4Com Group Privacy Policy

4Com Group Privacy Policy

We take your privacy very seriously. Please read this privacy notice carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or the UK data protection authority (the Information Commissioner’s Office or the ICO) in the event you have a complaint.

We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR). 

This privacy notice covers the following 4Com companies:

  • 4Com Group Limited
  • Pioneer Business Systems Limited
  • HiHi Ltd
  • Campfire Equipment Rentals Limited
  • 4Com Network Services Limited
  • Southern Business Communications Limited

This privacy notice is in a layered format so you can click through to the specific areas set out below which you would like to know more about.  Alternatively, you can download a pdf version of the privacy notice here.

It is important that you read this privacy notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you, so that you are fully aware of how and why we are using your personal data. This privacy notice supplements such other privacy notices and is not intended to override them.

Our Websites (as defined below) are not intended for children and we do not knowingly collect data relating to children.

Key Terms

The following are some key terms used in this privacy notice and an explanation of what those key terms mean:

4Com Group  means 4Com Group Limited (a company registered in England and Wales under company number: 10844874)
4Com Network  means 4Com Network Services Limited (a company registered in England and Wales under company number: 06472696)
Campfiremeans Campfire Equipment Rentals Limited (a company registered in England and Wales under company number: 12831439)
Groupmeans together 4Com Group, Pioneer, 4Com Network, HiHi, and Campfire
Group companymeans any company in the Group
HiHi  means HiHi Ltd (a company registered in England and Wales under company number: 07590894)
our Websitesmeans www.4com.co.uk, www.pioneercomms.co.uk, www.ripplecomms.co.uk, www.rubixcommunications.co.uk, www.harveycomunications.co.uk, www.hihi.co.uk,   www.sbcltd.co.uk and mi4com.co.uk
personal datameans any information relating to an identified or identifiable individual
Pioneer  means Pioneer Business Systems Limited (a company registered in England and Wales under company number: 08380630)
special category personal datameans data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership, genetic and biometric data (when processed to uniquely identify an individual) and data concerning health, sex life or sexual orientation
SBCmeans Southern Business Communications Limited (a company registered in England and Wales under company number: 02529115)
we, us, our  means the relevant company in the Group responsible for processing your personal data

Overview of which Group company processes your personal data

Under data protection law, a data controller determines the purpose and means of the processing of your personal data.

If you are an individual customer or a representative of a customer, you may engage with 4Com Network. The relevant 4Com company you engage with will be a data controller of your personal data.

If you are a prospective individual customer or a representative of a prospective customer, you may engage with Pioneer (trading as Harvey Communications, Ripple Communications or Rubix Business Systems), or SBC . The relevant 4Com company you engage with will be a data controller of your personal data.

If you are a representative of a supplier, you may engage directly with any of the Group companies. The relevant Group company you engage with will be a data controller of your personal data.

For marketing purposes, 4Com Group, Pioneer, or 4Com Network, may be a data controller of your personal data.

For personal data collected via the www.4com.co.uk website (except for personal data collected in relation to the reporting of faults), 4Com Group will be a data controller of your personal data.

For personal data collected via the www.pioneercomms.co.uk, www.ripplecomms.co.uk, www.rubixcommunications.co.uk and www.harveycomunications.co.uk websites, Pioneer will be a data controller of your  personal data.

For personal data collected via the www.hihi.co.uk website, HiHi will be a data controller of your personal data.

For personal data collected via the www.sbcltd.co.uk website, SBC will be a data controller of your personal data.

If the business you represent requires contract funding and this is obtained through Campfire, then Campfire will be a data controller of your personal data.

For personal data collected via the www.4com.co.uk website in relation to the reporting of faults and from the mi4com.co.uk website, 4Com Network will be a data controller of your personal data.

Please see below: [‘What we use your personal data for’] for further information about the purposes for which the Group uses your personal data.

Personal data we collect and use

The type of personal data we collect depends on our relationship with you and the method by which we collect the personal data.

The table below sets out the personal data we may collect about you.

