How we use your information
This privacy notice tells you what to expect when In2Solutions Ltd collects personal information. It applies to information we collect about:
Visitors to our websites
When someone visits www.In2solutions.co.uk we use one third-party service, Google Analytics, to collect standard internet information and details of visitor behaviour patterns. We do this to find out information, such as the number of visitors to the various parts of the site. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
By communicating, downloading, commenting or asking us to contact you, you understand that you are providing this information to us voluntarily and there is a legitimate reason for us to retain this information for the period required to discharge those obligations mentioned above. Without your contact information, we will not be able to get back to you or publish your comments.
Where we ask for consent you will be asked to opt-in and you are free to not give or withdraw your consent if you have previously given consent and then later change your mind. We also rely on consent as lawful basis for processing your data, where you have expressed an interest in procuring our services or we need the information to provide services under a contract with you.
We also rely on legitimate interest as a legal basis to process information where we have a clear interest to process your data and it does not impact your rights and freedoms. We would not want to harm your privacy so please let us know if you have any issues and we will try and explain and accommodate your wishes.
If we ever want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Newsletters and Mailshots
We use a third-party provider, Mail Chimp, to deliver our newsletters and mailshots. All those who receive our emails have clearly opted-in to receive such communications and are free to unsubscribe from them at any time. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our communications.
This information will be retained online through our Mail Chimp account and is protected behind a firewall and other security arrangements. As with any such host websites there is no absolute guarantee of security. If you feel this not sufficient then please do not provide any personal information or get in touch and we will remove you from our database.
Your personal data will be retained for the period needed to interact with you. You can request to be removed from our database at any time.
For more information, please see: https://mailchimp.com/legal/privacy/
Security and performance
To help maintain the security and performance of the In2Solutions website we track the IP addresses of visitors. This information is not processed or used in any other way.
People who call our offices
When you call the In2Solutions offices we collect Calling Line Identification (CLI) information. We use this information to help improve our efficiency and effectiveness.
We track outbound numbers called but do not record or monitor calls made to or from any of our offices.
Our telephone services are provided by Barton Telecom Services and a link to their privacy policy can be found at www.iubenda.com/privacy-policy/42110770/legal
Our messaging on hold is provided by Info-on-hold – www.ioh2.com/privacy-policy
People who email us
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
Post
In2Solutions use the Royal Mail for all its postal requirements and as a business user we are fully GDPR compliant under their policy and hold an internal policy to ensure there are no data breaches. Our post is sent tracked with a signature and those wishing to upgrade the service can request special delivery at an additional cost.
Clients who book training with In2Solutions
We procure training courses to learners on behalf of our clients. To understand the requirements of the delegates we record and store the following data:
• Name and address of the client to identify the company and supply certificates, joining instructions and booking forms.
• Date of birth and NI number are sometimes required for the awarding bodies to issue external certificates.
• All information is held online as In2Solutions Ltd is committed to a paperless and environmentally neutral office and all systems are covered under our IT policy
Suppliers who work with In2Solutions
We procure training courses to learners on behalf of our clients. To understand the requirements of the delegates we record and store the following data:
• Name and address of the client to identify the company and supply certificates, joining instructions and booking forms.
• Date of birth and NI number are sometimes required for the awarding bodies to issue external certificates.
• Booking forms and online booking systems for suppliers
• All information is held online as In2Solutions Ltd is committed to a paperless and environmentally neutral office and all systems are covered under our IT policy
IT Policy
The IT for In2Solutions is maintained through Ashby Computer Services – A Managed Microsoft Gold Partner and advise In2Solutions on their best It practices.
• Server – The server that is used by In2Solutions is a Synology NAS with RAID’d disks, the data is locked down to individual user accounts to specific files shares based in their job roles. The NAS is set to do periodic firmware updates to ensure that any known vulnerabilities are closed. Remote access to the NAS is via Ashby Computer Services external IP and uses a different more secure password. The disks are also fully encrypted in case of theft.
• Password Policy – The client machines are set with individual user name and passwords to access each machine. User are not local admins and as such do not have the ability to install programmes or virus’s themselves.
• Antivirus – The server uses ESET antivirus to protect the server and the client machines, these have 0-hour protection turned on as well blocking of potentially unwanted programmes (the main source of trojans). This software reports directly to Ashby Computers whom will resolve the threats under the contract agreement.
• Firewall – Ashby Computers use an enterprise grade firewall which has had all passwords changed from the defaults as well as the relevant firewall restricted to only allow authorised ports in and out of the network. The firewall also has a DOS attack prevention control to stop brute force attacks. The latest firmware is also applied to the device once tested to ensure vulnerabilities are closed.
• Updates – All pc’s are set to go directly to Microsoft for updates and are completed weekly to ensure they are protected as much as possible.
• Data Access – Requests for access to files and folders must come through the named contact with In2Solutions and Ashby provide full traceability for user access control requests.
• Changes in staff – As soon as a staff member leaves the organisation the account is disabled and the password changed immediately to block access to the server.
• Email – Email for In2Solutions is processed and stored via Microsoft Office 365 the data is encrypted in rest and in transit from the endpoint through to remote server. User access and passwords also follow the above policies and email and server passwords are not linked via single sign on.
• Wireless – No guests can use the company Wi-Fi at all – if internet is required then this is completed on an In2Solutions device.
• Backups – Backups are taken daily to Dropbox using a separate user name and password to a company Dropbox account and allows for a GRT recovery if and when required.
• Remote access – There is no remote access available to staff at present.
• External access – Ashby Computers gain remote access to the servers and the PC’s via an encrypted teamviewer and logmein and are only used for access as and when access is required.
Complaints or queries
We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of In2Solutions collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
Access to personal information
We try to be as open as we can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a 'subject access request' under the Data Protection Act 1998. If we do hold information about you, we will:
• give you a description of it;
• tell you why we are holding it;
• tell you who it could be disclosed to; and
• let you have a copy of the information in an intelligible form.
To make a subject access request for any personal information we may hold, you need to put the request in writing addressing it to our Information Governance department, address provided below.
If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.
If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting the Information Governance department.
How to contact us
If you want to request information about our privacy policy, you can email us or write to:
In2Solutions
The Old Salvation Hall
New Street
Rothwell
NN14 6EU