at your own risk.
Transfer of data outside of the EU: If we are required to store or process your data outside of the European Economic Area
We shall not transfer any Personal Information to any country outside of the European Economic Area unless we ensure that such Personal Information is subject to an adequate level of protection and appropriate legal safeguards in accordance with Data Protection Legislation. If you wish to access your Personal Information, we will inform you of the transfers we make (if any) and the legal safeguards we have employed to ensure the ongoing security and protection of your data.
Sharing your information with others: If and when we share your data, we always do so under a written agreement governing how your data must be protected
- we may use carefully selected processors or sub-processors to help us collect, store or manage your information. This will always be managed under the terms of a written data processing agreement.
- analytics and search engine providers that assist us in the improvement and optimisation of the Website; and
- if we are acquired by a third party, in which case Personal Information held by us about its customers will be one of the transferred assets. We process your Personal Information for this purpose because we have a legitimate interest to ensure our business can be continued by the buyer. If you object to our use of your Personal Information in this way, the relevant seller or buyer of our business may not be able to provide services to you.
Access to your Personal Information: Our obligations under Data protection Law and your options to control your Personal Information
You have rights in relation to any Personal Information that we hold about you. If you wish to access your Personal Information you may make a formal subject access request by contacting us.
The information you request must relate to you or another person that you have authority to act on their behalf. We will require a confirmation of your ID prior to providing any information about the data we hold. If you are unable to provide sufficient information to prove your ID, We reserve the right to refuse your request for access to Personal Information.
The rights you have in relation to the Personal Information we hold regarding you are:
- the right to rectify any inaccuracies in the information we hold;
- the right to erasure of information in specific circumstances;
- the right to request transfer of your information to another controller; and
- the right to object to or restrict processing in specified circumstances.
If you have provided us with consent to process your information, you always reserve the right to withdraw this consent via the method detailed in the paragraph below. We are committed to ensuring that your wishes are respected and upon notification that you wish to withdraw your consent, we will immediately cease processing the information in question.
You can withdraw Your consent or access any information we hold on your behalf by contacting us at firstname.lastname@example.org We will always process your request within one month.
Please check this notice from time to time to ensure you are aware of any updates we may have made to our Personal Information handling practices. The date of the changes will be listed in the 'Last updated' section below. We will endeavour to notify all of our current clients of any updates to this notice via email and we will post the relevant announcement on our website homepage.
We recommend that you print a copy of this page for your reference.
How can you make a complaint?
In compliance with the Privacy Shield Principles, We are committed to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact (your organization name) at: email@example.com
- the requirement for your organization to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements
- your organization’s liability in cases of onward transfers to third parties
How can you contact us?
A4, Digital Park,
Last updated June 2020