Data Protection and Privacy Notice

Business contacts working for our customer may provide personal data to Brian Watson & Co. When they do we will only use their personal information to administer the customer account, provide the products and services they have requested from us, and where requested to keep them informed about our products and services. The protection, confidentiality and integrity of our contacts personal data are our prime concerns.

This notice explains what personal information we might gather from you when you interact with us and how we use this information.

Our services

Brian Watson & Co provides a range of solutions and services focused within the IT sector. This Privacy Notice applies to any solution or service provided by us, including our websites, apps, communications and related services.

What personal data do we collect?

We need certain personal information to be able to offer our clients the best service. Contacts provide some of this data directly, for instance when they complete an enquiry on our web site. Additionally, we receive some personal data verbally and across various other communications. Specific data may be supplied when we are delivering bespoke solutions.

Typically, we process the following details:

  • Title (Mr, Mrs etc.)
  • First and Last Name
  • Email address
  • Contact telephone numbers
  • Company Name
  • Company registration number (if applicable)
  • VAT registration number (if applicable)
  • Payment and billing information, e.g. bank account, payment card or PayPal details.
  • Social media account information (if the contact uses a social media plugin in conjunction with log in credentials with one or our solutions or apps)
  • Company and Contact addresses
  • Internet Protocol address

Cookies and similar technologies

We may collect certain data through cookies and similar technologies (e.g. web beacons, tags, device identifiers) on some of our web sites. Cookies are text files placed on computers to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity. We register contact interaction with our services in order to improve our website, content and services. People can manage their cookie preferences through their browser settings.

Device and location

In some apps that we have developed we may use device and location data to deliver a service. Users can elect whether or not they wish to share this data. If they have enabled this in their phone and app settings we will receive data about their location when they use the app. Users can always change their preferences in their settings.

How do we use our clients personal data?

We only use personal data for the purposes for which it was collected and, where relevant, to meet local legal obligations. We use personal data for the following purposes:

  • Customer support. We use personal information to support clients in their use of our products and services. This includes the use of personal information that may be used to diagnose product problems.
  • We use personal information to communicate with clients via email, SMS text or other electronic media for instance on service-related matters, such as invoices. Other instances where we engage with clients include confirming the opening of an account and resolving complaints.
  • We would like to send contacts information which may be of interest to you, about our products and services. We communicate with them via email, SMS text or other electronic media. Contacts have the right at any time to stop us from contacting them for marketing related purposes. Depending on their preferences, they can unsubscribe, change preferences or contact us to discuss changes.
  • We may process customer and contact information in relation to a legal obligation. This includes cases where we must comply with requests from competent authorities, administrative obligations and in cases involving legal disputes.
  • We may use contacts personal information to improve our products and services. Clicking behaviour and search results on our website can for instance help us to prioritise or identify new product features.
  • If clients experience issues with one of our products or services, we may need to process some of their contacts personal information to identify users before we can resolve the respective issue. We may also use personal information in relation to certain system development processes, for instance if we move customer data to a new database.
  • In running our business, we may use contact personal information for general business processes. This includes processing contact information for archiving, insurance and other administration related purposes, management reporting or processing in relation to audits.

With whom might we share our contact personal data?

We will never sell or trade your data with any 3rd party but it may be necessary in fulfilling our duties to our customers, suppliers and government departments to share data. If any information is to be shared we will contact you and advise what we need to divulge and why.

You will have the right to deny your consent to share data unless we are legitimately requested or obliged to do so pursuant to law enforcement and/or to enforce our agreement with you, for instance in cases where you have not paid for your services, we may share client data with a debt collector.

Where is personal data that is shared with us processed?

Your personal data is mainly processed by our staff in the United Kingdom. Brian Watson is also UK Business Director with SourceEdge Software Technologies and Indian based firm where work may be carried out on behalf of our clients. Clients will be advised when work is being conducted offshore and although it is unlikely that any personal data will be shared with our offshore partner if the need arose customer permission will be sought.

If any personal data is transferred to a country outside the European Union or an international organisation we will make sure that this only happens to such countries and international organisations that ensure an adequate level of data protection and that they have put appropriate safeguards in place to protect the data we share. Clients rights in accordance with the EU privacy law, General Data Protection Regulations (GDPR) will always be respected.

How long do we retain personal data?

We will retain personal information only for as long as is necessary for the purposes for which the information was collected, or as long as is required pursuant to law.

When a customer ceases to be a client of Brian Watson & Co, we will remove all contact personal information without undue delay except for information that we are obliged to keep pursuant to law. For instance, in order to meet statutory administrative retention obligations, we need to keep some of client account related information (e.g. copies of invoices/receipts), for six years.

Data may be retained longer in cases where it is used in relation to a legal claim or is used in relation to a valid legal process.

Lawful basis for data processing

We only collect and process personal data when there is a lawful basis to do so. The lawful basis we rely on in this respect includes:

  • Contract: the processing is necessary to perform a Service Contract.
  • Legitimate interest: for example,
    • a legitimate commercial interest to process certain contact personal data
    • to archive certain account information to facilitate re-use of account data in the future
    • if there is a legitimate interest from business or security perspective, e.g. to prevent fraud or abuse of our Services, or for purpose of network and information security of our IT systems
    • Legal obligation: the processing necessary to comply with a legal obligation, e.g. the legal requirement to keep administrative records for a certain period of time, or the legal obligation to share certain data on a police order for criminal investigation purposes.
    • Consent: where you gave us explicit consent to process the data concerned, for example - if applicable - to share data with partners or other third parties for commercial purposes.
    • If contacts have given consent to the processing, they have the right to withdraw that consent at any time. We will discontinue the processing of personal data upon receipt of a withdrawal request. However, any processing performed prior to the withdrawal remains legitimate processing based on a valid consent at the time. We will not be under the obligation to reverse the processing.

Questions, concerns and complaints

If you have questions or concerns about the way in which we use your personal data, please contact us for assistance. You may also contact our Data Protection Officer (DPO) via brian@brianwatson.co.uk.

If you feel that an issue has not properly been resolved, you also have the right to lodge a complaint with the supervisory authority ICO: https://ico.org.uk/concerns/.