Privacy Policy

Thank you for choosing to be part of our community at MXFD IT Support & Infrastructure (‘we’, ‘our’, or ‘us’). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at support@mxfd.co.uk or via the helpdesk: https://mxfd.raiseaticket.com/support/#/newticket.

Introduction

This notice describes how we collect, store, transfer, and use personal data. It informs you about your privacy rights and how the law protects you.

In the context of the law and this notice, ‘personal data’ is information that clearly identifies you as an individual or which could be used to identify you if combined with other information. Acting in any way on personal data is referred to as ‘processing’.

This notice applies to personal data collected through our website and through social media platforms and online retail platforms, including [names of websites, e.g., Facebook, Instagram, Twitter, Etsy, eBay, and Amazon].

Except as set out below, we do not share, sell, or disclose to a third party any information collected through our website.

Data Protection Officer

We have appointed a Data Protection Officer (‘DPO’) who is responsible for ensuring that our privacy policy is followed. If you have any questions about how we process your personal data, including any requests to exercise your legal rights, please contact our DPO, Robert Maxfield, at Rob@mxfd.co.uk.

Personal data we process

1. How We Obtain Personal Data

The information we process about you includes information:

• You have directly provided to us
• That we gather from third-party databases and service providers
• As a result of monitoring how you use our website or our services

2. Types of Personal Data We Collect Directly

When you use our website, our services, or buy from us, we ask you to provide personal data. This can be categorized into the following groups:

• Personal identifiers: such as your first and last names, your title, and your date of birth
• Contact information: such as your email address, your telephone number, and your postal addresses for billing, delivery, and communication
• Account information: including your username and password
• Records of communication: including messages sent through our website, email messages, and telephone conversations
• Marketing preferences: that tell us what types of marketing you would like to receive

In addition, we may also process:

• An image that shows your face, such as a passport photograph
• Documentation that confirms the qualifications you advertise as holding
• Documentation that confirms your employment, such as recent payslips
• Documentation that confirms your address, such as a tenancy agreement or rental contract

3. Types of Personal Data We Collect from Third Parties

We confirm some of the information you provide to us directly using data from other sources. We also add to the information we hold about you, sometimes to remove the need for you to provide it to us and sometimes to assess the quality of the services you offer.

The additional information we collect can be categorized as follows:

• Information that confirms your identity
• Business information, including your business trading name and address, your company number (if incorporated), and your VAT number (if registered)
• Information that confirms your contact information
• Reviews and feedback about your business on other websites through which you sell your services
• Unsolicited complaints by other users

4. Types of Personal Data We Collect from Your Use of Our Services

By using our website and our services, we process:

• Your username and password and other information used to access our website and our services
• Information you contribute to our community, including reviews
• Your replies to polls and surveys
• Technical information about the hardware and software you use to access our website and use our services, including your Internet Protocol (IP) address, your browser type and version, and your device’s operating system
• Usage information, including the frequency you use our services, the pages of our website that you visit, whether you receive messages from us, and whether you reply to those messages
• Transaction information that includes the details of the products and services you have bought from us and payments made to us for those services
• Your preferences to receive marketing from us; how you wish to communicate with us; and responses and actions in relation to your use of our services

5. Our Use of Aggregated Information

We may aggregate anonymous information such as statistical or demographic data for any purpose. Anonymous information is that which does not identify you as an individual. Aggregated information may be derived from your personal data but is not considered as such in law because it does not reveal your identity.

For example, we may aggregate usage information to assess whether a feature of our website is useful.

However, if we combine or connect aggregated information with your personal data so that it can identify you in any way, we treat the combined information as personal data, and it will be used in accordance with this privacy notice.

6. Special Personal Data

Special personal data includes information about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health, and genetic and biometric data. It also includes information about criminal convictions and offences.

We do not collect any special personal data about you.

OR

We may collect special personal data about you if there is a lawful basis on which to do so.

7. If You Do Not Provide Personal Data We Need

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform that contract/service.

In that case, we may have to stop providing a service to you. If so, we will notify you of this at the time.

8. Information We Process Because We Have a Contractual Obligation with You

When you create an account on our website, buy a product or service from us, or otherwise agree to our terms and conditions, a contract is formed between you and us.

