Who we are


Our website address is: https://www.ebizsystems.co.uk.

At EBIZ Systems, we are committed to maintaining the trust and confidence of our customers and suppliers. We understand that we have a responsibility to protect and respect your privacy and look after your personal data.

This Privacy Notice, inclusive of the above General Terms and Conditions, explains what personal data we collect, how we use your personal data, reasons we may need to disclose your personal data to others and how we store your personal data securely.

For clarity, EBIZ Systems may be both data controller and data processor for your personal data under certain circumstances.


HOW DOES THE LAW PROTECT YOU?

Data protection laws state that we are only able to process personal data if we have valid reasons to do so. The basis for processing your personal data includes, but is not limited to, your consent, performance of a contract, to enable billing and remittance, and to contact you for customer service purposes. Information held and processed for employees will be used for our management and administrative use only.

 

HOW DO WE COLLECT PERSONAL DATA FROM YOU?

Customers & Contacts:
We receive information about you when you use our website, complete forms on our website, if you contact us by phone, email, live-chat or otherwise in respect of any of our products and services or during the purchasing of any such product. Additionally, we also collect information from you when you sign up, enter a competition, promotion or survey or when you inform us of any other matter.

If you provide us with personal data about a third party (for example when placing an order on their behalf), you warrant that you have obtained the express consent from the third party for the disclosure and use of their personal data.

Your personal data may be automatically collected when you use our services, including but not limited to, your IP address, device-specific information, location information and unique application numbers.

Employees & Applicants:
We receive information about you during the recruitment process and/or when employing you. Additionally, we also collect information from and/or about you during your employment at EBIZ Systems.

Much of the information we hold will have been provided by you, but some may come from other internal sources, such as your manager, or in some cases, external sources, such as referees.

If you provide us with personal data about a third party (for example when giving us details of next of kin or emergency contact details), you warrant that you have obtained the express consent from the third party for the disclosure and use of their personal data.

 

WHAT TYPE OF DATA DO WE COLLECT FROM YOU?

Customers & Contacts:
The personal data that we may collect from you includes your name, address, email address, contact numbers, payment information and IP addresses. We may also keep details of your visits to our site including, but not limited to traffic data, location data, weblogs and other communication data. We also retain records of your queries and correspondence, in the event you contact us.

When someone visits our website/s we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

When you use our Guest Wi-Fi we may collect data about you such as:
• Your device.
• The volume of data which you use.
• The websites and applications which you access.
• Your usage by access time, frequency and location.

When sending our electronic mailshots, we use a third-party provider, emarsys, to deliver our newsletter. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. For more information, please see emarsys’ privacy notice at https://www.emarsys.com/en-uk/. You can unsubscribe to general mailings at any time of the day or night by clicking the unsubscribe link at the bottom of any of our emails or by emailing us at info [at] ebizsystems [dot] co [dot] uk.

Employees & Applicants:
The personal data that we may collect and store about you includes the following. For clarity, we have separated these into the lawful reasons for storing and/or processing this data.

Where processing is required for the performance of your contract:
• Your Name (including previous surname if applicable), address, email address and contact numbers.
• Information needed for payroll, for example your PAYE reference number, NI Number, tax code and marital status.
• Information needed to pay you, for example your pay rate bank details.
• Information required for pensions, student loans benefits and expenses purposes.
• Your contract of employment and any amendments to it.
• Correspondence with or about you, for example letters to you about a pay rise or, at your request, a letter to your mortgage company confirming your salary.

Where processing is required for legal compliance:
• Records of hours worked, holiday, sickness and other absence.
• Information needed for equal opportunities monitoring for example your gender.
• Records relating to your career history, such as start date, training records, appraisals, other performance measures and, where appropriate, disciplinary and grievance records.
• Information needed for health and safety and occupational health obligations.
• Safeguarding information including your date of birth.
• Driving licence.
• Passport.
• Information regarding your right to work including your nationality.

Where processing is required to protect your vital interests:
• Next of kin details.
• Emergency contact details.
• Your GP’s name, address and telephone numbers.

Where processing is necessary for the purposes of the legitimate interests pursued by EBIZ Systems or a third party:
• Job application letters and CV’s
• References
• Location Data (i.e. from electronic devices)
• Your photograph.

 

HOW DO WE USE YOUR DATA?

