Crescendo Website

Privacy & Data Protection Policy 2019

by Crescendo Systems Ltd

Crescendo Systems understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy and protection of everyone who is a client of Crescendo or who visits this website, https://www.crescendosystems.co.uk and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

Please read this Privacy and Data Protection Policy carefully and ensure that you understand it.

1. Information About Crescendo Systems

Crescendo Systems, a Limited Company registered in England under company number 4944050.

Registered & Trading address: Unit 1, Fiveways Business Centre, Aspen Way, Feltham, TW13 7AQ.

VAT number: GB 825 7570 10.

Data Protection Officer: Office Manager.

Email address: admin@crescendosystems.co.uk.

Telephone number: 01932 789433.

Postal address: Unit 1, Fiveways Business Centre, Aspen Way, Feltham, TW13 7AQ.

We are regulated by the Information Commissioners Office.

2. What Does This Policy Cover?

This Privacy & Data Protection Policy applies Crescendo’s collection and use of client and webusers personal data. Our site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

3. What Is Personal Data?

Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

4. What Are Your Rights?

Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:

  • The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details in Part 11.
  • The right to access the personal data we hold about you. Part 11 will tell you how to do this.
  • The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 11 to find out more.
  • The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold. Please contact us using the details in Part 11 to find out more.
  • The right to restrict (i.e. prevent) the processing of your personal data.
  • The right to object to us using your personal data for a particular purpose or purposes.
  • The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
  • The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
  • Rights relating to automated decision-making and profiling .We do not use your personal data in this way.

For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 11.

It is important that your personal data is kept accurate and up-to-date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data. This can be especially important to stay informed about company and software updates.

Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first, using the details in Part 11.

5. How And What Data Is Collected And How Is It Used?

Crescendo will always be ensure that data is collected in an appropriate manner.

Under the Data Protection Legislation, we must always have a lawful basis for using personal data

With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email or telephone or text message or post with information, news, and offers on our products and/or services. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the Data Protection Legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out.] We will always obtain your express opt-in consent before sharing your personal data with third parties for marketing purposes and you will be able to opt-out at any time.

We will only use your personal data for the purpose(s) for which it was originally collected unless or reasonably believe that another purpose is compatible with that or those original purpose(s) and need to use your personal data for that purpose. If we use your personal data in this way and you wish us to explain how the new purpose is compatible with the original, please contact us using the details in Part 11.

If we need to use your personal data for a purpose that is unrelated to, or incompatible with, the purpose(s) for which it was originally collected, we will inform you and explain the legal basis which allows us to do so.

In some circumstances, where permitted or required by law, we may process your personal data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.

    5a. Data Collection/Use If You Are A Client

As a client, it is vital that we have personal information for Sales, IT and Accounts contact for each company, this could be 3 different contacts or just 1 dependant on the organisation structure.

The below is the personal data that we would hold:

  • Name
  • Email
  • Contact number
  • Company name
  • Work address

The reasons for the personal data used and how it is collected:

All personal data is collected at the beginning of a contract with Crescendo – this personal data should be updated whenever there is a change. The personal data is required to keep clients informed of:

  • Company/software updates
  • Invoices
  • Changes to a contract
  • Latest product developments and occasionally promotions – clients can ‘unsubscribe’ from these

    5b. Data Collection/Use If You Are Using Our Site

Depending upon your use of our Site, We may collect and hold some or all of the personal (and non-personal) data set out below, using the methods also set out below. We do not collect any ‘special category’ or ‘sensitive’ personal data or personal data relating to children or data relating to criminal convictions and/or offences.

The below is the only form of data collected on our site either via a contact request form, brochure download form or live chat:

  • Name
  • Email
  • Contact number
  • Company name
  • Postal code
  • Users journey around website (see cookie policy for more information)

The reasons for personal data collected on the website and how it is used:

  • Use requesting more information – this data is then used by the sales team to contact the user to offer the information required
  • Logging a support call – this data is then used by the support team to contact the user to offer the support required
  • How Long Do We Keep Your Personal Data?

6. How Long Do We Keep Your Personal Data?

We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. Your personal data will therefore be kept for the following periods (or, where there is no fixed period, the following factors will be used to determine how long it is kept):

Type of Data

How Long We Keep It

Client data – contact names, emails, contact numbers etc

Retention will be as long as the client is active, if a contact changes their data is immediately removed from the system. Where a client does not stay in contract with Crescendo personal contact data is removed after 6 months to allow time for data to be requested by the user or if a reverse decision is made.  

Website user data – names, emails, postal code, company name, live chat scripts etc

Website user data is removed within 30-days of the data being gathered if contact is not made – where contact is made if the user wants contact to be continued data will remain stored.