In order to carry out our obligations under that contract, we must process the information you give us. Some of this information may be personal data.

We may use it in order to:

• Verify your identity for security purposes when you use our services
• Sell products to you
• Provide you with our services
• Provide you with suggestions and advice on products, services, and how to obtain the most from using our website

We process this information on the basis that there is a contract between us, or that you have requested we use the information before we enter into a legal contract.

We shall continue to process this information until the contract between us ends or is terminated by either party under the terms of the contract.

9. Information We Process with Your Consent

Through certain actions when there is no contractual relationship between us, such as when you browse our website or ask us to provide you more information about our business, including job opportunities, products, and services, you provide your consent to us to process information that may be personal data.

Wherever possible, we aim to obtain your explicit consent to process this information. For example, we ask you to agree to our use of non-essential cookies when you access our website.

If you have given us explicit permission, we may from time to time pass your name and contact information to selected associates whom we consider may provide services or products you would find useful.

We continue to process your information on this basis until you withdraw your consent, or it can be reasonably assumed that your consent no longer exists.

You may withdraw your consent at any time by instructing us at Support@mxfd.co.uk. However, if you do so, you may not be able to use our website or our services further.

We aim to obtain and keep your consent to process your information. However, while we take your consent into account in decisions about whether or not to process your personal data, the withdrawal of your consent does not necessarily prevent us from continuing to process it. The law may allow us to continue to process your personal data, provided that there is another basis on which we may do so. For example, we may have a legal obligation to do so.

10. Information We Process for the Purposes of Legitimate Interests

We may process information on the basis that there is a legitimate interest, either to you or to us, in doing so.

Where we process your information on this basis, we do so after having given careful consideration to:

• Whether the same objective could be achieved through other means
• Whether processing (or not processing) might cause you harm
• Whether you would expect us to process your data, and whether you would, in the round, consider it reasonable to do so

For example, we may process your data on this basis for the purposes of:

• Improving our services
• Record-keeping for the proper and necessary administration of our organisation or business
• Responding to unsolicited communication from you to which we believe you would expect a response
• Preventing fraudulent use of our services
• Exercising our legal rights, including to detect and prevent fraud and to protect our intellectual property
• Insuring against or obtaining professional advice that is required to manage organisational or business risk
• Protecting your interests where we believe we have a duty to do so

11. Information We Process Because We Have a Legal Obligation

Sometimes, we must process your information in order to comply with a statutory obligation.

For example, we may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order.

This may include your personal data.

12. Information We Process to Protect Vital Interests

In circumstances where it is essential to process personal information to protect someone’s life, and consent cannot be obtained, we may rely on the basis of vital interests. This applies when other lawful bases are not suitable.

For instance, if we have a safeguarding concern about a vulnerable individual, we may notify relevant organizations.

How and When We Process Your Personal Data

13. Your Personal Data is Not Shared

We do not share or disclose any information collected through our website to third parties.

14. Information You Provide

Our website allows you to post information with the intention of it being read, copied, downloaded, or used by others.

For example, when you leave a review or post a message, we reasonably assume you consent for it to be seen by others. We may include your username with your message, which may contain personal data.

Other examples include:

• Tagging an image
• Clicking on an icon next to another visitor’s message to convey your agreement, disagreement, or thanks

When posting personal data, it is your responsibility to consider the privacy level of every person who might use it.

We do not specifically use this information except to allow it to be displayed or shared. However, we do store it and reserve the right to use it in the future in any way we decide.

We provide you with a public profile page, the information on which may be indexed by search engines or used by third parties. The information you provide on that profile page may be made available to the public.

Once your information enters the public domain, we have no control over what any third party may do with it. We accept no responsibility for their actions at any time.

If your request is reasonable and there is no legal basis for us to retain it, we may agree to delete personal data you have posted at our discretion. You can make a request by contacting us at Support@mxfd.co.uk.

15. Payment Information

N/A

16. Direct Debit Information

N/A

17. Job Application and Employment

N/A

18. Information Obtained from Third Parties

While we do not disclose your personal data to any third party (except as outlined in this notice), we sometimes receive data indirectly derived from your personal data from third parties whose services we use. This information is not personally identifiable to you.

