Uncategorized

Our commitment to protecting your data & GDPR

This policy will make it easier to understand the data that we hold about our customers, private individuals, businesses, suppliers and contractors.

It includes;

  • How we collect information and what type of information we collect
  • How the information is used
  • How you can see and update the information
  • How long we keep the information and how we protect it
  • How a private individual can request information to be erased, your right to be forgotten

Data protection laws state that we are only able to hold personal data if we have valid reasons to do so. The basis for us holding personal and sensitive data includes, but is not limited to, performance of our contractual obligations and contact for customer service purposes for example, where we have  supplied you with goods or services, or to fulfil an obligation under an employee contract or you have given your consent.

How do we collect your information?

  • We receive information about you from you when you use our website, complete forms on our website, if you contact us by phone, email, live-chat or otherwise in respect of any of our products and services or during the purchasing of any such product.
  • Information we hold about you has been provided voluntarily by you or your organisation at the point of service provision and during the course of fulfilling our contract with you.

What type of data do we hold?

  • Personal data we collect includes your name, address, email address, phone numbers
  • Although we do not ask for your date of birth, sometimes we know it and use it only for the traditional purposes of wishing you happy birthday!
  • We collect information relating to your orders for products and services, help desk enquiries recording your support requests, workshop & visit reports, which can contain technical details and setup details such as user names and passwords.
  • We also retain records of your correspondence, phone calls, letters and emails.

How is information used?

Information is only used for the purposes of providing you with continuous, efficient and reliable support within the scope of our activities with you. For this purpose we may need to contact you by means of phone call, letter and email for the following reasons;

  • To process orders that you have submitted to us and provide you with products and services
  • To carry out our contractual obligations we have with you
  • To help us identify you and any accounts you hold with us
  • To enable us to review, develop and improve products and services
  • To provide customer care, including responding to your requests if you contact us
  • To administer accounts, process payments and keep track of billing and payments
  • To notify you about changes to our website and services
  • To provide you with information, prices and changes about products or services
  • To provide you with support, advice & recommendations, security bulletins & newsletters, invoices & statements for accounting purposes
  • We may contact you for marketing purposes where we feel you may benefit from a particular improvement, product or service

We will never pass any information we hold to third parties unless; you ask us to reveal the information, or we have your permission to do so, we are required to do so by law, it is required by law enforcement or fraud prevention.

How long do we keep your data?

  • We will retain all data specific to you for as long as we need to refer to it to support you or until such time as you request it be removed
  • We may keep your data for at least 7 years after you have cancelled your services with us
  • We may not be able to delete your data before this time due to our legal and/or accountancy obligations
  • We may also keep it for research or statistical purposes
  • We assure you that your personal and sensitive data shall only be used for the purposes stated herein
  • Requests for your personal data to be erased will be done so in a reasonable time
  • We will do everything possible to erase your Personal Information if you withdraw your consent or request the right to be forgotten
  • However, we will not be able to erase all of your Personal Information if it is technically impossible or for legal reasons
  • All accounting data customer and supplier accounts and account activity and invoices is kept in accordance with the current financial and Tax legislation.

How is your data stored?

  • Personal and sensitive data is held in our secure CMS (Contact Management System), Helpdesk and Accounting system
  • Our staff access your contact details on Workstations in our office or portable devices for the purposes of contacting you while out of the office.
  • Data is stored on our secured servers and protected by password
  • Data is only accessible to authorised employees
  • Hard copy information is kept in a restricted area in our offices in lockable cabinets

How do we protect you data?

  • To protect your information against accidental or unlawful destruction, loss or alteration, we use technical and organizational security measures to prevent any unauthorized disclosure or access
  • In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary

Business to Business Data (B2B)

  • Where-as the changes to Data Protection Laws refers to personal information collected about private individuals, how we deal with data and sensitive information collected from our B2B relationships is still appropriate although B2B data is not considered as personal data.  During the course of our service provision, we will have access to sensitive data and personal information held on your systems, devices and computers. It is your responsibility to maintain the security, to protect this data and to consider third party access to personal data in your own privacy policy. You should refer to our terms and conditions with respect to our professional code of conduct and confidentiality in regards to customers’ data.

Privacy Notice 25 May 2018

We may change this Policy from time to time so please check it on our website occasionally to ensure that you are happy with any changes. By using our services, you are agreeing to be bound by this Policy.

If you have specific questions or concerns about the use of your data, please contact privacy@amanet.co.uk.

This Privacy Notice shall become effective as of 25 May 2018

Update your PC, Laptop, iPhone, iPad and Mac NOW!

According to Apple their Macs, iPhones, iPads and Apple TV are all hit by a flaw in chips that they use which could let attackers access sensitive information.

Design flaws in processors from leading chipmakers, Intel, AMD and ARM could effect most of your computer devices.  One vulnerability, dubbed “Meltdown,” is known to affect Intel chips. The other, called “Spectre,” could affect chips from AMD and Arm as well.

What to do?

– You should apply the first available security updates from the companies who make the software on your devices, like Microsoft Windows, or Apple for iOS.
– Update to new versions of iOS and MacOS released today to protect iOS web browser
– Carry out Windows updates as they are released
– Only download software from trusted sources such as Apple App Store
– Since hackers would have to install malware on your computer, do your best to make that harder for them by keeping all your software up-to-date;  run security software to make sure you don’t have any malicious software on your computer right now;  look out for phishing emails, emails that trick you into clicking on a link and downloading malicious software are still the number one way for hackers to get on your computer.

… for further advice and help to update your device and carry out security scans please call our help desk 01572 770653

 

 

Social Engineering

Human behaviour continues to be one of the weakest links in an organisation’s cyber security. Amanet Ltd are curently providing a planned penetration testing service for some of our high profile clients, whose staff have access to sensitive personal and financial information, and consider themselves vulnerable. Tests are taylored to the individual organisation and include a range of attacks designed to assess detection of spurious phone calls and email messages. The service evaluates how staff respond to social engineering attacks by mirroring real-world techniques such as phishing and vishing designed to trick them into disclosing sensitive information and performing malicious actions. The sole purpose is to improve employee cyber awareness.

If you are concerned or suspect that your organisation is vunerable please contact us for more information.

Project Borneo 2017

Help us support Freya in her latest community project!

I really need some help to fund my next community project.

Having had an amazing and successful trip to Ghana in 2014 where I worked with a group from my school in a small village community (helping with among other things, the construction of accommodation and a school), I’ve planned to do something similar in Borneo this July before results day, and if all goes well with those results starting at Medical School in September.

I will be taking part in a community project in a rural area of Borneo where the majority of people are living below the poverty line and don’t have access to proper housing, education facilities, medical treatment or even reliable clean drinking water.

The funds raised will go towards expedition costs and buying the resources needed to carry out the community work whilst I am out there.

We will also be spending sometime trekking and doing some conservation work with the Orangutans! So there will be some down time!

I will try to post more information in the next few weeks with more details of the trip.

Thank you so much for reading this and any contribution will be much appreciated.

Freya X

Security Bulletin – Ransomware

Judging from the phone calls we’re receiving today our customers are quite rightly concerned about the Rasomware attack highlighted at the weekend by the shutdown of services at the NHS. There is a lot of talk in the media about what you should and should not do so I thought a bulletin from Amanet may help.

read more