Privacy Policy

Our privacy policy explains how we collect, use, share and protect your personal information. It also explains your rights in relation to your personal data and how to contact us or make a complaint.

We regularly review and, where necessary, update our privacy information and post changes on our websites. If we plan to use personal data for a new purpose, we will update our privacy information and communicate the changes to the individuals concerned before starting any new processing.



  • Who We Are

    The data controller of your personal data is 4Com Plc (“we”, “us”, or “our”). We can be contacted at datacompliance@4com.co.uk Loewy House, Aviation Park West, 11 Enterprise Way, Christchurch BH23 6EW; 0330 444 4444

    This Policy applies to you if you use our services (“our Services”), and if you contact us or we contact you about our Services. It also applies to visitors to our websites (“our Websites”): https://www.4com.co.uk/

    We are committed to protecting your privacy. We will only use the information that we collect about you lawfully and in accordance with current data protection law.

  • Collecting Your Personal Data

    The type of information we will collect about you includes (but is not limited to):

    • your name
    • address
    • phone number
    • email address
    • your business type
    • payment information such as bank details, direct debit, debit or credit card details that you provide us
    • information about financial associates in the case of partnerships
    • information about how you use our Services (including but not limited to call traffic and location data and billing information)
    • your activity on our Websites when you log in as a user
    • phone records including the numbers you call and send messages to and receive calls and messages from, the date, time length and cost of these communications including the broad location at the time of these communications; call recordings
    • roaming information (such as the country you were in and the network used including dates and times)
    • your communications with us
    • information you give to us when entering customer surveys
    • when you shop online on one of our Websites, information about your online purchases (for example, what you have bought, when and where you bought it)
    • information about your online browsing behaviour on our Websites and information about when you click on one of our adverts
    • your activity on our Websites when you log in as a user
    • such information as you provide on your CV when applying for a position with 4Com

    Please see below: “Visitors to our Websites

    For our customers, this personal data is required to provide our Services to you. If you do not provide the personal data information we ask for, it may delay or prevent us from providing our Services to you.

    How your personal data is collected

    We collect personal data:-

    1. Directly from you (for our customers, this is when you enquire about a product or service, when you make a purchase or during the subsequent processing stages of an order)
    2. Indirectly through the usage of our Services e.g. when you make calls

    Visitors to our Websites

    We may use technology to track the patterns of behaviour of visitors to our Websites. This can include using a “cookie” which would be stored on your browser. You can usually modify your browser to prevent this happening. The information collected in this way can be used to identify you unless you modify your browser settings. We also track click-through links in emails sent as part of our e-bulletin subscription service. For further information about our use of cookies, please refer to our cookies policy

  • How and Why We Use Your Personal Data

    Under data protection law, we can only use your personal data if we have a proper reason for doing so, for example:

    • for the performance of our contract with you or to take steps at your request before entering into a contract;
    • for our legitimate interests or those of a third party;
    • to comply with our legal obligations; or
    • where you have given consent.

    A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

    The table below explains what we use your personal data for and our lawful basis for doing so.