19. Third-Party Advertising on Our Website

N/A

20. Credit Reference

To help combat fraud, we share information with credit reference agencies. This applies to clients or customers who instruct their credit card issuer to cancel a payment to us without first providing an acceptable reason and giving us the opportunity to refund their money.

21. Disputes Between Users

In the event of a dispute between you and another user, and with your consent, we may share your basic personal data, business information, and contact details with the other user. At our discretion, we may also share additional information to facilitate resolution through litigation or alternative dispute resolution methods.

22. Service Providers and Business Partners

We may share your personal data with businesses that provide services to us or with our business partners. For example:

• We may pass your payment information to our payment service provider to process payments.
• We may use fraud prevention and credit reference agencies to verify your identity and may share your information with these agencies if we strongly suspect fraud on our website.
• We may share your contact information with advertising agencies to promote our services to you.

23. Referral Partners

This information is provided by you in your capacity as an affiliate or referral partner. It allows us to recognize visitors you have referred to us and credit you with any commission due for such referrals. It also includes information necessary to transfer commission to you. This information is not used for any other purpose.

We are committed to preserving the confidentiality of this information and the terms of our relationship. We expect any affiliate or partner to reciprocate this policy.

24. Cookies

Cookies are small text files placed on your computer’s hard drive by your web browser when you visit a website. They store information gathered on one web page for use at a later time.

Cookies are commonly used to provide a personalized browsing experience, such as remembering your preferences. They also offer core functionalities like security, network management, and accessibility. Additionally, cookies record how you interact with the website, helping the owner improve the experience for other visitors, and serve advertisements relevant to your browsing history.

Some cookies last for a specific period, such as a single session, one day, or until you close your browser. Others remain until you delete them

Your web browser should allow you to delete any cookie you choose and to prevent or limit their use. It may also support plug-ins or add-ons to help you manage which cookies you wish to allow.

The law requires explicit consent for the use of any cookies that are not strictly necessary for the operation of a website.

When you first visit our website, we ask whether you wish to use cookies. If you choose not to accept them, we will not use them during your visit, except to record that you have not consented to their use for any other purpose.

If you choose not to use cookies or prevent their use through your browser settings, you may not be able to use all the functionality of our website.

We use cookies in the following ways:

• To track how you use our website
• To record whether you have seen specific messages displayed on our website
• To keep you signed in to our website
• To record your answers to surveys and questionnaires while you complete them
• To record the conversation thread during a live chat with our support team

25. Personal Identifiers from Your Browsing Activity

Requests made by your web browser to our servers for web pages and other content on our website are recorded. We collect information such as your geographical location, Internet service provider, and IP address. Additionally, we record details about the software you use to browse our website, including the type of computer or device and screen resolution.

We use this information in aggregate to assess the popularity of our web pages and to improve our content delivery. If combined with other information we know about you from previous visits, this data could potentially be used to identify you personally, even if you are not signed in to our website.

26. Re-marketing

Re-marketing involves placing tracking technologies such as cookies or web beacons (also known as action tags or single-pixel GIFs) to track the pages you visit and serve you relevant advertisements for our services when you visit other websites.

The benefit of re-marketing technology is that we can provide you with more useful and relevant adverts, avoiding repetition of ads you may have already seen.

We may use third-party advertising services to provide re-marketing services. If you have consented to our use of such tracking technologies, you may see advertisements for our products and services on other websites.

We do not provide your personal data to advertisers or third-party re-marketing service providers. However, if you are a member of a website affiliated with such services, that affiliated business may learn of your preferences in relation to your use of our website.

27. Your Rights

The law requires us to inform you about your rights and our obligations regarding the processing and control of your personal data. For detailed information, please visit Know Your Privacy Rights.

28. Use of Our Services by Children

We do not sell products or provide services for purchase by children, nor do we market to children.

Certain areas of our website are designed for use by children over [15] years of age. These areas include [description or name of areas designed for children].

If you are under 18, you may use our website only with consent from a parent or guardian.

We collect data about all users and visitors to these areas regardless of age, and we anticipate that some of those users and visitors will be children.

29. Encryption of Data Sent Between Us

We use Secure Sockets Layer (SSL) certificates to verify our identity to your browser and to encrypt any data you provide.

Whenever information is transferred between us, you can check that it is done using SSL by looking for a closed padlock symbol or other trust mark in your browser’s URL bar or toolbar.

