DATA PRIVACY NOTICE

This policy explains what data we collect on behalf of our customers, when and why we collect this data, how we use it and how we keep it secure.

We may change this Policy from time to time so please check back with us occasionally for an update to this policy to ensure that you are happy with any changes.

Any questions regarding this Policy and our privacy practices should be sent to support@nuvoli.net. Alternatively, you can call our contact centre on 0203 375 4999.

 

Who are we?

Nuvoli is an independent provider of solutions, innovation, market knowledge and intellect within the areas of telecoms and IT. We provide consultancy to deliver cost reduction through billing audits and overcharge analysis. We also provide mobile, ADSL and fixed telecoms sourcing solutions.

We build and manage your inventory for both devices and telecom expenditure and deliver mobility management solutions for both public and private sector organisations.

 

What type of data is collected?

In order to provide our customers with the service; such as a telecoms audit, an inventory and management report is built with certain categories of data. These include:

  • Telephony assets – a detailed list of all telephony assets is required including fixed and mobile connections and hardware.
  • Business details – data regarding your business is collected such as cost centre information and list of sites.
  • Staff details – data regarding users of your telephony equipment such as name, department and home address details if they are home workers.
  • Telephony invoices – monthly spend for both fixed and mobile assets including recurring charges such as line rental and maintenance; and one-off charges such as equipment.
  • Call data records – access to itemised call data which for each call includes the source and destination telephone number, the date and time and the cost.
  • Service Desk - requests for additions, changes and cancellations for telephony assets. Also details around any fault tickets raised.

 

How do we collect this data?

There are a number of ways in which we may collect this information from you once you have given us the consent to do so, these include:

  • Data feeds – we often receive documents containing business information that you send to us, these can be in the following formats; csv, excel, word, txt…etc. These are often sent via email and/or downloaded from vendors portals.
  • Contact Centre – our contact centre will collect information about requests and faults when you call or email us.
  • Campaigns – our campaigns team will call your telephone numbers from time to time to gather information about that asset, such as usage and purpose.
  • Surveys – we may send out surveys to your staff to capture details regarding their business mobile connections and hardware.

 

How do we process your data?

Nuvoli complies with its obligations under the General Data Protection Regulation (GDPR) by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data for the duration of the service offered.

 

How is your data used?

We will only use your data to deliver our service and as such it may be used in the following ways:

  • Provide an audit of your mobile and fixed telephony estate.
  • Provide an inventory of your mobile and fixed telephony assets and costs.
  • Provide detailed management reporting of telephony fixed, usage and one-off costs.
  • Provide call profiling and analysis.
  • Order, change and cease assets.
  • Call certain numbers to obtain asset details.
  • Report and fix faults on assets.

 

How long do we hold your data?

We will continue to hold data while it is still relevant for reporting and analysis in order to provide our service. Generally, we hold audit data for up to 2 years and in-life data up to 6 years. You have the right to request for information to be removed from our systems earlier, see more details on this below. Further details regarding our retention schedule can be found in our retention policy.

 

Who has access to your data?

Your data is used by a number of individuals within Nuvoli, this includes the finance team, the support team and the IT team. Your data is only accessed by authorised individuals within our business. For example, your financial information is not accessible by our support team and any details regarding faults and new provides will not be accessible by our finance team.

We will not sell or rent your information to third parties and we will not share your information with third parties for marketing purposes.

Third Party Service Providers working on your behalf: We may pass your information to your third-party service providers for the purposes of completing tasks and providing services to you on your behalf (for example providing on site engineering support to fix an equipment fault). However, when we use third party service providers, we disclose only the information that is necessary to deliver the service.

Third Party Applications: We may store your information on third party applications (for example, mobile number, name and personal address on our service desk application, Serviceforce) for the purposes of completing tasks and providing services to you. However, when we use third party applications, we capture only the information that is necessary to deliver the service.

Transferring your information outside of Europe: Some of the third-party service providers that we work with may be based outside of the European Union (“EU”). By way of example, we use developers that are based in India and in order for them to provide a service they will need access to our systems. However, we do not transfer any personal data to our third party service providers that are outside the EU.

Please be reassured that we will not release your information to third parties beyond the Nuvoli network for them to use for their own purposes unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.

 

How do we protect your data?

Transferring data:

When you send us data or when we send you data this can be via a number of methods such as email, SharePoint and FTP. All data transmitted uses encrypted SSL and/or TLS transmissions to ensure data is secure while traversing networks.

 

Storing data:

The data that we have collected about your business will be stored within our secured network and on our systems, such as our finance and billing systems. Our network is protected using a unified security gateway (firewall) which prevents hackers from entering the system and searching files and information.

We also use end point protection to protect our system from malicious code such as viruses and malware. Where applicable sensitive data is encrypted at rest and only authorised personnel have access to allow us to perform our service obligations.

 

Who is responsible for your data?

Nuvoli and its Directors are responsible for you and your employees personal data.

 

How can you access your data?

The accuracy of your information is important to us. If any of the data that we hold is inaccurate or out of date, please email us at: support@nuvoli.net or call our contact centre on 0203 375 4999.

 

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:

  • The right to request a copy of your personal data which Nuvoli holds about you.
  • The right to request that Nuvoli corrects any personal data if it is found to be inaccurate or out of date.
  • The right to request your personal data is erased where it is no longer necessary for Nuvoli to retain such data.
  • The right to withdraw your consent to the processing at any time
  • The right to request that Nuvoli provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing
  • The right to object to the processing of personal data
  • The right to lodge a complaint with the Information Commissioners Office.

 

Please note you can withdraw your consent to all or any one of the above purposes at any time by contacting Nuvoli. All processing of your personal data will cease once you have withdrawn consent, but this will not affect any personal data that has already been processed prior to this point, unless you explicitly request for this personal data to be removed.

 

What is the legal basis for processing your data?

  • Data is collected with the consent of our customers.
  • Processing is necessary for the performance of a service.
  • Processing of data is a contractual requirement.
  • Processing is necessary for the legitimate interests of Nuvoli except where such interests are overridden by the interests, rights or freedoms of the data subject.

 

Review of this Policy

We keep this Policy under regular review. This Policy was last updated in April 2018