Privacy Policy

.
.
.

Privacy Policy

JSL Services Group Limited is committed to ensuring that your privacy is protected, both online and offline.

Should we ask you to provide certain information, by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

JSL Services Group Limited may change this policy from time to time by updating this page. Please review it periodically to ensure that you are happy with any changes.

This policy was effective from April 2018.

Offline

JSL SERVICES GROUP LIMITED – PRIVACY STATEMENT 2018

Introduction

This document sets out the obligations of JSL Services Group Ltd (“the Company”) with regard to privacy protection and the rights of people with whom it works in respect of their personal data under the Data Protection Act 1998 (“the Act”) and in compliance with the General Data Protection Regulation (25th May, 2018)

This Privacy Statement describes the data we hold, where it is held and how it is protected.  The procedures set out herein must be followed by the Company, its employees, contractors, agents, consultants, partners or other parties working on behalf of the Company. Written contractual consent of compliance will be sought by all parties before mentioned.

The Company views the correct and lawful handling of personal data as key to its success and dealings with third parties.  The Company shall ensure that it handles all personal data correctly and lawfully.

 

Personal and Sensitive Data

All data within the our control shall be identified as personal, sensitive or both to ensure that it is handled in compliance with legal requirements and access to it does not breach the rights of the individuals to whom it relates.

The principles of the GDPR shall be applied to all data processed:

 

  1. Processed lawfully, fairly and in a transparent manner in relation to individuals;
  2. Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
  3. Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  4. Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
  5. Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
  6. Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

 

Rights of Data Subjects

Under the GDPR, data subjects have the following rights which JSL Services Group Limited adhere to:

  • The right to be informed that their personal data is being processed.
  • The right to access any of their personal data held by the Company within 30 days of making a request.
  • The right to prevent the processing of their personal data (right to erasure)
  • The right to rectify, block, erase or destroy incorrect personal data.
  • The right to lodge a complaint with a supervisory authority.

 

Data we hold

Personal data is defined by as data which relates to a living individual who can be identified from that data or from that data and other information which is in the possession of, or is likely to come into the possession of, the data controller, and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.

GDPR also defines “special category data” as personal data relating to the racial or ethnic origin of the data subject; their political opinions; their religious (or similar) beliefs; trade union membership; their physical or mental health condition; their sexual life; the commission or alleged commission by them of any offence; or any proceedings for any offence committed or alleged to have been committed by them, the disposal of such proceedings or the sentence of any court in such proceedings.

The Company only holds personal data which is directly relevant to its dealings with a given data subject by contractual obligations to provide support services.  That data will be held and processed in accordance with the data protection principles and with this Policy.  The following data may be collected, held and processed by the Company from time to time:

  • Full names of users
  • Temporary passwords
  • Dates of birth
  • Home address details
  • Private and work based telephone details
  • Private and work based email addresses
  • Previous employment information
  • Working hours

Please note we do NOT hold personal passwords in any of our systems for individual users.

Sub-Processors

JSL may use the following sub-processors with regards to processing client data in order to provide our support services. We will ensure we have suitable GDPR compliant contracts in place with these sub-processors by the 25th May 2018 to continue using their services. The following sub-processors are listed below and ask that if you have any objections to the use of these sub-processors to contact us at help@jslgroup.co.uk – please include a reasonable explanation to the objection;

 

  • Autotask (UK) Limited (our internal helpdesk system and PSA)
  • Redstor Limited (Data backups)
  • Veeam Software (UK) Limited (Data backups and / or disaster recovery)
  • Microsoft Corporation Limmited
  • Intuit Limited (financial data / records)
  • Docusign Incorporated (online electronic signature service)

 

Processing Personal Data

Any and all personal data collected by the Company is collected in order to ensure that the Company can facilitate efficient transactions with third parties including, but not limited to, its customers, partners, associates and affiliates and efficiently manage its employees, contractors, agents and consultants.  Personal data shall also be used by the Company in meeting any and all relevant obligations imposed by law.

Personal data may be disclosed within the Company.  Personal data may be passed from one department to another in accordance with the data protection principles and this Policy.  Under no circumstances will personal data be passed to any department or any individual within the Company that does not reasonably require access to that personal data with respect to the purpose(s) for which it was collected and is being processed.