30. Delivery of Services Using Third-Party Communication Software

With your consent, we may communicate using software provided by third parties such as Facebook (WhatsApp, Instagram), Apple (FaceTime), Microsoft (Skype), Zoom Video Communications (Zoom), or AnyDesk Software GmbH (AnyDesk).

These communication methods should secure your personal data using encryption and other technologies. The providers of such software are expected to comply with all applicable privacy laws, rules, and regulations, including the GDPR.

If you have any concerns about using a particular software for communication, please let us know.

31. Data May Be Processed Outside the UK

Our websites are hosted in the UK.

We may also use outsourced services in countries outside the UK from time to time for various aspects of our business. Consequently, data obtained within the UK or any other country could be processed outside the UK.

We use the following safeguards for data transferred outside the UK:

• The processor is within the same corporate group as our business or organization and abides by the same binding corporate rules regarding data processing.
• The data protection clauses in our contracts with data processors include transfer clauses written by or approved by a supervisory authority.
• We comply with a code of conduct approved by a supervisory authority.
• We are certified under an approved certification mechanism as provided for in the Act.
• Both our organization and the processor are public authorities with either a legally binding agreement or administrative arrangements approved by a supervisory authority relating to the protection of your information.

32. Control Over Your Own Information

It is important that the personal data we hold about you is accurate and up to date. Please inform us if your personal data changes.

You may contact us at any time to request the personal data we hold about you.

You can review or update personally identifiable information we hold about you by signing into your account on our website.

To obtain a copy of any information not provided on our website, please contact us to make that request.

When we receive a request to access, edit, or delete personal data, we first take reasonable steps to verify your identity before granting access or taking any action. This is important to safeguard your information.

Please be aware that we are not legally obliged to provide you with all personal data we hold about you. If we do provide information, the law allows us to charge a fee if doing so incurs costs for us. After receiving your request, we will inform you when we expect to provide the information and whether a fee is required.

If you wish us to remove personally identifiable information from our website, please contact us to make your request. This may limit the service we can provide to you.

We remind you that we are not legally obliged to delete your personal data or stop processing it simply because you do not consent. While your consent is an important consideration, if there is another legitimate basis for processing your data, we may do so on that basis.

33. Communicating with Us

When you contact us by telephone, through our website, or by email, we collect the data you provide to respond with the information you need.

We record your request and our reply to improve the efficiency of our [business/organization].

We do not retain any personally identifiable information associated with your message, such as your name or email address.

OR

We may retain personally identifiable information associated with your message, such as your name and email address, to track our communications with you and provide a high-quality service.

34. Complaining

If you are unhappy with our privacy policy or have any complaints, please let us know.

Email: Support@mxfd.co.uk

When we receive a complaint, we record the information you provide based on your consent. We use this information to resolve your complaint.

We aim to investigate all complaints related to user-generated content. However, we may not be able to do so immediately. If we believe it is justified or legally required, we may remove the content while we investigate.

Making a complaint may not result in the removal of the content. Ultimately, we must balance your rights against those of the person who posted the content.

If we consider your complaint to be vexatious or without basis, we will not correspond further on the matter.

If your complaint reasonably requires us to notify another person, we may share some of the information contained in your complaint with them. This is done infrequently and at our sole discretion.

We may compile statistics from complaints to assess our service level, but not in a way that identifies you or any other person.

If a dispute is not resolved, we hope you will agree to engage in good faith with us in mediation or arbitration.

If you are dissatisfied with how we process your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ICO Complaint. However, we would appreciate the opportunity to address your concerns before you approach the ICO.

35. Retention Period

Except as otherwise mentioned in this privacy notice, we retain your personal data only for as long as necessary:

• To provide you with the services you have requested
• To comply with legal obligations, including the period required by tax authorities
• To support a claim or defense in court

36. Compliance with the Law

Our privacy policy complies with the laws of the United Kingdom, specifically the Data Protection Act 2018 (the ‘Act’), incorporating the EU General Data Protection Regulation (‘GDPR’) and the Privacy and Electronic Communications Regulations (‘PECR’).

37. Review of This Privacy Policy

We will update this privacy notice as necessary.

