DEFRA Digital Waste Tracking Compliant software for October 2026 reporting requirements. Read more
HomeGDPR & Data Protection
Legal

GDPR & Data Protection

How InfoTech Solutions collects, processes and protects your personal data in line with UK GDPR requirements.

What is GDPR?

GDPR (General Data Protection Regulation) is a set of regulations governing the privacy and security of personal data. InfoTech Solutions is committed to processing personal data lawfully, fairly and transparently, and keeping data limited to what is needed for the relevant business purpose.

Controller

InfoTech Solutions Limited is the data controller and is responsible for your personal data. We have appointed a data privacy manager responsible for overseeing questions in relation to this notice.

Contact: InfoTech Solutions Limited, The Old School House, Arrow, Alcester, B49 5PJ
Email: support@infotechsolutions.co.uk

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO) at ico.org.uk. We would, however, appreciate the chance to deal with your concerns before you approach the ICO.

What Data We Hold

InfoTech Solutions may collect the following categories of personal data:

  • Identity Data — name, title, date of birth
  • Contact Data — address, email, telephone
  • Financial Data — bank account and payment card details
  • Transaction Data — details of payments and services purchased
  • Technical Data — IP address, browser type, login data
  • Usage Data — how you use our website, products and services
  • Marketing & Communications Data — your marketing preferences

We also collect customer databases where necessary to resolve support issues and to store backups. We do not keep customer identification documents. All databases we hold are encrypted. We do not collect Special Categories of personal data (health, race, religion, etc.).

Customer Database Backups

The majority of customer data is not synchronised with our servers. If you wish to have particular data removed from our backups, please make a request by email to support@infotechsolutions.co.uk and we will act in due course.

How We Collect Your Data

  • Direct interactions — forms, email, telephone, contracts
  • Automated technologies — cookies, server logs when you interact with our website
  • Third parties — publicly available sources or referrals

How We Use Your Data

We only use your personal data when the law allows. Most commonly:

  • To perform a contract with you
  • Where it is in our legitimate business interests
  • To comply with a legal or regulatory obligation

Data Sharing

We may share your data with internal group companies, professional advisers (lawyers, accountants, insurers), HMRC and regulators, and service providers acting as processors. We require all third parties to respect the security of your data and treat it in accordance with the law.

International Transfers

We do not knowingly transfer personal data outside the EEA. Where external third parties operate outside the EEA, we take steps to ensure they provide an adequate level of protection in accordance with UK data protection law.

Data Security

We have appropriate security measures in place to prevent accidental loss, unauthorised access, alteration or disclosure of your personal data. Access is limited to those with a business need to know.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting or reporting requirements. By law we keep basic customer information for six years after a customer relationship ends for tax purposes.

Your Legal Rights

Under UK data protection law you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate or incomplete data
  • Erasure — request deletion where there is no good reason to continue processing
  • Object — object to processing based on legitimate interests or for direct marketing
  • Restriction — request suspension of processing in certain circumstances
  • Portability — request transfer of your data to you or a third party in a machine-readable format
  • Withdraw consent — where we rely on consent, you may withdraw it at any time

To exercise any of these rights please contact us. We aim to respond within one month. No fee is usually required.

Third-Party Links

Our website may include links to third-party websites. We are not responsible for their privacy practices and encourage you to read the privacy notice of every website you visit.

This notice was last updated May 2018. Historic versions are available on request.

For any queries relating to this policy please contact us at info@infotechsolutions.co.uk or call 01789 400341.