Identity personal dataName
 Title
 Username/similar identifier
 Date of birth, if we ask for this or you choose to give this to us
 Gender or pronouns, if you choose to give this to us
 Marital status, if we ask for this or if you choose to give this to us
 Job title
 Name of your employer or the organisation you represent
 Passport information
 Driving licence
 Information from utility bills
Contact personal dataWork or personal email address
 Work/home postal/delivery address
 Work telephone number(s) (landline and/or mobile)
Contract personal data  Information relating to your contract(s) with us including transaction information
Financial personal dataBilling information and payment card information
 Information to enable us to undertake credit and other financial checks on you
IT Systems personal data  CCTV footage Call recording
Marketing personal data  Marketing and communications information, which may include information about your personal interests, your preferences in receiving marketing from us and your communication preferences
Technical personal dataInformation from when you visit our Websites, including your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Websites
Usage personal data  Information about how you use our Websites including the full Uniform Resource Locators (URL) clickstream to, through and from our Websites (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs) and methods used to browse away from the page
Website enquiry personal data  This includes information you provide when you fill in forms on our Websites, subscribe to our services, request further services, make an enquiry on our Websites, request a call back, sign up for newsletters, complete surveys undertaken by us for research purposes and report a problem with our Websites
Other personal dataInformation we ask for or that you volunteer to us when you correspond with us by email, post, telephone or text, or via our Websites or information from social media accounts when interacting with us via a personal profile (e.g. Facebook, Instagram, Twitter or LinkedIn)

We collect and use this personal data for the purposes described in the section: ‘[How and why we use your personal data]’ (see below).

We also collect, use and share aggregated data, such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate the data about how you use our Websites to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

If you do not provide personal data

For customers or suppliers who are individuals (this includes sole traders and traditional/unlimited partnerships), where we need to collect personal data to enter into a contract with you and you fail to provide that data when requested, we may not be able to enter the contract with you. This personal data may include your name and contact details.  For customers, if you thereafter do not provide personal data we ask for, this may delay or prevent us from providing our services to you.

How your personal data is collected

We collect most of your personal data directly from you – in person, by telephone, text or email and/or via our Websites. However, we may also collect information:

  • From publicly accessible sources, e.g. Companies House.
  • Directly from a third party, e.g.
  • credit reference agencies.
  • advertising networks.
  • search information providers.
  • an employee or representative of the organisation you represent.
  • finance providers (when you use finance in relation to a contract with us).
  • From cookies and similar technologies used on our Websites, see our [cookie policy] for further details.
  • Via our IT systems, e.g.
  • from door entry systems and reception logs.
  • through automated monitoring of our Websites and other technical systems, such as computer networks and connections, CCTV and access control systems, communication systems, email and instant messaging.

How and why we use your personal data

Under data protection law, we can only use your personal data if we have a proper reason (i.e. a lawful basis) for doing so, e.g.

  • to comply with our legal and regulatory obligations.
  • for the performance of our contract with you or to take steps at your request before entering into a contract.
  • for our legitimate interests or those of a third party.
  • where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

The table below explains what we use your personal data for, how we use your personal data, our lawful basis for doing so and the categories of personal data we use, depending on our relationship with you.

What we use your personal data for

Category of recipientFurther details of recipientsUse by recipientRelevant categories of personal data that may be shared with the recipient (depending on service provided/reason for sharing)
Our insurers, brokers and professional advisers in the event of a complaint or legal claim against us or where we require external advice or assistanceProfessional advisers e.g. solicitors, barristers, IT specialistsFor assisting, advising and representing us as necessaryPotentially any personal data held
Credit check / identity check provider To provide the results of a credit check / identity searchIdentity personal data Contact personal data Financial personal data
Finance providers To Process your application for finance including pre-proposing the business for financing prior to sales appointment.Identity personal data Contact personal data Contract personal data Financial personal data
Our bankHSBCFor processing financial transactionsIdentity personal data Contact personal data Financial personal data
Our regulator (where applicable)Financial Conduct AuthorityFor assessing our compliance with our regulatory and professional obligationsPotentially any personal data held
External IT service providerse.g. IT platform hosting provider, website hosting provider, IT support, email security, email service provider, document management providers, application software providersFor providing the relevant IT service to usIdentity personal data Contact personal data Contract personal data Financial personal data IT Systems personal data Technical personal data Usage personal data Website enquiry personal data Other personal data
Delivery companies For providing the relevant service to usIdentity personal data Contact personal data
Credit card payment facility providerWorldpayFor providing the relevant service to usIdentity personal data Financial personal data
Other external service providerse.g. data analytics providers    For providing the relevant service to usIdentity personal data Contact personal data Technical personal data Usage personal data Other personal data
Law enforcement/regulatory agenciese.g. the Information Commissioner’s OfficeFor their investigationsPotentially any personal data held
Companies within the Group For the purposes of 1) our contract with you or the organisation you work for or represent 2) the procurement of finance 3) customer support 4) marketingIdentity personal data Contact personal data Contract personal data Financial personal data Marketing personal data Website enquiry personal data Other personal data
Other parties that have or may acquire control or ownership of our business or part of our business (and our or their professional advisers) in connection with a corporate transaction or restructuring, including a merger, acquisition or asset sale or in the event of our insolvency  Potentially any personal data held Where possible information will be anonymised during a transaction and until completion of the transaction but this may not always be possible

Where we rely on consent as a lawful basis to process your personal data, you have the right to withdraw your consent at any time. To do this, please telephone, email or write to us (see below: ‘[How to contact us]’).

