• LinkedIn - Grey Circle
  • Twitter - Grey Circle
  • Facebook - Grey Circle

© Spartan Global Services Ltd 2019

PRIVACY POLICY

​1.0 Introduction

This policy describes how Spartan Global Services aims to repay the trust you have shown by sharing your personal data with us.

1.1 About us

Spartan Global Services is a provider of IT Asset management and disposal services, reverse logistics, repair and refurbishment  and wholesaler of computers, computer peripheral equipment, mobile/wireless and software (company number 08446765) with registered office at 36 Rumer Hill Business Estate, Rumer Hill Road, Cannock, Staffordshire, WS11 0ET, United Kingdom.

1.2 Registration with the Information Commissioner’s Office

For the purpose of the Data Protection Act (2018) Spartan Global Services is registered as a data controller with the Information Commissioner’s Office with registration number ZA305461

1.3 Data Protection Officer

Spartan Global Services Data Protection Officer is:

Eddie Allan

Unit 36, Rumer Hill Business Estate, Rumer Hill Road, Cannock, Staffordshire, WS11 0ET

(t) 0330 058 9991

(e) www.spartanglobalservices.com

1.4 Personal Data Processed by [Spartan Global Services]

Spartan Global Services collects, stores and processes personal data for several purposes, :personnel administration, financial accounts, customer interaction, marketing and for the fulfilment of our services to our customers,  including financial transactions. The detail of this is described in the table below.

 

 

 

 

When we process on the lawful basis of legitimate interest, we apply the following test to determine whether it is appropriate:

  • The purpose test – is there a legitimate interest behind the processing?

  • Necessity test – is the processing necessary for that purpose?

  • Balancing test – is the legitimate interest overridden, or not, by the individual’s interests, rights or freedoms?

 

​1.5 Data Sharing

Spartan Global Services may share data with the following organisations and for the lawful reasons shown.

  • HMRC -  Legal Obligation

  • Accountants - CJM Associates - Legal Obligation

  • Payroll - CJM Associates -  Contract

  • I.T. Support Services - Headway Technology Ltd - Contract

  • HR - Peninsula Business Services Ltd.

  • Merchant Services - Stripe and PayPal

 

1.6 Sub-contract Processing

Spartan Global Services uses sub-contact organisations to process personal data under a written contract which defines that they must comply with stringent data privacy requirements. Spartan Global Services only employs organisations that comply with the provisions of the General Data Protection Regulation. These organisations are audited to ensure compliance. Spartan Global Services processors include:

 

Logistic Companies for the delivery of post and goods, 

Card Merchant Services, for the secure processing of credit card payments, 

Cloud based services for the secure hosting of: 

  • CRM, 

  • email, 

  • data storage, 

  • invoicing, 

  • accounting services, 

  • telecoms (VOIP) and internet services ,  

  • e documentation, 

  • marketing, 

  • banking, 

  • domain registration,

  • data deletion. 

 

​1.7 Profiling

Spartan Global Services does not carry out profiling.

 

1.8 International Transfers

Spartan Global Services does transfer personal data outside of the United Kingdom when engaging with some Data Processors. We may send information outside of the UK where we use a service provider or technology provider based overseas. Where we send personal data outside the European Economic Area ("EEA") we will ensure that suitable safeguards are in place to protect the information. For example, these safeguards might include:

  • Model contractual clauses provided by the European Commission

  • The European Commission will decide that the country or international organisation has an adequate level of personal data protection

  • The information will be handled by an organisation that is providing a level of protection that’s approved by the European Commission. For example, the Privacy Shield scheme for organisations based in the USA


1.9 Secure storage of data.

Our information security management system (ISMS) is certified to ISO/IEC 27001. All our payment card processing is in compliance with PCI DSS. Our data storage is either hosted internally or via G Suite of which we have confirmed and contractual affirmation to required levels of security. Our email is facilitated by either Outlook (via a local server) or G Suite both of which are secured via our ISMS , and contractual affirmation respectively.

 

We do not, however, have any control over what happens between your device and the boundary of our information infrastructure. You should be aware of the many information security risks that exist and take appropriate steps to safeguard your own information. We accept no liability in respect of breaches that occur beyond our sphere of control.

 

1.10 Your Rights

You have the following rights concerning your personal data:


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

1.11 Your right to lodge a complaint with a supervisory authority

If you wish to exercise any of your rights concerning your personal data, you should contact [ORGANISATION NAME]’s Data Protection Officer at the address shown above. If you are not satisfied with the response you receive you have the right to lodge a complaint with the supervisory authority. In the United Kingdom this is:

Information Commissioner's Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

 

(t) 0303 123 1113

(e) casework@ico.org.uk