What personal information is collected?
We collect the following information on all customers:
- Postal address
- Email address
- Telephone number(s)
- Bank details (for those customers paying by Direct Debit)
For any services accessible using an online control panel, we also collect:
- Password (encrypted)
For customers using our VoIP services, we may also collect:
- Names of individual users / extensions
- Telephone number(s) of individual users (for call forwarding purposes)
What is personal information used for?
We use the customer information collected in order to:
- Provide the goods or services we are contracted for
- Verify your identity when you use our services or contact us
- Process any enquiries you have about our services
- Produce invoices, and recover any monies owed for the use of our services
For VoIP services, we may also use your information for:
- Providing access to the emergency services, including passing your name and location data to the emergency operator
- Display of an individual's name on another user's handset when that individual's extension is used to make a call to another user within your organisation (caller ID)
Please note we do not currently use any information for marketing purposes.
What lawful basis is the information processed under?
Most information we collect is necessary for us to fulfil our contractual obligations to you, and thus is processed under the 'Contract' lawful basis.
Additionally, we process data under the following lawful bases in the specific cases outlined:
- Legal obligation: where we are subject to a legal obligation to provide data, such as a notice under the Regulation of Investigatory Powers Act
- Vital interests: where data is provided to the emergency services operator
Do we share the information with anybody?
In order to provide and administer our services, we use a number of third party service providers – we pass information to these providers where it is necessary for them to provide the service we have engaged them for, however they are prohibited from using the information for any other purpose.
The main third party providers we use are as follows:
- Eazipay Limited – we pass customer information (including bank details) to Eazipay for those customers who choose to use Direct Debit services
- Magrathea Telecommunications Limited – we may pass name and location information to Magrathea in order to provide access to the emergency services
- (aq) Limited – we may pass name and location information to (aq) Limited in order to provide access to the emergency services
- ProVu Communications Ltd - we pass customer information to ProVu in order to fulfil hardware orders
In all cases we will only share information with providers who are located within the European Economic Area (EEA).
How long do we hold the information?
We will retain information for as long as necessary to fulfil the purposes for which the information was collected, or as required by law.
Under the General Data Protection Regulations (GDPR), you have a number of 'rights', to ensure that your personal information is being managed appropriately. Specifically you have the right:
- to be informed – this page outlines the information we collect and how we use it
- of access*
- to rectification – if any information we hold about you is incorrect, we will correct it promptly upon being notified of the error
- to erasure*
- to restrict processing*
- to data portability
- to object
* Any requests for access, erasure, or to restrict processing should be submitted in writing to “The Data Controller, Loho Ltd, 141 Kings Hedges Road, Cambridge CB4 2PL”.
We store data on our own servers, located within the United Kingdom, and use industry-standard practises to secure them.
When personal data is transmitted over the public internet, it will, where practical, be encrypted using industry-standard mechanisms, such as Transport Layer Security (TLS, also known as SSL).
Where to make a complaint
Information Commissioner's Office
You can also contact the Information Commissioner's Office using their online form: https://ico.org.uk/global/contact-us/email/