Privacy Policy

Last updated 11th February 2019

Introduction 

This privacy policy explains how Bristow Associates processes Personal Data when you purchase products or services from us, visit our website (at https://www.bristow-associates.co.uk ), communicate with us via email or telephone, or otherwise interact with us.

For the purpose of this privacy policy, Personal Data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (the “Personal Data”).

This privacy policy applies to Bristow Associates’ customers, employees, suppliers, partners, website visitors, and any Bristow Associates’ affiliates that control and make use of visitor information collected via this website. Unless specifically stated otherwise, we consider this website to be UK based.

This privacy policy is in keeping with, but not limited to, the EU General Data Protection Regulation (the “GDPR” 2016/679, effective 25th May 2018).

We encourage you to review our privacy policy from time to time to make sure you understand how we process your Personal Data and the choices you have with respect to such processing.

Data Controller 

Depending upon whether you are a customer of telecoms, information security or other technology consulting or management consultancy services; or whether you are a customer of property services (including being a residential tenant of ours); the data controller of the Personal Data we process about you will be Bristow Associates (UK) Limited, or Bristow Associates Property Limited (collectively referred to by this privacy policy as “Bristow Associates”, “we”, “us” or “our”).

Being the data controller means that Bristow Associates determines the processes to be used with your Personal Data.

Questions, Concerns & Our Contact Details

If you have any questions or concerns about this privacy policy, or if you would like to exercise any of your individual rights under the GDPR (see below, “Your individual rights”); then you may contact us:

1. by e-mail privacy@bristow-associates.co.uk; and/or
2. by telephone +44 (0) 1256 817 210 ; and/or
3. by writing to us at:

Bristow Associates (*)

Sherfield House

Mulfords Hill

Tadley

Hampshire

RG26 3JE

(*) Important: Any correspondence sent to the registered office MUST be addressed to the relevant data controller company name (see above, "Data Controller").

Our commitment to privacy

Privacy is important and Bristow Associates is committed to your right to privacy.

We comply with all applicable laws and regulations with respect to the protection of Personal Data and data security. We do not sell or rent your Personal Data to third parties.

Your ability to make informed choices about how we process your Personal Data is important to us. This privacy policy describes how you can make choices about how we use or otherwise process your Personal Data.

Types of data we collect and process 

We will only collect Personal Data that is necessary, proper and relevant for us to do business with you, or with the entity that you represent, including: your name, address, email address, telephone numbers, employment details, and other general contact details.

We also collect electronic data when you visit our website, including the IP address of the requesting computer, mobile device ID, type of browser, date and time of access, and activity on our website.

We collect no other Personal Data or information about you when you visit our website unless you choose to provide that Personal Data or information to us.

How we collect and process your data

We use I.T. systems including websites, e-mail and customer relationship management systems, for the provision of services to our customers (and potential customers), for which we process Personal Data.

We collect data about you in a variety of ways and this will usually start when we start a business transaction with you, whereby we will collect data from you directly.

When you visit our website the browser you use on your device automatically sends electronic information to the server of our website. We automatically collect electronic data without your intervention when you access, visit and use our website, by using cookies, pixels and local storage. For more details, see our Cookie Policy.

We may also receive Personal Data about our customers (including you) through indirect channels, from third parties that support us with specific processes, or that provide us with specific external services (the “Our Service Providers”) e.g. web hosting, information technology and communications, utilities, payment processing, product fulfilment, delivery services, professional services, recovery of unpaid bills, referencing agencies, direct mail and email distribution, marketing, records correction, and the provision of data analytics, insurance, audit, accountancy, legal and advisory services. Where this is necessary, we will inform you and seek your consent to proceed, unless applicable legislation means that such consent is not required. We combine this data with the other Personal Data we collect directly about you, to ensure that our records are accurate and up-to-date (the legal basis for this being your consent; and/or the performance of a contract between you and Bristow Associates; and/or our compliance with legal obligations under applicable law; and/or our legitimate interests in protecting and safeguarding our business, systems, infrastructure, premises, customers, employees and the public, but only under proportionate consideration that the interests, fundamental rights and freedoms of the data subject do not prevail over ours).

