Privacy Policy

Vianet Privacy Notice

ABOUT US

Vianet Limited (we, us, our) are committed to protecting and respecting your privacy. For the purposes of data protection legislation, we are the data controller and we will process your personal data in accordance with the United Kingdom General Data Protection Regulation (UK GDPR), Data Protection Act 2018 and the Privacy and Electronic Communication Regulations 2003 (data protection laws) which relate to the processing of personal data. We are registered with the Information Commissioner’s Office (ICO), the UK’s data protection regulator, and our registration reference is ZA259668. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Please note that this Privacy Notice applies to our activities as a data controller.

PERSONAL DATA WE COLLECT ABOUT YOU  

Personal data is defined in data protection laws as any information relating to an identified or identifiable living individual. We may collect personal data in the following circumstances:

When you visit our website or use our mobile applications:

• when you complete forms on our website, we may collect personal data such as your name, address, email address, telephone number, date of birth and employer which is provided at the time of registering to use our website, where you ask us to contact you about our goods or services, subscribe to our mailing list, or subscribe/request or goods or services;

• whenever you provide information to us when reporting a problem with our website and/or mobile applications, making a complaint, making an enquiry or contacting us for any other reason. If you contact us, we may keep a record of that correspondence;

• whenever you disclose your information to us, or we collect information from you in any other way, through our website and/or mobile applications;

• data that is automatically collected, such as your Internet Protocol address, for reasons of fraud protection. We may also collect information about your device’s operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual;

• cookie data: our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website. If you do not wish to allow the use of cookies, you can change your browser settings in order to block the deployment of cookies. You can find our cookie policy here https://vianetplc.com/cookie-policy/.

Links to third party websites: Our website may, from time to time, contain links to and from the websites of third parties. Please note that if you follow a link to any of these websites, such websites will apply different terms to the collection and privacy of your personal data and we do not accept any responsibility or liability for these policies. When you leave our website, we encourage you to read the privacy notice/policy of every website you visit.

When you enter into a contract with us:

• When your enter into a contract with us, we may collect details such as your name, contact details, bank details, the equipment you use/our goods/services interact with, details of any work we undertake on your behalf, sales data and transaction history when you order or receive goods or services from us either via our website, on the telephone or in person, trading names, shareholdings, trading history, details of how you process payments and the channel through which you generate sales.

• We will use this information to process your order/provide you with services, perform checks, monitor transactions to prevent or detect crime, assess suitability for credit and comply with our contractual obligations.

• Know Your Customer (KYC): We may conduct KYC checks where we are required to do so in order to comply with our legal obligations. We may request your passport details and any other information we deem necessary to fulfil our KYC obligations. We use this information to confirm your identity and comply with legal requirements. Some of this data may constitute ‘special category data’ (such as ID documents) which is given special protection under data protection laws due to it being particularly sensitive. To process this information we will generally rely on the lawful basis of substantive public interest (with a basis in law).

• We may also advertise your feedback on our website and marketing materials (subject to obtaining your prior consent where necessary).

When you are a customer of our customer:

• If a customer of ours provides services/goods to you, but instructs us to attend your premises so we may provide services to our customer as part of their arrangement with you, we may collect details such as your name, contact details and the equipment you use.

• The information we collect will be used so we can perform our contractual obligations, for our legitimate interests, so we can contact you to arrange a access to your premises/the equipment and so we can address any other issues which may arise as part of the service/goods we supply.

How long your personal data is retained for: We will retain your information as long as we require this to provide our customers with the goods or services ordered from us and for a period of seven years afterwards.

Where you are a supplier of ours:

• We will collect details such as name, contact details, bank details in order to contact you about goods or services ordered with you, to place further orders and to pay you for the goods and/or services supplied.

HOW WE DETERMINE HOW LONG PERSONAL DATA IS RETAINED FOR

We only retain your personal data as long as it is necessary to carry out the purpose it was collected for. Depending on the type of personal data and which of our products or services you are using, different retention periods will apply. Where we are a data controller, this is generally in line with statutory limitation periods (6-7 years). After that time, we securely erase your personal data. Where we are a ‘processor’ the relevant controller company will be responsible for dictating retention.

We determine the length of time personal data is retained for by taking into account a number of factors, such as if there are any statutory requirements to process that personal data, the length of time it is required in order to carry out our business activities relating to that personal data, and if we have contractual obligations that need to be complied with. We will never retain personal data for longer than necessary.

OUR LAWFUL BASIS FOR PROCESSING YOUR PERSONAL DATA

We will only process your personal data where we have a lawful basis under data protection laws to do so. The lawful bases we rely on are set out below:

• Contract: for the performance of a contract we enter into with you;

• Legal obligation: where necessary for compliance with a legal or regulatory obligation we are subject to;

• Consent: where you have provided your consent in order for us to process your personal data; and

• Legitimate interests: where we have a legitimate interest to do so. This includes to:

  • provide you with information, or services that you requested from us;

  • allow you to participate in interactive features of our website and/or mobile applications, when you choose to do so;

  • ensure that content from our website and/or mobile applications is presented in the most effective manner for you and for your device;

  • improve our website, mobile applications and services;

  • process and deal with any complaints or enquiries made by you; and

  • contact you for marketing purposes where you have signed up for these.