    What we use your personal data for Our lawful basis for processing your personal data
    To provide our Services to our customers including checking your eligibility for our Services, managing your account, applications and orders Necessary for the performance of our contract with our customers or to take steps at our customers’ request before entering into a contract
    For billing and payment purposes, financial or management forecasts and to collect debt Necessary for our legitimate interests or those of a third party i.e. In the event that we are forced to pass your information to a debt recovery service
    To verify your identity or to perform any other authentication that we need Necessary to comply with our legal obligations
    To find and stop criminal activity, misuse of, or damage to, our Services or network and other assets. Also to defend our rights or property and protect the rights and interests of our customers and website users Necessary for our legitimate interests or those of a third party i.e. to minimise fraud that could be damaging for us and for you
    To carry out credit checks Necessary for the performance of our contract with our customers or to take steps at our customers’ request before entering into a contract
    To tell you about the products and services you use and to let you know if we make changes to them (please note that you will not be able to opt out of receiving essential service communications) Necessary for the performance of our contract with our customers or to take steps to advise customers of new products that could have a material bearing on the performance of their telephony solutions
    To market and advertise our products and services to you – if you have chosen to receive these Necessary for our legitimate interests or those of a third party i.e. To ensure that customers are being offered the latest technology; or information about end of life of a product which could detrimentally affect their business
    For internal purposes such as management, research, analytics, corporate reporting, credit scoring and to improve business efficiencies Necessary for our legitimate interests or those of a third party i.e. to make sure we are following our own internal procedures so we can deliver the best service to you
    To analyse trends in call types, phone usage and undertake industry specific research Necessary for our legitimate interests or those of a third party i.e. to be in a position to offer better tariffs, products and services to customers
    To provide effective security and technical support of our products and services and help maintain service quality (this also means that we may monitor or record calls to our customer services for authentication, security, quality and training purpose) Necessary for the performance of our contract with our customers or to take steps to alert customer to breaks in service usually from third party suppliers
    Other processing necessary to comply with legal and regulatory obligations that apply to our business e.g. under health and safety regulations Necessary to comply with our legal obligations
    Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies Necessary to comply with our legal obligations
    Ensuring business policies are adhered to e.g. policies covering security and internet use Necessary for our legitimate interests or those of a third party i.e. to make sure we are following our own internal procedures so we can deliver the best service to you
    Operational reasons, such as improving efficiency, training and quality control Necessary for our legitimate interests or those of a third party i.e. to be as efficient as we can so we can deliver the best service for you at the best price
    Ensuring the confidentiality of commercially sensitive information Necessary for our legitimate interests or those of a third party i.e. to protect trade secrets and other commercially valuable information
    Necessary to comply with our legal obligations
    Preventing unauthorised access and modifications to systems Necessary for our legitimate interests or those of a third party i.e. to prevent and detect criminal activity that could be damaging for us and for you
    Necessary to comply with our legal obligations
    Updating and maintaining customer records Necessary for the performance of our contract with you or to take steps at your request before entering into a contract
    Necessary to comply with our legal obligations
    Necessary for our legitimate interests or those of a third party e.g. making sure that we can keep in touch with our customers about existing orders and new products
    Statutory returns Necessary to comply with our legal obligations
    Ensuring safe working practices, staff administration and assessments Necessary to comply with our legal and regulatory obligations
    Necessary for our legitimate interests or those of a third party e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you
    The audit of our accounts Necessary to comply with our legal obligations
    To administer and protect our business and our Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) Necessary to comply with our legal obligations
    Necessary for our legitimate interests e.g. for running our business, provision of administration and IT services and networking security
     To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you Necessary for our legitimate interests i.e. to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy
    To use data analytics to improve our Website, products/services, marketing, customer relationships and experiences Necessary for our legitimate interests i.e. to define types of customers for our products and services, to keep our Website updated and relevant, to develop our business and to inform our marketing strategy

  • Automated Decision Making

    4Com shares customer personal data with third party financiers where a customer requests funding to lease a telephone system.

    Customer personal data may be used by 4Com plc or third-party financiers for credit, fraud and anti-money laundering checks in accordance with the lawful bases set out in the above table. You have the right to contest any decision based solely on automated decision making that produces legal effects concerning you or similarly significantly affects you - see below: ‘Your rights’ for information about how you can exercise this right.

  • Social Share Buttons

    If you click on one of the social share buttons on our Website, personal information will be transmitted to the relevant social media provider.

    By clicking on a social share button, the provider will receive information that your browser has accessed a specific page on our Website. This occurs even if you do not have an account with the provider or are currently not logged into your account with the provider. This information will be directly transmitted by your browser to the provider’s server (which may be located in countries such as the US) and stored there.

    If you are logged into an account with the provider, they can directly assign your visit to our Website to your account. If you interact with the share dialogue window (e.g. by leaving a comment), this information will also be directly transmitted to the provider’s server and stored there. This information will also be published on the provider’s page and shown to your contacts. If you do not want the provider to assign the data collected during your visit to our Website to your user account, you must first log out of your account before using the plug-in.

    To find out more about how the social media providers collect, process and use personal data, as well as how to protect your privacy, please refer to the providers’ privacy policies. Below is a list of the providers whose social share buttons are on our Website with a link to their privacy policies:

    Twitter
    Facebook
    YouTube
    LinkedIn
    Google
    Instagram

  • Marketing Communications

    We may use your personal data to send you periodic communications (by email or direct mail) about future product launches

    We have a legitimate interest in processing your personal data for marketing purposes. This means we do not usually need your consent to send you information about features, products, services, events and special offers. However, where consent is needed, we will ask for this consent separately and clearly.

