info@keepel.com

3 Hurst Road Horsham England RH12 2ES

© 2019 Keepel

Keepel Privacy Policy Notice

 

This privacy policy notice is served by Keepel Ltd, under the website; www.keepel.com.    The purpose of this policy is to explain to you how we control, process, handle and protect your personal information through the business and while you browse or use this website. If you do not agree to the following policy you may wish to cease viewing / using this website, and or refrain from submitting your personal data to us.

Why do we have a privacy policy?

Keepel are under a legal obligation to let you know what personal information we collect about you, what we use it for and on what basis. We always need a good reason and we also have to explain to you your rights in relation to that information. You have the right to know what information we hold about you and to have a copy of it, and you can ask us to change or sometimes delete it.

 

The reasons we collect information are set out in this privacy policy. As a fraud prevention service provider, some of what we do to keep our customers safe from fraud involves using personal information. And we believe that it is very important for our customers to trust us with that information. We want you to be confident that we will keep it secure and use it both lawfully and ethically, respecting your privacy.

We generally rely on one of three grounds (reasons) for our business processing personal information. Firstly, if you have ordered or take a service from us, we are entitled to process your information so that we can provide that service to you and bill you for it.

Secondly, if we want to collect and use your information for other purposes, we may need to ask for your permission and, if we do, that permission must always be indicated by a positive action from you like ticking a box and be informed. You are also free to withdraw your permission at any time. We tend to need permission when what is proposed is more intrusive (for example, sharing your contact details with other organisations so they can market their own products and services to you).

 

However, we do not always need permission. In some cases, having assessed whether our use would be fair and not override your right to privacy, we may come to the view that it falls within the third ground – our ‘legitimate interests’ to use the information in a particular way without your permission (for example, to protect our network against cyber-attacks). But when we do this, we must tell you as you may have a right to object. And if you object specifically to us sending you marketing material, or to ‘profiling you’ for marketing purposes, we must then stop.

Policy key definitions:

  • "I", "our", "us", or "we" refer to the business, [Business name & other trading names].

  • "you", "the user" refer to the person(s) using this website.

  • GDPR means General Data Protection Act.

  • PECR means Privacy & Electronic Communications Regulation.

  • ICO means Information Commissioner's Office.

  • Cookies mean small files stored on a users computer or device.

Key principles of GDPR.

Our privacy policy embodies the following key principles; (a) Lawfulness, fairness and transparency, (b) Purpose limitation, (c) Data minimisation, (d) Accuracy, (e) Storage limitation, (f) Integrity and confidence, (g) Accountability.

Processing of your personal data.

Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.

  • We are registered with the ICO under the Data Protection Register, our registration number is: ZA466390.

What information we collect and what we use it for.

What kinds of personal information do we collect and how do we use it?

To provide you with our services we’ll use your personal information to provide you with our services. This applies when you register for or buy our service from us. Or if you register for an online account with us or download and register on one of our apps.

 

This means we’ll:

  •   record details about the services you use or order from us;

  •   send you product or service-information messages (we’ll send you messages to confirm your order and tell you about any changes that might affect your service, like when we have infrastructure work planned or need to fix something);

  •   update you on when we’ll deliver, connect or install your products and services;

  •   let you create and log in to the online accounts we run;

  •   charge you and make sure your payment reaches us;

  •   give information to someone else (if we need to for the product or service you’ve ordered) or to another communications provider if you’re buying some services from them and us (if we do this, we still control your personal information and we have strict controls in place to make sure it’s properly protected); and

  •   support you more if you are a vulnerable customer.

 

We use the following to provide products and services and manage your account:

  •   Your contact details and other information to confirm your identity and your communications with us. This includes your name, gender, address, phone number, date of birth, email address, passwords and credentials (such as the security questions and answers we have on your account).

  •   Your payment and financial information.

  •   Your communications with us, including emails, webchats and phone calls. We’ll also keep records of any settings or communication preferences you choose.

  •   Information from cookies placed on your connected devices that we need so we can provide a service.

 

We use this information to carry out our contract (or to prepare a contract) and provide products or services to you. If you don’t give us the correct information or ask us to delete it, we might not be able to provide you with the product or service you ordered from us.

If you tell us you have a disability or otherwise need support, we’ll note that you are a vulnerable customer, but only if you give your permission or if we have to for legal or regulatory reasons. For example, if you told us about a disability we need to be aware of when we deliver our services to you, we have to record that information so we don’t repeatedly ask you about it. We will also record the details of a Power of Attorney we have been asked to log against your account.

Because it is in our legitimate interests as a business to use your information we’ll use your personal information if we consider it is in our legitimate business interests so that we can operate as an efficient and effective business. We use your information to:

  •   Identify, and let you know about, products and services that interest you;

  •   create aggregated and anonymised information for further use;

  •   detect and prevent fraud; and

  •   secure and protect our network.
    To market to you and to identify products and services that interest you we’ll use your personal information to send you direct marketing and to better identify products and services that interest you. We do that if you’re one of our customers or if you’ve been in touch with us another way.

