This policy sets out how we handle your personal information if you’re a client of, or a website visitor to, Chilli Information Solutions Ltd (Chilli IS). We are committed to safeguarding the privacy of our clients and website visitors.
When we say ‘we’, ‘us’ it refers to Chilli IS.
Our company is based in Lichfield, Staffordshire, UK and we use the Microsoft Azure cloud platform to host our software solutions in the UK. We also use Office 365 and One Drive. Both Azure and Office 365 are compliant with the international standard ISO 27001 on Information Security Management.
Personal information that we store or transmit is protected by security and access controls, including username and password authentication and data encryption where appropriate.
You have the right to make a request to access personal information we hold about you and to request corrections of any errors in that information. You can also ask us to delete your information at any time. To make an access or correction request, contact our privacy champion using the contact details at the end of this policy.
We use your information to contact you about the services we are providing you with. Including support of those services and on-going management of these services. For example:
We do not use your information for marketing purposes, or sell, or allow third parties to access your information.
Personal data that we process for any purposes shall not be kept for longer than is necessary for those purposes.
We will retain your personal data as follows for a minimum period of 1 month and a maximum period of 3 months following the date we cease our business relationship with you.
This policy came into effect on May 25th 2018.
We will need to change this policy from time to time to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on this page.
If you have any questions about our privacy practices or the way in which we have been managing your personal information, please contact our privacy champion in writing at firstname.lastname@example.org.
If you’re a user or visitor in the European Economic Area these rights apply to you for the purposes of applicable EU data protection law (including the General Data Protection Regulation 2016/679 (the “GDPR”), we are a ‘data controller’ of your personal information.
If you have unresolved concerns, you have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.