PhoneHub.co.uk is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
PhoneHub.co.uk may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 25th May 2018 and is subject to be changed.
Our Privacy Promise
- To keep your date safe, secure and private
- To enable you to manage your marketing choices
- Not to sell your data
Who to contact
Our GDPR officer can be contacted directly here:
At any point whilst we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. Bear in mind, if you ask us to erase your information from our records, we may purchase data in the future that contains your information. We can however mark it as “do not contact” therefore stopping any contact we may make to you.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: in the event that PhoneHub refuses your request under rights of access, we will provide you with a reason as to why. You have the right to contact the ICO which can be done here.
Should you wish to exercise any of these rights, please contact us via email to email@example.com
All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data.
How the law protects you
As well as this our Privacy Promise, your privacy is protected by law.
Data protection law says that we are allowed to use personal information only if we have a proper reason to do so. This includes sharing it outside of PhoneHub. The law says we must have one or more of these reasons:
- To fulfil a contract we have with you, or
- When it is our legal duty, or
- When it is in our legitimate interest
A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate interest, we will tell you what that is.
Below is a list of all the ways that we may use your personal information, and which reasons we rely on to do so. This is also where we tell you what our legitimate interests are:
|What we use your personal information for||Our Reasons||Our legitimate interests|
Groups of personal information
We may use many different kinds of personal information, and then group them together like this:
|Type of personal information||Description|
|Banking||Your bank account details for payment|
|CCTV||If you enter any of our premises your images may be captured on CCTV|
|Communications||What we learn about you from letters, emails and verbal conversations between us|
|Contact||Your address, email and phone number to fulfil orders|
|Contractual||Details about the products or services we provide you|
|Open Data and Public Records||Details about you that are in public records, such as information held in Companies House, and information about you that is openly available on the internet|
|Technical||Details on the devices and technology you use|
|Transactional||Details about payments to and from your accounts with us|
|Usage Data||Other data about how your use our services|
Where we collect personal information from
We may collect personal information about you from these sources:
|Where we collect personal information from|
|Data you give us:|
|Data from third parties:|
Who we share your personal information with
PhoneHub will not pass on your personal data to third parties unless: it is a requirement of the service or product you have with us, where this will be detailed within the contract. Or if it is a prerequisite to the service or product you intend to have with us, you will be notified beforehand.
Who we share your personal information with
• Network service providers who provide the service agreed in your contract
• Other service providers if purchased through us. E.g. Insurance companies
• Companies we have a joint venture or agreement to co-operate with
• Companies we have contracts with, to provide you with the services agreed in your contract. E.g. device repair centres
• If you use direct debits, we will share your data with the Direct Debit scheme
• Debt collection agencies or other debt recovery organisations
• Law enforcement agencies, regulatory organisations, courts or other public authorities if we have to, or are authorised to do so by law
• In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets as part of the process of evaluation and to ensure continuity of service
How long we hold your personal information for?
The length of time we retain your information is dependent on what we are holding and why we are holding it. We will not keep your information for longer that is necessary for our business or legal requirements.
PhoneHub may process personal data for up to 7 years if you are a prospective customer and for the length of your contract if you become an active customer. This is in keeping with our legitimate interests and contractual obligations.
We may also store personal data for up to 7 years for any of the following reasons:
- Respond to any questions or complaints
- To show that we treated you fairly
- To maintain records to comply with legal and regulatory rules that apply to us
- In keeping with our legitimate interests and contractual obligations
We may store your personal data in paper or electronic formats, both of which are stored securely and based on the guidelines as specified in ISO/IEC standards 17799, 27001 and 27002.
We also have processes in place to securely dispose of data we no longer require.
We may use your personal information to tell you about relevant products and offers. This is what we mean when we talk about ‘marketing’.
The personal information we have for you is made up of what you tell us, and data we collect when you use our services, or from third parties we work with.
We study this to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
We can only use your personal information to send you marketing messages if we have either your consent or a ‘legitimate interest’. That is when we have a business or commercial reason to use your information. It must not unfairly go against what is right and best for you.
You can ask us to stop sending you marketing messages by contacting us. Alternatively, you can choose how we contact you in the “My Account” section of your profile.
Whatever you choose, you’ll still receive other important information relating to your existing products and services.
How to get a copy of your personal information (Subject Access Request)
In compliance with your rights detailed above, you can request copies of all the personal information we hold on you. This is known as a “Subject Access Request”, “SAR” for short.
There are several ways of applying:
- Complete the form on our website: Contact us
- Email: firstname.lastname@example.org
- By writing to our Head Office
To make sure we are only sending the information to someone authorised to have it, we may at our discretion require you to provide two forms of ID from the below list:
- Driving licence
- Birth certificate
- Utility bill (from last 3 months)
- Current vehicle registration document
- Bank statement (from last 3 months)
- Rent book (from last 3 months)
To submit a Subject Access Request please contact us in writing to email@example.com
If things go wrong and you wish to make a complaint
If you are not happy with the service you have received, you can raise a complaint through any of the following channels:
In the event that you wish to make a complaint about how your personal data is being processed by PhoneHub (or third parties as described above), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and PhoneHub’s data protection representatives, Data Protection Officer / GDPR Owner.
PhoneHub GDPR Owner contact details:
Brickfield Trading Estate,
Supervisory authority’s contact details:
Information Commissioner’s Office