Customers & Contacts:
We store and use information about you in the following ways:
• To process orders that you have submitted to us.
• To provide you with products and services.
• To comply with the contractual obligations we have with you.
• To help us identify you and any accounts you hold with us.
• To enable us to review, develop and improve our products and services.
• To provide customer care, including responding to your requests if you contact us with a query.
• To administer accounts, process payments and keep track of billing and payments.
• To detect fraud and to make sure what you have told us is correct.
• To carry out marketing and statistical analysis.
• To review job applications.
• To notify you about changes to our products and services.
• To provide you with information about products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
• To inform you of service and price changes.

We may process your personal information for carefully considered and specific purposes which are in our interests and enable us to enhance the services we provide but which we believe will also benefit our existing customers. For example, as stated in the Privacy and Electronic Communications Regulations it is reasonable to allow the use of e-mail contact details within the context of an existing customer relationship for the offering of similar products or services.

If in the future we intend to process your personal data for a purpose other than that which it was collected we will provide you with information on that purpose and any other relevant information.

Employees & Applicants:
We store and use information about you in the following ways:
• To run the business and manage our relationship with you effectively, lawfully and appropriately.
• During the recruitment process.
• Whilst you are working for us.
• At the time when your employment ends and after you have left.

This includes using information to enable us to comply with the employment contract, to comply with any legal requirements, pursue the legitimate interests of EBIZ Systems and protect our legal position in the event of legal proceedings.

If you do not provide this data, we may be unable in some circumstances to comply with our obligations and we will tell you about the implications of that decision.

We may sometimes need to process your data to pursue our legitimate business interests, for example to prevent fraud, administrative purposes or reporting potential crimes. We will never process your data where these interests are overridden by your own interests.

You will, of course, inevitably be referred to in many company documents and records that are produced by you and your colleagues in the course of carrying out your duties and the business of the company.

Where necessary, we may keep information relating to your health, which could include reasons for absence and GP reports and notes. This information will be used in order to comply with our health and safety and occupational health obligations – to consider how your health affects your ability to do your job and whether any adjustments to your job might be appropriate. We will also need this data to administer and manage statutory and company sick pay.

Where we process special categories of information relating to your racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, biometric data or sexual orientation, we will always obtain your explicit consent to those activities unless this is not required by law or the information is required to protect your health in an emergency.

Where we are processing data based on your consent, you have the right to withdraw that consent at any time.

In addition, we monitor computer telephone and mobile telephone use which may contain location data required to facilitate remote protection of company data.

If in the future we intend to process your personal data for a purpose other than that which it was collected we will provide you with information on that purpose and any other relevant information.

 

RETENTION PERIODS

We will keep your personal data for the duration of the period you are a customer or employee of EBIZ Systems. We shall retain your data only for as long as necessary in accordance with applicable laws.

On the closure, after you cease trading with us or ceasing your employment, we may keep your data for up to 7 years. We may not be able to delete your data before this time due to our legal and/or accountancy obligations. We may also keep it for research or statistical purposes. We assure you that your personal data shall only be used for these purposes stated herein.

 

THIRD PARTIES

 

For the avoidance of doubt, we do not and never shall sell your personal data to third parties for marketing or advertising purposes.

Customers & Contacts:
We work closely with a number of third parties (including business parties, service providers and fraud protection services) and we may receive information from them about you. These third parties may collect information about you including, but not limited to, your IP address, device-specific information, location information, and unique application numbers. We use their features within our website, however, in some instances, they may be acting as data controller and they will have their own privacy policies, which we advise you to read.

We may pass your personal data to third parties for the provision of services on our behalf (for example processing your payment). However, we will only ever share information about you that is necessary to provide the service and we have specific contracts in place, which ensure your personal data is secure and will not be used for any marketing purposes.

We may share your information if we are acquired by a third party and therefore your data will be deemed an asset of the business. In these circumstances, we may disclose your personal data to the prospective buyer of our business, subject to both parties entering into appropriate confidentiality undertakings. Similarly, we may share your personal data if we are under a duty to disclose data in order to comply with any legal obligation or to protect the rights, property, or safety of EBIZ Systems, our customers, or others. This includes but is not limited to exchanging information with other companies and organisations for the purposes of fraud protection, credit risk reduction and dispute policies. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.

Employees & Applicants:
Other than as mentioned below, we will only disclose information about you to third parties if we are legally obliged to do so or where we need to comply with our contractual duties to you, for instance we may need to pass on certain information to pension or health insurance schemes.