Why we collect and process your data

We will only collect and process your Personal Data where we are permitted by law, and for one or more of the following purposes:

• To provide you with information that you have requested (the legal basis for this being your consent);

• To provide you with information that we think may be relevant to a subject in which you, or with the entity that you represent, have demonstrated an interest (the legal basis for this being our legitimate interest in providing information about products and services that may be of interest to you, unless applicable law requires us to obtain your consent, in which case we will do so);

• To manage any communication between you and us; we may contact you directly or through Our Service Providers, including via e-mail, post, SMS/text messages and telephone calls; to initiate and complete business transactions with you, or the entity that you represent, for the purchase of products and/or services; and/or to fulfil a contract that we have entered into with you, or with the entity that you represent; including the processing required for pre-contractual actions (the legal basis for this being your consent and/or the performance of a contract between you and Bristow Associates);

• To comply with our legal obligations, including health, safety and consumer protection, taxation requirements, those related to the prevention of fraud and money laundering, and those required for you to benefit from rights recognised by law (the legal basis for this being our compliance with legal obligations under applicable law);

• For internal management purposes, including planning, resource allocation, policy development, quality improvement, monitoring, audit, evaluation and reporting, including analysing use of our website (the legal basis for this being our legitimate interest in understanding user needs and expectations, improving our selection of products and services for our customers, and exploring ways to develop and enhance our business, but only under proportionate consideration that the interests, fundamental rights and freedoms of the data subject do not prevail over ours); and

• To ensure the security and safe operation of our websites, I.T. systems and underlying business infrastructure; and to detect, investigate and prevent fraud and other illegal activities and protect against harm to the rights, property or safety of Bristow Associates and our customers, employees or the public (the legal basis for this being our legitimate interest in preventing fraud, and protecting and securing our systems, infrastructure, premises, customers, employees and the public, but only under proportionate consideration that the interests, fundamental rights and freedoms of the data subject do not prevail over ours).

Protection of your data

Personal data is kept in secure files or within our I.T. systems.

We will only use your Personal Data in the way that we have told you about, and we will ensure that;

• Your Personal Data is protected against accidental loss or disclosure, destruction and abuse while it is under our control (we have physical, administrative and technical security measures in place to ensure this);

• Your Personal Data is processed fairly, and that it will not be used for anything that you are not aware of or have consented to (as appropriate); 

• Your Personal Data is correct and up-to-date (as far as we can reasonably determine); and

• We will only keep your Personal Data for as long as we need it to do business with you, or the entity that you represent, and in accordance with any contractual requirements or legal obligations.

Our employees are committed by us to confidentiality and secrecy.

How long we keep your data

We will retain your Personal Data only for as long as necessary to achieve the purposes for which such data was collected, unless a longer retention period is required under applicable law.

For example, we need to keep records about our business transactions and contractual obligations. This is necessary for us to honour any guarantee or warranty obligations with our customers. If you want to raise a query or claim about a previous business transaction with us, then we need to be able to confirm what product or service was supplied to you, and when. Alternatively, you may want to ask us to provide details about our previous business transactions or contractual relationships, for the purposes of, such as but not limited to, audit, compliance or customer referencing activities.

We generally keep records about our customers, contracts and business transactions for a minimum of seven (7) years. In addition, when you consent to receive marketing communications from us, we will retain your email address and information about your marketing preferences, unless you opt out of receiving such communications (see below, “Your individual rights”).

Sharing your data

We do not sell or rent your Personal Data to third parties.

