Synovum Data Privacy Policy
Synovum Ltd. does not hold any personal information outside of that which it explicitly needs to provide services to your organisation.
When your organisation becomes a client/partner/supplier, Synovum Ltd. will store information about you and your business.
​
This information includes the following:
-
Full name;
-
Email address;
-
Contact telephone numbers;
-
Contact address;
-
Billing information;
-
Initial source of engagement.
This information is used to reply to emails and phone calls and to provide you with our service offering. If you do not want to contacted about our services please let us know by call or email.
​
Synovum Ltd. will only collect personally identifiable data, such as your name and e-mail address, when it is voluntarily submitted to us via this website or via direct email.
​
If we are going to use your personally identifiable information in a manner different from that stated at the time of collection through this web site, we will notify you via email. You will have a choice as to whether or not we use your information in this different manner.
In addition, if we make any material changes in our privacy practices that do not affect user information already collected through our site, we will post a prominent notice on our web site notifying users of the change.
​
Data storage
We keep a close watch on our compliance requirements and will move or remove your information where a supplier does not meet the compliance requirements of the UK/EU (if you are a UK or EU citizen).
Data stored outside of the organisation is either held in EU-based ISO-27001 certified data centres, or US-based data centres which have signed up to the EU-US Privacy Shield framework.
Data security
All data stored on Synovum servers are protected 'at-rest' through the use of encryption. All backups made of stored data are also encrypted. Encryption technologies are also used for the transfer of sensitive data 'in-motion'.
​
​We use https to encrypt the data sent between your browser and this web site, this ensures up to a point that it can’t not be interfered with, this is however not 100% secure. Any data you transmit is at your own risk, it is in public domain as soon as it leaves your network.
​
Data compromise
If our systems are ever compromised, we promise to inform users immediately after an incident, and will self-report to the UK Information Commissioners office. An incident would include any breach of security leading to the destruction, loss, alteration, unauthorised disclosure of, or access to, your identifiable personal or corporate data.
​
We will notify affected users first, and then publish details of the breach on this site. We do not use third party advertising companies to provide advertisements or allow third party advertisers to track your browsing.
​
Data disclosure
We only allow access to your contact details when required by law, we do not and will never sell your details.
We do not provide services such as Facebook, Twitter, LinkedIn, Snapchat and other social media platforms access to our contacts database.
We may contact you using social media channels (LinkedIn, Twitter), however no personal or technical information will be passed via these channels.
Data retention
When you become a customer of Synovum Ltd. we hold data that must be retained to meet our legal and statutory responsibilities.
​
For the Cyber Essentials Scheme we are required to retain a copy of your report and any log files for a period of 6 years after the date of certification.
For other services we will retain details other than those that are statutory requirements for a period of 12 months.
​
Data removal
If you would like us to delete any information we have about you, we shall do this unless its part of a condition of using one of our services. You may request to have your information deleted once the agreement of a service provided by Synovum Ltd. is deemed nullified.
We will respond to your request to access, update or delete your information within 30 business days. Before we are able to provide you with any information, correct any inaccuracies or delete any information, however, we may ask you to verify your identity.
​
In the event of Synovum Ltd. ceasing operations entirely all personal data will be destroyed within 14 days.
​
If you have any questions regarding data privacy please email dataprivacy@synovum.co.uk.