Please note that we may process your personal data without your knowledge or consent where this is required or permitted by law.

How and why we use special category data

Under data protection law, we can only use special category data where:

  • we have a proper reason for doing so (see above: ‘[How and why we use your personal data]); and
  • one of the potential ‘grounds’ for using special category data set out in data protection law applies to our use.

Marketing communications

We may use your personal data to send you periodic communications by email and post about our goods and/or services and events that might be of interest to you.

Third party marketing

We may from time to time telephone you or send you communications by email and post about selected third party goods and/or services which we think will be of interest to you.

We will get your express opt-in consent before we share your personal data with any other company for marketing purposes.

You have the right to opt-out of receiving marketing communications at any time by:

  • emailing [email protected];
  • writing to us at One Lansdown Plaza, 24b Christchurch Road, Bournemouth, Dorset, BH1 3NE (for the attention of The Compliance Director); or
  • using the ‘unsubscribe’ link in our emails

We may ask you to confirm or update your marketing preferences if you instruct us to provide further goods and/or services in the future, or if there are changes in the law, regulation, or the structure of our business.

Who we share your personal data with

Depending on the circumstances, we may share your personal data with:

Category of recipientFurther details of recipientsUse by recipientRelevant categories of personal data that may be shared with the recipient (depending on service provided/reason for sharing)
Our insurers, brokers and professional advisers in the event of a complaint or legal claim against us or where we require external advice or assistanceProfessional advisers e.g. solicitors, barristers, IT specialistsFor assisting, advising and representing us as necessaryPotentially any personal data held
Credit check / identity check provider To provide the results of a credit check / identity searchIdentity personal data Contact personal data Financial personal data
Finance providers To process your application for financeIdentity personal data Contact personal data Contract personal data Financial personal data
Our bankHSBCFor processing financial transactionsIdentity personal data Contact personal data Financial personal data
Our regulator (where applicable)Financial Conduct AuthorityFor assessing our compliance with our regulatory and professional obligationsPotentially any personal data held
External IT service providerse.g. IT platform hosting provider, website hosting provider, IT support, email security, email service provider, document management providers, application software providersFor providing the relevant IT service to usIdentity personal data Contact personal data Contract personal data Financial personal data IT Systems personal data Technical personal data Usage personal data Website enquiry personal data Other personal data
Delivery companies For providing the relevant service to usIdentity personal data Contact personal data
Credit card payment facility providerWorldpayFor providing the relevant service to usIdentity personal data Financial personal data
Other external service providerse.g. data analytics providers    For providing the relevant service to usIdentity personal data Contact personal data Technical personal data Usage personal data Other personal data
Law enforcement/regulatory agenciese.g. the Information Commissioner’s OfficeFor their investigationsPotentially any personal data held
Companies within the Group For the purposes of 1) our contract with you or the organisation you work for or represent 2) the procurement of finance 3) customer support 4) marketingIdentity personal data Contact personal data Contract personal data Financial personal data Marketing personal data Website enquiry personal data Other personal data
Other parties that have or may acquire control or ownership of our business or part of our business (and our or their professional advisers) in connection with a corporate transaction or restructuring, including a merger, acquisition or asset sale or in the event of our insolvency  Potentially any personal data held Where possible information will be anonymised during a transaction and until completion of the transaction but this may not always be possible

We only allow our service providers (where they process personal data on our behalf) to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on those service providers to ensure they can only use your personal data to provide services to us.

How long your personal data will be kept

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including;

  • to meet our obligations to you or to the organisation you represent in respect of goods and/or services you/ the organisation you work for or represent engage us to supply;
  • to respond to any questions, complaints or claims made by you/the organisation you represent;
  • to show that we treated you fairly; and
  • to keep records required by law to comply with our legal and regulatory obligations.

We will not retain your personal data for longer than necessary for the purposes set out in this privacy notice.

If we are no longer providing goods or services to you or the organisation you represent, we will usually delete or anonymise your account data after ten years (personal data collected to verify your identity will be deleted once your identity is verified).