    We will always treat your personal data with the utmost respect and never sell or share it with other organisations for marketing purposes.

    You have the right to opt out of receiving marketing communications at any time by:

    emailing datacompliance@4com.co.uk or writing to us at Loewy House, Aviation Park West, 11 Enterprise Way, Christchurch BH23 6EW  (for the attention of the compliance team or calling us on 0330 444 4444 or 

    using the ‘unsubscribe’ link in our emails.

    We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.


    Third party marketing

     

     We will get your express opt-in consent before we share your personal data with any other company for marketing purposes. 

  • Keeping Your Data Secure

    We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We have a specialist security team who constantly review and improve our measures to protect your personal data.

    We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

    Communications over the internet (such as emails) are not secure unless they have been encrypted. We are not able to accept responsibility for any unauthorised access or loss of personal data that is beyond our control.

    Our Websites may contain links to other websites operated by other organisations that have their own privacy policies. Please make sure you read the terms and conditions and privacy policy before providing any personal data on a website as we do not accept any responsibility or liability for websites of other organisations.

    We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

  • Sharing Your Personal Information

    Depending on the circumstances, we may share your personal data with:

    • companies within our Group;- Located in the UK.
    • third parties we use to help deliver our Services e.g. Lease companies- (providing 3rd party leasing solutions to customer)- Located in the UK
    • other third parties we use to help run our business e.g. website hosts, search engine providers that assist us in the improvement and optimisation of our Websites (located in the UK)
    • mobile telephone companies, providing telephone services (located in the UK)
    • finance companies (if you are applying for third party funding for the leasing of a telephone system) (located in the UK)
    • our insurers and professional advisers; providing risk analysis, business continuity plans and insurance (located in the UK)
    • external auditors e.g. in relation to the audit of our accounts; (located in the UK)
    • our bank(s) (located in the UK)

    If we have a contract with another organisation to provide us with services or a service on our behalf to process your personal data, we will make sure they have appropriate security measures and only process your personal data in the way that we have authorised them to. These organisations will not be entitled to use your personal data for their own purposes. If necessary, our security teams will check them to make sure they meet the security requirements we have set.

    We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.

    We may disclose and exchange information with law enforcement agencies so that they can detect and stop crime, prosecute offenders and protect national security. We may also need to disclose information to regulatory bodies to comply with our legal and regulatory obligations and as necessary to comply with the law (e.g. in response to a court order).

    We may also need to share some personal data with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised but this may not always be possible.

  • How Long Will We Keep Your Data For?

    We will keep your personal data while we are providing our Services to you or, using the personal data for the purpose for which it was collected. Thereafter, we will keep your personal data for as long as is necessary:

    1. to respond to any questions, complaints or claims made by you or on your behalf;
    2. to show that we treated you fairly;
    3. to keep records required by law.

    We will then securely destroy your personal data. We will not retain your personal data for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal data.

    Personal data supplied and used for the purpose of entering into a contract for goods or service will be deleted 3 years after you cease to have any relationship with 4Com plc or one of its subsidiaries.

    Personal Data supplied during the recruitment process will be deleted 6 months after an unsuccessful application. Within the first 12 months following cessation of employment with 4Com plc, an employee’s personal data will be minimized as much as possible & anonymized, but will be kept for a further 6 years, in order to comply with auditory requirements.

    We will never collect sensitive personal data about you (e.g. data about your health), or sell, rent or trade your personal data to third parties for marketing purposes without your consent.

    The personal data which we hold will be held securely in accordance with our internal security policy and the law.

  • Transferring Your Data Out of the EEA

    It is sometimes necessary for us to share your personal data outside the European Economic Area (EEA) (which comprises the countries in the European Union and Iceland, Liechtenstein and Norway) e.g.

           with your and our service providers located outside the EEA; or

           if you are based outside the EEA;

    These transfers are subject to special rules under European and UK data protection law.

