Privacy Policy
1. Introduction
This Privacy Policy explains how CefniTech Solutions LTD (trading as CefniTech) (‘we’, ‘our’, or ‘us’) collects, uses, and protects personal data. CefniTech is committed to safeguarding your privacy and ensuring that your personal information is handled in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
CefniTech Solutions LTD is registered in England and Wales under company number 13939951. Our registered office is located at:
Suite 3281 Unit 3a,
34-35 Hatton Garden,
Holborn,
London,
England,
EC1N 8DX.
We provide services including computer repairs, IT support (remote and on-site), SaaS solutions, cloud backups, and the sale of new and refurbished technology products.
Our Data Protection Lead is Gethyn Jones. You can contact us about this policy or your personal data via:
• Email: info@cefnitech.co.uk
• Phone: 07721 422537
2. Definitions
- Personal Data: Information relating to an identifiable individual, such as name, email, phone number, or address.
• Processing: Any action taken on personal data, including collection, storage, use, or deletion.
• Data Controller: The organisation that determines the purpose and means of processing personal data (CefniTech Solutions LTD).
• Data Subject: The individual whose personal data is being processed.
• UK GDPR: The United Kingdom General Data Protection Regulation.
• Data Breach: A security incident leading to the accidental or unlawful destruction, loss, or unauthorised access to personal data.
3. Our Approach to Data Protection
CefniTech is committed to being transparent about how we collect and use personal data. We will only process data where there is a lawful basis to do so, such as:
• Consent given by you.
• To fulfil a contract or service agreement.
• To comply with a legal obligation (e.g., tax records).
• To pursue legitimate business interests, such as improving services.
We regularly review our policies and train our staff to ensure that personal data is handled securely and appropriately.
4. Your Rights
Under the UK GDPR, you have the following rights:
• The right to be informed about how we use your personal data.
• The right to access the data we hold about you.
• The right to correct inaccurate or incomplete data.
• The right to request deletion of your data when it is no longer needed.
• The right to object to our processing of your data.
• The right to restrict processing under certain circumstances.
• The right to data portability.
• The right to lodge a complaint with the Information Commissioner’s Office (ICO).
5. Data We Process, Why, and Retention Periods
We process different types of personal data depending on the relationship we have with you. Below is a breakdown of what we collect, why we collect it, and how long it is kept.
5.1 Customers / Clients
We collect minimal data from our customers to provide services and support. For services such as SaaS solutions and backup services, CefniTech acts only as a facilitator. The customer retains full control and responsibility for their data stored in these systems. CefniTech does not access, store, or manage the customer’s end-user data.
Data | Purpose | Legal Basis | Retention Period |
Billing contact name, address, phone, email | To invoice and manage the customer account | Contract | 6 years (for tax and accounting purposes) |
Employee names, emails, phone numbers | Provide access to support portal and IT services | Contract | Until contract ends or access is removed |
Company name and address | To maintain service records and support agreements | Contract | 6 years (for reference and compliance) |
5.2 Suppliers / Contractors
We collect business contact details for suppliers and contractors to manage our working relationships.
Data | Purpose | Legal Basis | Retention Period |
Business contact name, phone, email | To communicate and manage services provided by suppliers | Contract | 2 years after relationship ends |
Company address and details | To maintain financial and compliance records | Legal Obligation | 6 years (for tax and accounting purposes) |
5.3 Enquiries
When someone contacts us via our website, phone, or email, we collect only the details required to respond to the enquiry.
Data | Purpose | Legal Basis | Retention Period |
Name, phone, email | To respond to enquiries and provide requested information | Legitimate Interest | 1 year after enquiry |
Details of enquiry | To track and improve services | Legitimate Interest | 1 year after enquiry |
6. Third-Party Data Sharing
We do not sell or share your personal data with unrelated third parties. However, certain services may require us to work with trusted providers, such as:
• SaaS platform vendors
• Cloud hosting providers
• Backup solution providers
• Payment processing services
These third parties are only given access to the minimum data necessary to provide their services and must comply with GDPR standards.
7. Data Security
We implement strict measures to protect personal data, including:
• Encryption of electronic data.
• Secure backups with restricted access.
• Password-protected systems with multi-factor authentication where possible.
• Staff training on data protection and security best practices.
8. Data Breach Procedure
If a data breach occurs, we will:
1. Investigate the incident immediately.
2. Notify affected individuals where there is a risk to their rights and freedoms.
3. Report the breach to the Information Commissioner’s Office (ICO) within 72 hours if legally required.
9. International Data Transfers
Some of our service providers, such as cloud hosting companies, may store data outside the UK. In such cases, we ensure that appropriate safeguards are in place, such as standard contractual clauses or certification under recognised frameworks.
10. Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services or legal obligations. The latest version will always be available on our website at www.cefnitech.co.uk.
11. Complaints and Contact Information
If you have concerns about how we handle your data, please contact us first so we can address them. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Website: https://ico.org.uk/make-a-complaint/
Phone: 0303 123 1113
We know that running a business can be hectic. That’s where CefniTech comes in, providing the support and stability you need to keep your technology running smoothly.