Transferring your personal data outside of the UK

It is sometimes necessary for us to transfer your personal data outside the UK e.g. to our external IT or other service providers located outside the UK (see above: ‘[Who we share your personal data with]’).

If this is necessary, we will ensure the transfer complies with relevant data protection law by ensuring that e.g.

  • the country to which the personal data is being transferred is subject to an adequacy regulation further to Article 45 of the UK GDPR i.e. it has been decided by the UK government that the particular country ensures an adequate level of protection of personal data. A list of the countries the UK currently has adequacy regulations in relation to is available [here]. We rely on adequacy regulations for transfers to the following countries: the Netherlands;
  • the transfer is necessary for the performance of a contract between you and us further to Article 49 of the UK GDPR;
  • the transfer is necessary to establish, exercise or defend legal claims further to Article 49 of the UK GDPR;
  • there are appropriate safeguards in place between us and the organisation receiving it together with enforceable rights and effective legal remedies for you (e.g. by the use of approved data protection contractual terms); or
  • you have provided explicit consent to the proposed transfer after being informed of any potential risks under Article 49 of the UK GDPR.

Please contact us (see below: ‘[How to contact us]’) if you want further information on the specific mechanism used by us when transferring your personal data outside of the UK.

Your rights

You have the following rights, which you can exercise free of charge:

AccessThe right to be provided with a copy of your personal data
RectificationThe right to require us to correct any mistakes in your personal data
Erasure (also known as the right to be forgotten)In certain situations, the right to require us to delete your personal data
Restriction of processingIn certain situations, the right to require us to restrict processing of your personal data e.g. if you contest the accuracy of the data. You can ask us to stop processing the personal data whilst we look into the accuracy issues
Data portabilityIn certain situations, the right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party
To objectThe right to object in certain situations to our continued processing of your personal data e.g. where processing is carried out for the purpose of our legitimate interests unless there are compelling legitimate grounds for the processing to continue or the processing is required for the establishment, exercise or defence of legal claims
To withdraw consentIf you have provided us with a consent to use your personal data you have a right to withdraw that consent easily at any time. To do this, please telephone, email or write to us (see below: ‘[How to contact us]’). Withdrawing a consent will not affect the lawfulness of our use of your personal data in reliance on that consent before it was withdrawn.

We do not use your personal data for automated decision making (including profiling) that produces legal effects concerning you or similarly significantly affects you.

For further information on each of the above rights, including the circumstances in which they apply, please contact us or see the [Guidance from the UK Information Commissioner’s Office on individuals’ rights under the General Data Protection Regulation].

If you would like to exercise any of the above rights, please email, write or telephone us (see below: [‘How to contact us’]) and provide us with enough information to identify you as well as what right you want to exercise and the personal data to which your request relates.

Keeping your personal data secure

We have put in place reasonable and appropriate security measures to endeavour to prevent personal data from being accidentally lost, used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

For users of our Websites, unfortunately, the transmission of information via the internet is never completely secure.  We cannot therefore guarantee the security of your data transmitted via our Websites; any transmission is at your own risk. Our Websites may, from time to time, contain links to other websites plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy notices / policies. When you leave our Websites, we encourage you to read the privacy notice / policy of every website you visit before you submit any data to these websites.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How to complain

We hope that we can resolve any query or concern you may raise about our use of your personal data.  If you want to complain about how we have used your personal data, please email or write to us or call us (see below: ‘[How to contact us’]. However, if we are not able to resolve your complaint to your satisfaction, you can complain to the Information Commissioner’s Office (ICO). Further information about how to make a complaint to the ICO can be found on the ICO website www.ico.org.uk

Changes to this privacy notice

We may change this privacy notice from time to time and when we do so we will inform you via our Websites. If any changes are likely to have an adverse impact on your rights under data protection law, we will use reasonable endeavours to notify you of the changes in advance in writing or by alternative means.

Changes to your personal data

It is important that the personal data we hold about you is accurate and current.

Please let us know if you change your name, address or any other personal details (see below: ‘[How to contact us]’).

How to contact us

If you have any queries about this privacy notice or how we use your personal data, you can contact us by email, post or telephone as follows:

Email:              [email protected]

Telephone:       0330 444 444

Post:                            One Lansdown Plaza, 24b Christchurch Road, Bournemouth, Dorset, BH1 3NE (for the attention of The Compliance Director)

Do you need extra help?

If you would like this privacy notice in another format (for example large print) please contact us (see above: ‘[How to contact us]’).

Date of Privacy Policy update: 5th July 2023

Version 2.01