The Company shall ensure that:

  • All personal data collected and processed for and on behalf of the Company by any party is collected and processed fairly and lawfully;
  • Data subjects are made fully aware of the reasons for the collection of personal data and are given details of the purpose for which the data will be used;
  • Personal data is only collected to the extent that is necessary to fulfil the stated purpose(s);
  • All personal data is accurate at the time of collection and kept accurate and up-to-date while it is being held and / or processed;
  • No personal data is held for any longer than necessary in light of the stated purpose(s) and will be recorded on our retention policy;
  • All personal data is held in a safe and secure manner, taking all appropriate technical and organisational measures to protect the data;
  • All personal data is transferred using secure means, electronically or otherwise;
  • No personal data is transferred outside of the UK or EEA (as appropriate) without first ensuring that appropriate safeguards are in place in the destination country or territory; and
  • All data subjects can exercise their rights set out in “rights of data subjects” section above.

 

Data Protection Procedures

See our Data Protection Policy for more detailed information.

The Company shall ensure that all of its employees, contractors, agents, consultants, partners or other parties working on behalf of the Company comply with the following when processing and / or transmitting personal data:

  • All emails containing personal data must be encrypted;
  • Personal data may be transmitted over secure networks only – transmission over unsecured networks is not permitted in any circumstances;
  • Personal data may not be transmitted over a wireless network if there is a wired alternative that is reasonably practicable;
  • Personal data contained in the body of an email, whether sent or received, should be copied from the body of that email and stored securely. The email itself should be deleted.  All temporary files associated therewith should also be deleted;
  • Where Personal data is to be sent by facsimile transmission the recipient should be informed in advance of the transmission and should be waiting by the fax machine to receive the data;
  • Where Personal data is to be transferred in hardcopy form it should be passed directly to the recipient. Using an intermediary is not permitted;
  • All hardcopies of personal data should be stored securely in a locked box, drawer, cabinet or similar;
  • All electronic copies of personal data should be stored securely using passwords and suitable data encryption, where possible on a drive or server which cannot be accessed via the internet; and
  • All passwords used to protect personal data should be changed regularly and should not use words or phrases which can be easily guessed or otherwise compromised in line with our company password policy.
  • Secure disposal of redundant data is an integral element to compliance with legal requirements and an area of increased risk. JSL will NOT remove any hardware containing data from any site for disposal unless written consent is received from a nominated contact. Any employee of JSL that does so is in breach of this policy.
  • All data held in any form of media (paper, tape, electronic) shall only be passed to a disposal partner with demonstrable competence in providing secure disposal services and certificates of destruction will be supplied.
  • All data shall be destroyed or eradicated to agreed levels meeting recognised national standards, with confirmation at completion of the disposal process.

 

Organisational Measures

The Company shall ensure that the following measures are taken with respect to the collection, holding and processing of personal data:

  • A designated officer (“the Designated Officer”) within the Company shall be appointed with the specific responsibility of overseeing data protection and ensuring compliance with the GDPR.
  • All employees, contractors, agents, consultants, partners or other parties working on behalf of the Company are made fully aware of both their individual responsibilities and the Company’s responsibilities under the GDPR and shall be furnished with a copy of this Policy.
  • All employees, contractors, agents, consultants, partners or other parties working on behalf of the Company handling personal data will be appropriately trained to do so.
  • All employees, contractors, agents, consultants, partners or other parties working on behalf of the Company handling personal data will be appropriately supervised.
  • Methods of collecting, holding and processing personal data shall be regularly evaluated and reviewed.
  • The Performance of those employees, contractors, agents, consultants, partners or other parties working on behalf of the Company handling personal data shall be regularly evaluated and reviewed.
  • All employees, contractors, agents, consultants, partners or other parties working on behalf of the Company handling personal data will be bound to do so in accordance with the principles of the GDPR and this Policy by contract. Failure by any employee to comply with the principles or this Policy shall constitute a disciplinary offence.  Failure by any contractor, agent, consultant, partner or other party to comply with the principles or this Policy shall constitute a breach of contract.  In all cases, failure to comply with the principles or this Policy may also constitute a criminal offence under the GDPR, depending on the severity.
  • All contractors, agents, consultants, partners or other parties working on behalf of the Company handling personal data must ensure that any and all of their employees who are involved in the processing of personal data are held to the same conditions as those relevant employees of the Company arising out of this Policy and the GDPR.