This means we’ll:

  •   create a profile about you to better understand you as a customer and tailor the communications we send you (including our marketing messages);

  •   tell you about other products and services you might be interested in;

  •   recommend better ways to manage what you spend with us.

  •   try to identify products and services you’re interested in; and

  •   show you more relevant online advertising and work with other well-known brands to make theirs more suitable too.

We use the following for marketing and to identify the products and services you’re interested in:

  •   Your contact details. This includes your name, gender, address, phone number, date of birth and email address.

  •   Your payment and financial information.

  •   Information from cookies and tags placed on your connected devices.

  •   Information from other organisations such as aggregated demographic data.

We’ll send you information (about the products and services we provide) by phone, post, email, text message, online banner advertising or a notice using our apps. We also use the information we have about you to personalise these messages wherever we can as we believe it is important to make them relevant to you. We do this because we have a legitimate business interest in keeping you up to date with our products and services, making them relevant to you and making sure you manage your spending with us. We also check that you are happy for us to send you marketing messages by text or email before we do so. In each message we send, you also have the option to opt out.

 

We’ll only market other organisations’ products and services if you have said it is OK for us to do so.
 

You can ask us to stop sending you marketing information or withdraw your permission at any time, as set out above.

 

Read our cookie policy for more details on how we use cookies.

 

To create aggregated and anonymised data we’ll use your personal information to create aggregated and anonymised information.

Nobody can identify you from that information and we’ll use it to:

  •   make sure our network is working properly and continuously improve and develop our network and products and services for our customers;

  •   run management and corporate reporting, research and analytics, and to improve the business; and

  •   provide other organisations with aggregated and anonymous reports

We use the following to generate aggregated and anonymised information:

  •   Your gender, address and date of birth.

  •   Information about what you buy from us, how you ordered it and how you pay for it, for example, broadband ordered online and paid for on a monthly basis.

  •   Information from cookies and tags placed on your computer.

  •   Information from other organisations who provide aggregated demographic information, our partners and publicly available sources like the electoral roll and business directories.

  •   Details of the products and services you’ve bought and how you use them – including your call, and browser address.
    We have a legitimate interest in generating insights that will help us operate our network and business or would be useful to other organisations. To develop our business and build a better understanding of what our customers want

This means we’ll:

  •   maintain, develop and test our network (including managing the traffic on our network), products and services, to provide you with a better service;

  •   train our people and suppliers to provide you with products and services (but we make the information anonymous beforehand wherever possible);

  •   create a profile about you to better understand you as our customer; make and defend claims to protect our business interests; 

  •   run surveys and market research about our products.

We use the following information to do this:

  •   Your contact details.

  •   Your payment and financial information.

  •   Your communications with us, including emails, webchats and phone calls (and any recordings made).

  •   Information from cookies placed on your connected devices.

  •   Details of the products and services you’ve bought and how you use them – including your call, browser (including IP address and static IP address, if it applies)

 

If we use this information for market research, training, testing, defend or bring claims, development purposes or to create a profile about you, we do so because it is in our legitimate business interests of running an efficient and effective business which can adapt to meet our customers’ needs.

 

We create a profile about you based on what you have ordered from us and how you use our products and services. This helps us tailor the offers we share with you. You can ask us to stop profiling you for marketing purposes at any time, as set out above.

 

To run credit and fraud prevention checks.

Before we provide you with a product or service (including upgrades or renewals), or sometimes when you use our products and services, we’ll use personal information you have given us together with information we have collected from credit reference agencies (such as Experian or Equifax), the Interactive Media in Retail Group (IMRG) security alert, or fraud prevention agencies (such as Cifas). We use this information to manage our credit risk, and prevent and detect fraud and money laundering. We’ll also use these organisations to confirm your identity. When they get a search from us, a 'footprint' goes on your file which other organisations might see. We might also share the information with other organisations. We do this because it’s in our, and the organisations’, legitimate interests to prevent fraud and money laundering, and to check identities, to protect our business and to keep to laws that apply to us.

Details of the personal information that will be used include your name, address, date of birth, contact details, financial information, employment details and device identifiers, including IP address and vehicle details.


If you don’t become one of our customers, we’ll still keep the result of our credits checks about you if we have a legal obligation and it’s in our legitimate interests to help prevent or detect fraud. Fraud prevention agencies can hold your personal information for different periods of time, and if you are considered to pose a fraud or money laundering risk, your information can be held by us and the organisations we share it with for up to six years.

 

If you give us false or inaccurate information which we identify as fraudulent, we’ll pass that on to fraud prevention agencies. We might also share it with law enforcement agencies, as may the agencies we have shared the information with.

If you tell us you’re associated with someone else financially (for example, by marriage or civil partnership), we’ll link your records together. So you must make sure you have their agreement to share information about them. The agencies we share the information with also link your records together and these links will stay on your and their files – unless you or your partner successfully asks the agency to break that link.