IF YOU FAIL TO PROVIDE PERSONAL DATA

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide the data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example to provide you with our goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

SHARING YOUR PERSONAL DATA

We only share your data with third parties who agree to comply with our data security standards and applicable data protection laws. We may disclose your information to third parties as follows:

• to staff members in order to facilitate the provision of goods or services to you;

• to our affiliated entities to support internal administration;

• IT software providers that host our website and/or mobile applications and store data on our behalf;

• in order to perform our contact with you, we may need to share personal data with third parties such as payment providers, credit agencies, payment processers such as Elavon Financial Services, and postal service organisations to assist in the delivery of goods or services you have ordered;

• professional advisers including consultants, lawyers, bankers and insurers who provide us with consultancy, banking, legal, insurance and accounting services;

• HM Revenue and Customs, regulators and other authorities who require reporting of processing activities in certain circumstances; and

• third parties who we may choose to sell, transfer or merge parts of our business or assets. Alternatively, we may seek to acquire other business or merge with them. If a change happens to our business then the new owners may use your personal data in the same way as set out in this privacy notice.

We may disclose personal data to the police, regulatory bodies, legal advisors or similar third parties where we are under a legal duty to disclose or share personal data in order to comply with any legal obligation, or in order to enforce or apply our website terms and conditions and other agreements; or to protect our rights, property, or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

MARKETING

In addition to the uses described above, where permitted under data protection laws, we may use your personal data for our legitimate interests in order to provide you with details about our goods, services, business updates and events which we think may be of interest.

You have the right to opt-out of receiving our marketing communications at any time. To opt-out of receiving such information you can:

• tick the relevant box situated in the form on which we collect your information;

• clicking the unsubscribe button contained in any such communication received; or

• email us at dpo@vianetplc.com providing us with your name and contact details.

MONITORING AND RECORDING

We may monitor and record communications with you (such as telephone communications and emails) for the purpose of quality assurance, training, fraud prevention and compliance. All telephone communication recordings are removed after 6 months.

AUTOMATED PROCESSING

Automated decision making is the process of making a decision by automated means without any human involvement. We do not undertake automated decision making with your personal data which has a significant legal effect on you.

TRANSFERRING YOUR PERSONAL DATA OUTSIDE OF THE UNITED KINGDOM

At Vianet, we are committed to providing secure and reliable services, with our data primarily hosted in the Netherlands (EEA). As a global organisation, we strive to uphold the highest standards of data protection and privacy, ensuring your personal data is handled with care and accessed responsibly from the United Kingdom and other territories, ensuring appropriate safeguards are in place. Where we transfer your personal data outside of the United Kingdom, we always comply with data protection laws designed to ensure the privacy and appropriate protection of your personal data. Where personal data is transferred outside of the United Kingdom, your personal data is protected by:

• the relevant receiving party being located in a territory that is subject to an adequacy decision; or

• a written agreement which adds appropriate protections that have been approved by the UK government and the ICO to safeguard your personal data.

DATA SECURITY

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website and/or mobile applications, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted to our website and/or mobile applications; any transmission is at your own risk.

Information you provide to us is shared on our secure servers. We have implemented appropriate physical, technical and organisational measures designed to secure your information against accidental loss and unauthorised access, use, alteration or disclosure. In addition, we limit access to personal data to those employees, agents, contractors and other third parties that have a legitimate business need for such access.

YOUR PRIVACY RIGHTS

Data protection laws provide individuals with certain rights that relate to the processing of their personal data. These rights can be exercised at any time by contacting us. These rights are:

• access;

• rectification;

• erasure;

• restriction;

• data portability;

• object;

• not to be subject to automated decision making or profiling;

• be informed;

• withdraw consent; and

• complain to the ICO.

You can see the ICO’s full overview of these rights, when they apply and their limitations here. Where you contact us to exercise your privacy rights, we may request specific information from you to help us confirm your identity.

Where you exercise your right to access, data protection laws may allow or require us to refuse to provide you with access to some or all the personal data that we hold about you or to comply with any requests made by you. If we cannot provide you with access to your personal data, or process any other request we receive, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

Please send any requests relating to the above to us at dpo@vianetplc.com specifying your name, the action you would like us to undertake, and any other information you think may be relevant to the facilitation of your request.

CHANGES TO OUR PRIVACY POLICY

We reserve the right to update this privacy notice at any time, and any changes we make to our privacy notice will be posted on this page. Please check periodically for any updates. If we would like to use your previously collected personal data for different purposes than those we notified you about at the time of collection, we will provide you with notice and, where required by law, seek your consent, before using your personal data for a new or unrelated purpose. We may process your personal data without your knowledge or consent where required by applicable law or regulation.

HOW TO CONTACT US

We have appointed a Data Lead to oversee compliance with this privacy notice. If you have any questions, comments or requests regarding this notice or how we use your personal data please contact our Data Lead at dpo@vianetplc.com. This is in addition to your right to contact the Information Commissioners Office if you are unsatisfied with our response to any issues you raise at https://ico.org.uk/global/contact-us/.

ITPOL24 011                                                                                                                                        16.01.25