Privacy Policy

Enbox is strongly committed to preserving the privacy of our customers. This Privacy Policy lets you know about our policies for the collection and use of information about you.

Who we are

We are Enbox Ltd. ("we", "us" or "our"), of Melrose House, 42 Dingwall Road, Croydon, CR0 2NE ENGLAND.

Enbox is the Data Controller for the purposes of the General Data Protection Regulation and for any UK legislation with the purpose of implementing or amending it in British law.

Enbox is committed to protecting your personal information. As a data controller we have a responsibility to make sure you know why and how your personal information is being collected in accordance with relevant data protection law in connection with any personal information collected or received by us arising from your use of any of our products, services, applications, websites and customer support communications.

Summary

This Policy explains the types of information that we may collect and hold, how that information is used and with whom the data is shared. It also sets out how you can contact us if you have any queries or concerns about this information.

We will not sell any of your personal information to third parties. We don't share your information with other companies without your prior permission or if outlined below and we will only send you marketing emails if you specifically give us your consent to do so.

Please also be aware that we may also obtain information about you from our Clients. We are not responsible for the security or policies of these companies, and recommend that you review their Privacy Policies before sharing your personal data with them.

Contractors

These are companies who work directly with us, under contract, to supply us and you with certain products. You may advise us of your preference not have your data shared, and we will ensure that unless necessary for the execution of a Contract or to meet legal requirements that your data is not shared without your explicit permission.

Information we collect

We may collect information about you in several different ways including when you purchase products or services from us, when you contact us, send us feedback, or use our websites or social media channels.

Information that we gather about you may include your name, contact details [including email address, telephone number and postal address]. This information may also be shared with and/or used by certain other parties such as our Contractors.

Why we are processing your data

We may use the personal information you provide to us or which we collect for the following purposes:

  • Providing services to you and fulfilling those services.
  • Marketing our business and services to you.
  • Asking you to participate in market research, for example sending you surveys about your experiences with us.
  • To contact you if any services you requested are unavailable or to notify you in the event of any changes to our services.
  • Providing customer service, such as responding to emails, contacting you with information updates or arranging call backs.
  • Analysing customer feedback, to improve the service that we are offering.
  • Tracking activity on our website, marketing emails and social media channels, so as to improve the user experience.
  • Investigating complaints and carrying out internal investigations.
  • To prevent or detect unlawful behaviour or to protect or enforce legal rights.
  • Gathering information as part of investigations by regulatory bodies or in connection with legal proceedings or requests
  • In limited circumstances we may also use your information for other purposes where permitted by law

What we use to process your data

When we gather data from you via the methods listed above or if you make direct contact with us, we may use the following systems to process this information:

  • Our computer networks, email systems and internet facilities
  • Our telephones, voicemail and mobile phone records
  • Third party systems including Google Analytics.

We, all our staff and any third parties hired to provide support services, will be required to observe our privacy standards and to allow us to audit them for compliance.

How long we keep your data for

We will retain your personal data as set out in the policy and as required by applicable law. We may also retain certain information in order to conduct audits; comply with our legal obligations (and to demonstrate compliance) and to resolve disputes. However, we will not retain your personal data for longer than seven years from contract or contact activity unless you request we delete your data. We will then delete your data if we are legally able to do so. Should we be unable to delete your data legally we will inform you and you will then have the choice to be removed from all non-legal correspondence..

Sharing your data

In general, we do not share or disclose information about you to third parties without your consent. However, there are exceptions:

  • We may use other third party service providers to provide certain data processing services for us (acting as our authorised data processors). For example, we may use the services of third parties to provide services such as meter calibration and support.

    When acting as our authorised data processors, our service providers are required to only process data in accordance with our instructions, in line with this Policy, and are subject to appropriate confidentiality and security obligations.

    We may use and/or disclose to third parties information about you:

    • To government bodies and law enforcement agencies to prevent fraud, to comply with applicable laws, regulations and court orders and to comply with valid legal information requests from such bodies
    • To third parties (including professional advisors) to enforce or defend our legal rights or the terms and conditions of any of our websites, products or services

      We may also prepare anonymous, aggregate or generic data (including “generic” statistics) for a number of purposes. As we consider that you cannot be identified from this information, we may share it with any third party.

Keeping your data secure

The security of your data is of the utmost importance to us. While we can’t guarantee that unauthorised access will never occur, rest assured that we take great care in maintaining the security of your personal data to prevent unauthorised access to it, through the use of appropriate technology and internal procedures. We also limit access to your personal information to those who have a genuine business need to know it. Some of the technical and organisational measures we use to safeguard your personal data are:

Storing your personal data, in all forms, in a secure environment and putting in place physical, electronic, and procedural safeguards in line with industry standards
Employing SSL (secure sockets layer) encryption on our website
Training our staff on the importance of data protection and limiting access to the information we collect about you
We also have policies and procedures in place to deal with any suspected data breach so that we can act quickly to minimise any potential damage.

What we will do if there is an update to this Privacy Policy or our Privacy Notice(s)

From time to time we may change our privacy practices. We will post an updated copy on our website. It will have a different date from the one set out at the bottom of this page. Please check our site periodically for updates.

Privacy Notice(s) - transparency of data protection

Being transparent and providing information to our customers about how we will use personal data is important to us. The following Privacy Notices detail how we collect data and what we will do with it, please ensure you have read our Privacy Policy above to ensure you understand all the ways in which we may use your data and how we keep it safe, the information below is not finite but designed to support you in understanding our practices.

Using our website

When using our website please ensure you are familiar with our Terms of Use and Cookies Policy which gives a full breakdown of what and how we collect information about you when you use our website.

Getting in touch with us directly

When you get in touch with us for customer service assistance by any means of communication including written or via our website, telephone, email, SMS, or our social media channels, we may record all customer service communications and keep information about the particular communication, including your name, the services you use, the reason why you contacted us, and the advice we gave you so we can track the resolution of any customer service issues and for customer service training purposes.

What information is being collected:

Name, Contact Details
Legal Basis for Processing: Explicit Consent
Who is collecting it: Enbox
How is it collected: directly from the customer
Why is it being collected: to provide customer service assistance, such as responding to emails, contacting you with information updates or arranging call backs, and to improve our services and analyse feedback
How will it be used: customer service assistance, internal investigations, staff training, improving our policies and procedures, best practice, to compile KPIs, to report generic statistics
Who will it be shared with: generally this information is kept internal to us however, we may share communications with our Contractors should they be referenced in the communications and/or their input to response be required.
How long we will keep it for: as long as reasonably required, following this time it will either be deleted or anonymised
Important: when using this information to report generic statistics, personal information about you will not be used and you are not identifiable via this data.

Your information rights

As a data controller we have a duty to inform you of not only why your personal information is being processed but what rights you have around your personal information too.

You have the right to:

  • Be informed of how your personal information is being used
  • Have access to information held about you, this is commonly known as a Subject Access Request (SAR)
  • Have your personal information deleted in certain circumstances
  • Have inaccuracies within your personal information corrected
  • Restrict processing of your personal information until inaccuracies are corrected or if there is a dispute around legal basis for processing the personal information
  • Object to processing of your personal information in certain circumstances
  • Have your personal data transferred to another provider
  • Be informed of where automated decision making (ADM) takes place and be given an option to opt out of ADM

Further information

To speak directly with Enbox regarding this Policy, our practices or have any questions or concerns please contact us on info@enbox.co.uk or at;

Enbox Ltd.
Melrose House
42 Dingwall Road
Croydon
CR0 2NE
ENGLAND

Last updated: 5 May 2021