If we, a credit reference or fraud prevention agency, decide that you are a credit, fraud or money laundering risk, we may refuse to provide the services or financing you have asked for, or we may stop providing existing services to you.

The credit reference and fraud prevention agencies will keep a record of any fraud or money laundering risk and this may result in other organisations refusing to provide services, financing or employment to you. If you have any questions about this, please contact us using the details below.

We may send credit reference and fraud prevention agencies information about applications, and they keep that information. We might also give them details of your accounts and bills, including how you manage them. This includes telling them about your account balances, what you pay us and if you miss a payment (going back in the past, too). So if you don't pay your bills on time, credit reference agencies will record that. They, or a fraud prevention agency, might tell others doing similar checks – including organisations trying to trace you or recover money you owe them.

There are different credit reference agencies in the UK (for example, Callcredit, Equifax and Experian). Each one might hold different information about you. If you want to find out what information they have on you, they may charge you a small fee.

Whenever credit reference and fraud prevention agencies transfer your personal information outside of the European Economic Area, they place contractual responsibilities on the organisation receiving it to protect your information to the standard required in the European Economic Area. They may also make the organisation receiving the information subscribe to ‘international frameworks’ aimed at sharing information securely.

 

To collect debt & to prevent and detect crime.

We’ll use your personal information to help prevent and detect crime and fraud. We’ll also use it to prevent and detect criminal attacks on our network or against your equipment. We monitor traffic over our network, trace nuisance or malicious calls, and track malware and cyber-attacks.


To do that we use the following information, but only where strictly necessary.

  •   Your contact details and other information to confirm your identity and communications with us. This includes your name, gender, address, phone number, date of birth, email address, passwords and credentials (for example, security questions). We do not store the original copy of your password. Instead we keep it in a form that allows us to authenticate you but does not allow us to work out what your original password is.

  •   Your payment and financial information.

  •   Information from credit reference and fraud prevention agencies.

  •   Details of the products and services you’ve bought and how you use them – including your call, browser (including IP address).

 

We use this personal information because we have a legitimate interest in protecting our network and business from attacks and to prevent and detect crime and fraud. We also share it with other organisations (such as other communications providers and banks) who have the same legitimate interests. Doing this helps make sure our network works properly and helps protect you from attacks.

If you call the emergency services, we’ll give them information about you and where you are so they can help. We do this because it is necessary to protect you, or another person, and because it is in our interests to help the emergency services in providing help to you.

To meet our legal and regulatory obligations

We might have to release personal information about you to meet our legal and regulatory obligations.

To law enforcement agencies:

Under investigatory powers legislation, we might have to share personal information about you to government and law-enforcement agencies, such as the police, to help detect and stop crime, prosecute offenders and protect national security. They might ask for the following details.

If you don’t pay your bills, we might ask a debt-recovery agency to collect what you owe. We’ll give them information about you (such as your contact details) and your account (the amount of the debt) and may choose to sell the debt to another organisation

to allow us to receive the amount due.

 

  •   Your contact details. This includes your name, gender, address, phone number, date of birth, email address, passwords and credentials (such as your security questions and answers) needed to confirm your identity and your communications with us.

  •   Your communications with us, such as calls, emails and webchats.

  •   Your payment and financial information.

  •   Details of the products and services you’ve bought and how you use them – including your call, browser (including IP address).

 

The balance between privacy and investigatory powers is challenging. We share your personal information when the law says we have to, but we have strong oversight of what we do and get expert advice to make sure we’re doing the right thing to protect your right to privacy. We’ll also share personal information about you where we have to legally share it with another person. That might be when a law says we have to share that information or because of a court order.

In limited circumstances, we may also share your information with other public authorities, even if we do not have to. However, we would need to be satisfied that a request for information is lawful and proportionate (in other words, appropriate to the request). And we would need appropriate assurances about security and how the information is used and how long it is kept.

For regulatory reasons we’ll also use your call, browser (including IP address) to find the best way of routing your communications through the various parts of our network, equipment and systems as required by our regulator.

 

If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.

 

Your individual rights.

Under the GDPR your rights are as follows. You can read more about your rights in details here:

  • the right to be informed;

  • the right of access;

  • the right to rectification;

  • the right to erasure;

  • the right to restrict processing;

  • the right to data portability;

  • the right to object; and

  • the right not to be subject to automated decision-making including profiling.

 

You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.

We handle subject access requests in accordance with the GDPR.

Internet cookies.

We use cookies on this website to provide you with a better user experience. We do this by placing a small text file on your device / computer hard drive to track how you use the website, to record or log whether you have seen particular messages that we display, to keep you logged into the website where applicable, to display relevant adverts or content, referred you to a third party website.

Some cookies are required to enjoy and use the full functionality of this website.

We use a cookie control system which allows you to accept the use of cookies, and control which cookies are saved to your device / computer. Some cookies will be saved for specific time periods, where others may last indefinitely. Your web browser should provide you with the controls to manage and delete cookies from your device, please see your web browser options.