7. How Do We Protect Your Personal Data

The following lays out the measures to be taken by all employees of Crescendo and by the Company as a whole in order to protect your data (electronic and otherwise) collected, held, and processed.

    A. Secure Processing

The Company shall ensure that all personal data collected, held, and processed is kept secure and protected against unauthorised or unlawful processing and against accidental loss, destruction, or damage.

All technical and organisational measures taken to protect personal data shall be regularly reviewed and evaluated to ensure their ongoing effectiveness and the continued security of personal data.

Data security must be maintained at all times by protecting the confidentiality, integrity, and availability of all personal data as follows:

  • security on website as per required by the Information Commissioners Office for when initially collecting personal data online
  • only those with a genuine need to access and use personal data and who are authorised to do so may access and use it
  • personal data must be accurate and suitable for the purpose or purposes for which it is collected, held, and processed
  • authorised users must always be able to access the personal data as required for the authorised purpose or purposes
  • all data must be held in a secure location which is protected from outsider threats

    B. Accountability & Record Keeping

  • The Data Protection Officer is responsible for administering this Policy and for developing and implementing any applicable related policies, procedures, and/or guidelines.
  • Crescendo shall follow a privacy by design approach at all times when collecting, holding, and processing personal data. Data Protection Impact Assessments shall be conducted if any processing presents a significant risk to the rights and freedoms of data subjects.
  • All employees, agents, contractors, or other parties working on behalf of the Crescendo shall be given appropriate training in data protection and privacy, addressing the relevant aspects of Data Protection Law, this Policy, and all other applicable Company policies.
  • The Company’s data protection compliance shall be regularly reviewed and evaluated by means of Data Protection Audits.
  • The Company shall keep written internal records of all personal data collection, holding, and processing, which shall incorporate the following:
    1. the name and details of the Company, its Data Protection Officer, and any applicable third-party data transfers (including data processors and other data controllers with whom personal data is shared);
    2. the purposes for which the Company collects, holds, and processes personal data;
    3. the Company’s legal basis or bases (including, but not limited to, consent, the mechanism(s) for obtaining such consent, and records of such consent) for collecting, holding, and processing personal data;
    4. details of the categories of personal data collected, held, and processed by the Company, and the categories of data subject to which that personal data relates;
    5. details of any transfers of personal data to non-EEA countries including all mechanisms and security safeguards;
    6. details of how long personal data will be retained by the Company (please refer to the Company’s Data Retention Policy);
    7. details of personal data storage, including location(s); and
    8. detailed descriptions of all technical and organisational measures taken by the Company to ensure the security of personal data.
  • procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the Information Commissioner’s Office where we are legally required to do so

8. Do We Share Your Personal Data?

We will not share any of your personal data with any third parties for any purposes, subject to the following exception[s].

If we sell, transfer, or merge parts of our business or assets, your personal data may be transferred to a third party. Any new owner of our business may continue to use your personal data in the same way(s) that we have used it, as specified in this Privacy & Data Protection Policy.

In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

We may sometimes contract with the following third parties to supply certain products or services.

Recipient

Activity Carried Out

Sector

Location

Nuance UK.

Activating a licence for a client.

Speech Recognition.

UK.

If any of your personal data is shared with a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law, as described above in Part 8.

If any personal data is transferred outside of the EEA, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the Data Protection Legislation, as explained above in Part 8.

If we sell, transfer, or merge parts of our business or assets, your personal data may be transferred to a third party. Any new owner of our business may continue to use your personal data in the same way(s) that we have used it, as specified in this Privacy Policy.

In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

9. Can You Withhold Information?

    A. as a client contact

For every client organisation, we require minimal personal data for contacts in Sales, IT and Accounts. If you are not comfortable with being a contact point or us holding your personal data an alternative will need to be provided.

    B. when using our website

You may access our full website without providing any personal data at all. Some brochures may require a form completion to view, these do have data collection opt-in’s as for us not to keep your information. Cookies are used and without permission for us to use these you will not be able to use our site.

10. How Can I Access My Personal Data?

If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.

All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 11.

There is a £20.00 administration fee for a subject access request. This fee is required to be paid each time a request is made.

We will respond to your subject access request within 30 days. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.

11. How To Contact Us?

To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details: for the attention of the Office Manager.  

Email address: admin@crescendosystems.co.uk.

Telephone number: 01932 789433.

Postal Address: Unit 1, Fiveways Business Centre, Aspen Way, Feltham, TW13 7AQ.

12. Changes to this Privacy and Data Protection Policy

We may change this Privacy and Data Protection Policy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

Any changes will be immediately posted on our Site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of our Site following the alterations. We recommend that you check this page regularly to keep up-to-date. This Privacy Policy was last updated on 13th August 2019.

will you join us?

See our products in action with a free live demonstration. Request here

This website uses cookies to ensure you get the best experience on our website. See our cookie policy here.