    Whenever we transfer your personal data outside of the EEA, we ensure a similar degree of protection is afforded to your data by ensuring one of the following (or one of the other safeguards set out in data protection law) applies:

    • your data is transferred to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
    • the transfer is necessary for the performance of the contract between you and us;
    • the transfer is necessary to establish, exercise or defend legal claims;
    • there are adequate safeguards in place between us and the organisation receiving it (e.g. by the use of European Commission approved contractual terms); or
    • you have provided explicit consent to the proposed transfer after being informed of any potential risks.

     

  • Your Rights

    You have the following rights, which you can exercise free of charge:

    Access

    The right to be provided with a copy of your personal data

    Rectification

    The right to require us to correct any mistakes in your personal data

    To be forgotten

    In certain situations, the right to require us to delete your personal data

    Restriction of processing

    In certain situations, the right to require us to restrict processing of your personal data e.g. if you contest the accuracy of the data

    Data portability

    In certain situations, the right to ask us to transfer any  personal data you provided to us to another organisation

    To object

    The right to object at any time to your personal data being processed for direct marketing and in certain other situations to our continued processing of your personal data e.g. where processing is carried out for the purpose of our legitimate interests

    Not to be subject to automated individual decision-making

    The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

    For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.

    If you would like to exercise any of those rights, please email, write or telephone our compliance team —see below: ‘How to contact us’ and let us have enough information to identify you e.g. your full name, address and customer reference number as well as what right you want to exercise and the personal data to which your request relates.

     

  • How to Complain

    We hope that we can resolve any query or concern you may raise about our use of your personal data.  If you want to complain about how we have used your personal data, please email or write to our compliance team – see below: ‘How to contact us’. However, if we are not able to resolve your complaint to your satisfaction, you can complain to the UK’s supervisory authority, the Information Commissioner’s Office (ICO). Further information about how to make a complaint to the ICO can be found on the ICO website www.ico.org.uk

    The EU General Data Protection Regulation also gives you the right to lodge a complaint with the supervisory authority in the European Union state where you work, normally live or where any alleged infringement of data protection laws occurred.

    How to contact us

    Please contact us by email, post or telephone if you have any questions about this privacy policy or the information we hold about you.

    Our contact details are shown below:

    Our contact details

    datacompliance@4com.co.uk

    4Com PLC

    Loewy House, Aviation Park West, 11 Enterprise Way, Christchurch BH23 6EW

    Phone0330 444 4444

     

    Do you need extra help?

    If you would like this notice in another format (for example large print) please contact us (see ‘How to contact us’ above).

    This privacy policy was last updated on 14/05/2018

     

  • Call Recordings and Customer's Rights

    The recording and keeping of calls from individuals is covered by 3 main laws in the UK.

    These are: -

    1. Regulations of Investigatory Powers Act 2000 (RIPA)
    2. Data Protection Act 1998 (DPA) / GDPR
    3. Telecommunications (Lawful Business Practice) (Interception of Communications) Regulation 2000

    1.      RIPA – which regulates the interception of calls, allows for calls to be collected if the business has obtained the customer’s consent. - Consent can only be given, if the customer is asked/ informed, or if it falls within one of the exceptions of the Lawful Business Regulations.

    2.      DPA- regulates personal data capture, usage & storage, which also requires consent to be given by the end user.

    3.      Lawful Business regulations does allow for calls to be recorded without consent for a number of situations-

    However- if the information within the call can be determined in any way to be personal, the Data Protection Act would come into force and customers would need to be informed.

    So, in short, businesses should be informing end customers that their calls are recorded to allow the end customer to make an informed choice if they wish to carry on the conversation. If end customers carry on the conversation they are deemed to have given consent.

    It should however be noted that;

    If businesses are unsure about their obligations under this legislation and the ability to record calls they should obtain independent legal advice.

  • Cookies

    We use cookies to collect and store basic user data to assist us to deliver the right content via the website. We use some standard cookies from Google (standard visitor traffic tracking) WordPress (content tracking) and Act On (email marketing tracking).

    Cookies for follow up purposes

    One of the cookies we use allows us to find out your company name if you have a static IP address.  We may use this information to follow up with you after your website visit to see if their is any further assistance we can provide you.

    Cookies for Remarketing purposes

    Another of the cookies we use allows us to display advertising to you on a select number of websites via Google's Remarketing Platform.

    Cookies for Improvement purposes

    We also use cookies to monitor how our visitors are using the website, including those provided by Google and Hotjar.