Back to top

Anti-Slavery Policy

1. Policy statement

 

1.1. Modern slavery is a crime and a violation of fundamental human rights. It takes various forms, such as slavery, servitude, forced and compulsory labour and human trafficking, all of which have in common the deprivation of a person's liberty by another in order to exploit them for personal or commercial gain. We have a zero-tolerance approach to modern slavery, and we are committed to acting ethically and with integrity in all our business dealings and relationships and to implementing and enforcing effective systems and controls to ensure modern slavery is not taking place anywhere in our own business or in any of our supply chains.

 

1.2. We are also committed to ensuring there is transparency in our own business and in our approach to tackling modern slavery throughout our supply chains, consistent with our disclosure obligations under the Modern Slavery Act. We expect the same high standards from all of our contractors, suppliers and other business partners, and as part of our contracting processes, we include specific prohibitions against the use of forced, compulsory or trafficked labour, or anyone held in slavery or servitude, whether adults or children, and we expect that our suppliers will hold their own suppliers to the same high standards.

 

1.3. This policy applies to all persons working for us or on our behalf in any capacity, including employees at all levels, directors, and workers. third-party representatives and business partners.

 

1.4. This policy does not form part of any employee's contract of employment, and we may amend it at any time. 

 

 

2. Responsibility for the policy

2.1. The business owner has overall responsibility for ensuring this policy complies with our legal and ethical obligations, and that all those under our control comply with it.

 

2.2. Our Service Delivery Managers have primary and day-to-day responsibility for implementing this policy, monitoring its use and effectiveness, dealing with any queries about it, and auditing internal control systems and procedures to ensure they are effective in countering modern slavery. 

 

2.3. Management at all levels are responsible for ensuring those reporting to them understand and comply with this policy and are given adequate and regular training on it and the issue of modern slavery in supply chains.

 

2.4. Employees are invited to comment on this policy and suggest ways in which it might be improved. Comments, suggestions and queries are encouraged and should be addressed to the compliance manager.

 

 

3. Compliance with the policy

3.1. All employees must read, understand and comply with this policy.

 

3.2. The prevention, detection and reporting of modern slavery in any part of the business or supply chains is the responsibility of all those working for MXFD IT SUPPORT & INFRASTRUCTURE or under its control. Employees are required to avoid any activity that might lead to, or suggest, a breach of this policy.

 

3.3. Employees must notify their manager as soon as possible if they believe or suspect that a conflict with this policy has occurred or may occur in the future. 

 

3.4. Employees are encouraged to raise concerns about any issue or suspicion of modern slavery in any parts of our business or supply chains of any supplier tier at the earliest possible stage. 

 

3.5. Employees should note that where appropriate, and with the welfare and safety of local workers as a priority, MXFD IT SUPPORT & INFRASTRUCTURE will give support and guidance to our suppliers to help them address coercive, abusive and exploitative work practices in their own business and supply chains.

 

3.6. If an employee is unsure about whether a particular act, the treatment of workers more generally, or their working conditions within any tier of our supply chains constitutes any of the various forms of modern slavery, raise it with your manager. 

 

3.7. MXFD IT Support & Infrastructure aims to encourage openness and will support anyone who raises genuine concerns in good faith under this policy, even if they turn out to be mistaken. We are committed to ensuring no one suffers any detrimental treatment as a result of reporting in good faith their suspicion that modern slavery of whatever form is or may be taking place in any part of our own business or in any of our supply chains. Detrimental treatment includes dismissal, disciplinary action, threats, or other unfavourable treatment connected with raising a concern. If an employee believes that they have suffered any such treatment, they should report this immediately. 

 

 

4. Communication and awareness of this policy

4.1. Training on this policy, and on the risk our business faces from modern slavery in its supply chains, is available and will form part of the induction process for all individuals.

 

4.2. We have a zero-tolerance approach to modern slavery must be communicated to all suppliers, contractors and business partners at the outset of the business relationship with them and reinforced as appropriate thereafter.

 

5. Breaches of this policy

 

5.1. Any employee who breaches this policy will face disciplinary action, which could result in dismissal for misconduct or gross misconduct.

 

5.2. We may terminate our relationship with other individuals and organisations working on our behalf if they breach this policy.

Last updated – 24/09/24

Back to top