Access by Data Subjects

A data subject may make a subject access request (“SAR”) at any time to see the information which the Company holds about them. They should be made in writing to:

The Director (s)

JSL Services Group Limited

The Old Post Office

Wycombe Road

Studley Green

Bucks. HP14 3XA

 

Upon receipt of a SAR the Company shall have a maximum period of 30 days within which to respond.  The following information will be provided to the data subject:

  • Whether or not the Company holds any personal data on the data subject;
  • A description of any personal data held on the data subject;
  • Details of what that personal data is used for;
  • Details of any third-party organisations that personal data is passed to and why; and
  • Details of any technical terminology or codes.

 

Notification to the Information Commissioner’s Office

As a data controller, the Company is required to notify the Information Commissioner’s Office that it is processing personal data.  The Company is registered in the register of data controllers.

Data controllers must renew their notification with the Information Commissioner’s Office on an annual basis.  Failure to notify constitutes a criminal offence.

Any changes to the register must be notified to the Information Commissioner’s Office within 28 days of taking place.

The Designated Officer shall be responsible for notifying and updating the Information Commissioner’s Office.

 

Implementation of Policy

This Policy shall be deemed effective as of 01/04/2018.  No part of this Policy shall have retroactive effect and shall thus apply only to matters occurring on or after this date.

This Policy has been approved & authorised by:

Name: Mr Jai Lablans
Position: Managing Director

Online

What we collect

We may collect the following information:

  • Anonymous website usage statistics
  • Your contact details that you supply via a contact form

What we do with the information we gather

We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

  • Internal record keeping
  • We will contact you regarding your query or send you the information you have requested
  • We may use the information to improve the functionality of our website
  • Internal analysis of the success of the website and how it meets user needs

Cookies

What is a cookie?

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of a particular website.

How we use cookies

This website uses Google Analytics to help analyse how users use the site. The tool uses “cookies,” which are text files placed on your computer, to collect standard Internet log information and visitor behaviour information in an anonymous form. The information generated by the cookie about your use of the website (including IP address) is transmitted to Google. This information is then used to evaluate visitors’ us of the website and to compile statistical reports on website activity for JSLComputers.

We will never (and will not purposefully allow any third party to) use the statistical analytics tool to track or to collect any Personally Identifiable Information (PII) of visitors to our site. Google will not associate your IP address with any other data held by Google. Neither we nor Google will link, or seek to link, an IP address with the identity of a computer user. We will not associate any data gathered from this site with any Personally Identifiable Information from any source, unless you explicitly submit that information via a fill-in form on our website.

Please note that Google also issues it’s own Privacy Policy statement.  Please follow the link provided to view this.

We are keeping a close eye on what is known as “the EU cookie law”.  We would rather not plaster our site in alerts and pop ups but we have provided the means to disable Google cookies on this site.  Please follow the link on the right-hand-side to our cookie control.

Links to other websites

Our website may contain links to other websites of interest or to those of our product manufacturers. However, once you have used these links to leave our site, you should note that we do not have any control over the other websites. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Your personal information

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.

You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee will be payable. If you would like a copy of the information held on you please write to the address on the contact page.

This Policy has been approved & authorised by:

Name: Mr Jai Lablans
Position: Managing Director

NEWS

GDPR

GDPR comes into law on 25th May 2018

DDOS protection as standard

JSL Group are pleased to offer DDoS (Distributed Denial of Service) protection AS STANDARD on all our data connectivity services at NO EXTRA cost.

JSL has supported our school for a number of years. They have advised us on appropriate equipment to buy and have arranged purchase, delivery, installation and speedy resolution of any problems. All of their personnel are extremely friendly and have shown great patience when helping school staff, especially those who are less confident when using new technology. We have always been delighted with their service!

JSL are quick to respond to problems. They will listen to our vision and work with us to give us the systems to achieve our goals! Forward thinking, forever looking at improvements but always in mind of best value!

The migration to JSL has been relatively seamless and I have been extremely impressed with their professionalism and level of flexibility to date. They invested a lot of time at the pre-contract stage ensuring that our needs could be accommodated and have done a fabulous job in advising us accordingly. Their level of expertise in this field has been instrumental in informing key decisions, including guidance on external contractors and sourcing the right products. They take a genuine interest in client interaction and feedback and I am extremely confident that this partnership will be highly successful moving forward.

MORE TESTIMONIALS
.
.
.
Genee World
Citrix
Ruckus
Cisco
Systancia
Microsoft

By using this website you agree to accept our Privacy Policy and Terms & Conditions


Notice: ob_end_flush(): failed to send buffer of zlib output compression (0) in /home/jslconnect/public_html/wp-includes/functions.php on line 4348