We do not share Personal Data about you with third parties, except as described in this privacy policy, and as follows:

• Our Service Providers: We share Personal Data with Our Service Providers that support us with specific processes, or that provide us with specific external services (e.g. web hosting, information technology and communications, utilities, payment processing, product fulfilment, delivery services, professional services, recovery of unpaid bills, referencing agencies, direct mail and email distribution, marketing, records correction, and the provision of data analytics, insurance, audit, accountancy, legal and advisory services). Please note that because some of Our Service Providers are located outside the UK, certain disclosures imply a cross-border transfer of your Personal Data as described by this privacy policy (see below, "Cross-border transfer of your Personal Data outside of the EEA").

• Third Party Service Providers: You may purchase products and services offered by us through third parties, such as agencies, integrators and other business and consumer services (the "Third Party Service"). If you purchase, apply for or request Third Party Services, information you provide will be shared with the third party offering the Third Party Service. In turn, information you provide to these third parties may be shared with us along with information about your use of the particular Third Party Service. We are not responsible for any information you provide directly to these third parties, and we encourage you to become familiar with their privacy policies and security practices before disclosing information to them.

• Legal Compliance: We also disclose Personal Data without your knowledge or consent when we are legally obliged, authorised or required to do so to comply with applicable law or legal process (including requests from authorities and courts), to respond to claims (including inquiries by you in connection with your business transactions with Bristow Associates, and our contractual relationships), and/or to safeguard and protect the rights and legitimate interests, property or personal safety of Bristow Associates, its customers, employees or other members of the public.

Disclosure of data

Personal data may be visible to Bristow Associates’ affiliates, companies and employees, to learn more about a business opportunity or customer in which they have a legitimate interest; whereby such Personal Data may be used for the purposes described in this privacy policy (see above, “Why we collect and process your data”). Unless specifically stated otherwise, we consider Bristow Associates’ affiliates, companies and employees to be based in the UK and EEA.

Cross-border transfer of your Personal Data outside of the EEA

In some cases, your Personal Data will be transferred to countries outside of the UK and European Economic Area (“EEA”). These transfers only take place if we have obtained your prior consent, or in compliance with applicable legislation when such consent is not required.

We share and transfer Personal Data to Our Service Providers, some of which are located outside of the UK and EEA; which implies a cross-border transfer of your Personal Data. This is done for the purposes of us being supported with specific processes, and/or for us being provided with specific external services, by Our Service Providers.

For example, Microsoft process Personal Data for us in various data centre locations, including those listed at https://azure.microsoft.com/en-us/global-infrastructure/regions/ .

Your individual rights

Subject to certain limitations and exceptions, the GDPR provides you with a number of legal, individual rights in relation to the processing of your Personal Data, including:

1. The right to be informed
2. The right of access
3. The right to rectification
4. The right to erasure
5. The right to restrict processing
6. The right to data portability
7. The right to object
8. Rights in relation to automated decision making and profiling

An explanation of these individual rights under the GDPR is available from the UK Information Commissioner’s Office, at: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

For example, when your Personal Data is processed for direct marketing purposes, you have the right to object to the processing.

To exercise any of these individual rights, or to complain about how we use your Personal Data, please email us at privacy@bristow-associates.co.uk. Alternatively, you can write to us or telephone us, using the contact details described in this privacy policy (see above, “Questions, Concerns & Our Contact Details”).

In addition, you have the right to lodge a complaint with the local data protection authority in your jurisdiction; or to lodge a complaint with our lead supervisory authority, the UK Information Commissioner’s Office. Their website (https://ico.org.uk) has details about how to contact the ICO; at: https://ico.org.uk/global/contact-us/.

Use of our website by children

We encourage parents to take an active interest in their children's use of the Internet. We do not intend to collect data from children or, in general, from individuals who are under 18 years of age. If you are under 18, you must not provide Personal Data through our website.

Changes to this privacy policy

We reserve the right to change this privacy policy from time to time. If we make changes, we will notify you by revising the date at the top of this policy; and if we make material changes, we will provide you with additional notice. We encourage you to review this Privacy Policy frequently to make sure you understand how your Personal Data will be processed and the choices available to you.