We may transfer information about you to other companies for purposes connected with your employment or the management of the company’s business such as appointed company accountants.

 

YOUR RIGHTS

Under the General Data Protection Regulation (GDPR) you have a number of rights with regard to your personal data. You have the right to request from us access to and rectification or erasure of your personal data (this is known as your right to be forgotten), the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.

If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.

In preventing the use or processing of your personal data, it may delay or prevent us from fulfilling our contractual obligations to you.

There are legal and accountancy reasons why we will need to keep your data, but please do inform us if you think we are retaining or using your personal data incorrectly.

Our Privacy Notice shall be made clear to you at the point of collection of your personal data.

Customers & Contacts:
In preventing the use or processing of your personal data it may also mean that we shall be unable to provide our products and/or services or process the cancellation of your order

You have the right to ask us not to process your personal data for marketing purposes. If you choose not to receive marketing communications from us about our products and services, you will have the choice not to choose these by ticking the relevant boxes at point of order.

We will not contact you for marketing purposes unless you have given us your prior consent. You can change your marketing preferences at any time by emailing info [at] ebizsystems [dot] co [dot] uk.

 

ACCESSING AND UPDATING YOUR DATA

You must maintain the accuracy of your information and ensure all your details, including but not limited to, name, address, title, contact numbers, e-mail address and payment details are kept up to date at all times.

 

WHERE WE STORE YOUR PERSONAL DATA

We follow accepted standards to store and protect the personal data we collect, including the use of encryption if appropriate.

All information you provide to us is stored on our secured servers within the EEA. In limited and necessary circumstances, your information may be transferred outside of the EEA or to an international organisation to comply with our legal or contractual requirements or in relation to the provision of our services. The laws in these countries may not provide you with the same protection as in the EEA; however, any third party referred to above outside of the EEA has agreed to abide by European levels of data protection in respect of the transfer, processing and storage of any personal data. By providing your data to us, you agree to this transfer and storage. However, we will ensure that reasonable steps are taken to protect your data in accordance with this privacy notice.
When transmitting information to us, As the transmission of information via the internet is not completely secure, we cannot guarantee the security of your data transmitted to our site and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Any sensitive data (payment details for example) are encrypted and protected at all times.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping the password confidential. We ask you not to share a password with anyone.

 

USE OF COOKIES

Cookies are used on our website/s to keep track of the contents of your shopping cart, to store delivery addresses if the address book is used and to store your details if you select the ‘Remember Me’ Option.

They are also used after you have logged on as part of that process. You can turn off cookies within your browser by going to ‘Tools | Internet Options | Privacy’ and selecting to block cookies. If you turn off cookies, you will be unable to place orders or benefit from the other features that use cookies.

Data collected by our website/s is used to:
• Take and fulfil customer orders.
• Administer and enhance the site and service.
• Issue a unique identifier (e.g. customer login).
• Monitor customer account status beyond that required for individual purchases.
• Disclose information to third-parties for goods delivery purposes.

LINKS TO OTHER SITES

EBIZ Systems may provide links to third-party sites. Since we do not control those sites, we encourage you to review the privacy policies of these third-party sites before sharing your data with them. Any information that you supply to these sites will not be within our control and we cannot be responsible for the privacy policies and practices of these.

 

LIABILITY

We agree to take reasonable measures to protect your data in accordance with applicable laws and in accordance with our General Terms and Conditions.

 

DATA BREACHES

In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.

 

YOUR RIGHT TO MAKE A COMPLAINT

If you have any concerns as to how we process your personal data, you can contact us at info@ebizsystems.co.uk

You have the right to lodge a complaint to the Information Commissioners’ Office if you believe that we have not complied with the requirements of the GDPR with regard to your personal data.

To make a complaint about how we process your personal data to the Information Commissioner visit https://ico.org.uk/concerns/

 

CHANGES TO THIS POLICY

This policy is regularly reviewed and is subject to change. Please check our website on a regular basis for any further changes.

 

Comments


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.


An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.


Media


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.


Cookies


If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.


If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.


When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.


If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.


Embedded content from other websites


Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.


These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.


Who we share your data with


If you request a password reset, your IP address will be included in the reset email.


How long we retain your data


If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.


For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.


What rights you have over your data


If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.


Where your data is sent


Visitor comments may be checked through an automated spam detection service.