Updated: July 2021
Cloud Essentials is committed to protecting your privacy.
This policy applies to you when you interact with our organisation, because we collect information about you when you do so.
This Privacy Notice explains what personal information Cloud Essentials collects, and processes when you use our website.
The personal information we gather
When using our website or when you make an enquiry via another route such as email or a phone call, you may choose to share the following personal information with us:
- Your first and last name;
- Your job title and current company;
- Contact information including your preferred email address for communication purposes and a contact phone number;
- Information provided as part of the enquiry;
- Any additional comments that you may have relating to a product enquiry or a blog article; and
IMPORTANT: The personal information we collect does not typically exceed what would appear on your company business card. We do not collect or store any sensitive or special category personal information (e.g., credit card details or passwords or any information regarding your information regarding your gender, race, religion, sexual orientation and the like). Furthermore, the personal information collected will only be processed by Cloud Essentials. We will not sell your personal information to anyone, nor will it be released to third-party partners without your explicit consent or without you being expressly notified.
Why we process your information
The General Data Protection Regulation (GDPR), United Kingdom Data Protection Act (UK DPA) and the Protection of Personal Information Act (POPIA), require personal information to be retained for only as long as it is necessary for the purpose for which it was collected. Cloud Essentials will only retain your personal information in order to for the following purposes:
- Where our customer relationship management team and/or support desk need to maintain contact in order to facilitate technical support or provide upgrade information or services.
- Where we need to provide product support such as license renewals.
- Where our sales and consulting teams need to liaise with you in relation to a current project or solution enquiry.
- Where you opt in to receive marketing or additional information for services and products relevant to your needs or regarding similar services or products previously provided by Cloud Essentials.
These are what we consider to be our ‘Legitimate Interests’ and enable us to provide the best service to you and your organisation. We also make sure we carefully consider and balance any potential impact on you and your rights before we process your data for our legitimate interests. See below for more information on how business contact data is collected and protected.
How data is collected
- Contact forms – When you request information about a certain solution, service or product on our website, we use Engagebay forms to collect this information.
- Emails – Any email links on our website simply launch your local email client and your email is sent directly from your email platform to our Exchange server.
- Newsletter Subscription – If you subscribe to our Cloud Essentials newsletter, we will collect your email address and incorporate into Engagebay.
For more information on each of these areas see below.
How we use your data
The personal information we collect is used expressly for:
- Keeping you updated: Where you’ve given us permission, we will send occasional marketing emails featuring technical insights and event invitations relating to the solutions and subject areas covered in this website. This information is held on our Engagebay marketing platform. You can stop our marketing communications at any time, upon which your details will be retained for the management of your subscription preferences. However, should you request we delete your information this request will be processed.
- Delivering customer services: When responding to solution enquiries and subsequently providing support and contract administration, we may store your contact details in our Customer Relationship Management (CRM) Platform. This is to ensure you, as our customer, are serviced in a professional and expedient way.
- Improving our website: To improve the layout of our web content and make life easier for you (e.g. by pre-filling forms if you’ve previously visited our site) we use certain cookies. See section on Cookies below.
The data collected from this site will only be shared with a third party only with your explicit, voluntary consent or as necessary for us to deliver a product or service which requires the assistance of one of our partners, or where such information sharing is required by law or is necessary to protect your legitimate interest or that of Cloud Essentials or a third party.
See also the sections on Legitimate interest and Rights and Requests
Third-party data processors
Engagebay is a third-party data processor and is used to manage our website visitor enquiry forms and newsletter subscriptions.
To enable expedient processing of any enquiries that come through our web forms, your information is pushed from Engagebay into our Microsoft Dynamics (a Customer Relationship Management application) (over a secure link) and a notification is sent via email to our Marketing Department.
If you have subscribed to Cloud Essentials’ newsletter or any other marketing communications, your email address will remain within our database on the Engagebay platform until you specifically request removal from the list. Should you elect to no longer receive our newsletter and other marketing communications, it needs to be noted that your details will be retained as a record that you have opted out of receiving these communications and that we have complied but you will not receive such communications going forward.
We have concluded a data protection agreement directly with EngageBay to ensure protection of your data and compliance with applicable data privacy laws.
Security of your personal data
Cloud Essentials takes all reasonable technical, physical, and administrative steps to help protect your personal data in our custody or control from loss, misuse and unauthorised access, disclosure, alteration and destruction. Some of the organisational technical measures implemented to protect your information include:
- Your personal information will be stored in Microsoft Office 365 – for further information on how Microsoft protects data within Office 365 see Microsoft’s independent audit reports in the Microsoft Service Trust Portal (https://servicetrust.microsoft.com/).
- Access to customer data is granted on a least privilege basis – this means that access will only be given to personnel that require such access to perform their duties.
- All personnel are required to authenticate using Microsoft’s Multi-factor Authentication which means that they must log in with their usernames and passwords as well as another authentication factor such as a one-time-pin.
- Cloud Essentials uses Microsoft Defender which incorporates Advanced Threat Protection for protection against malware, phishing and other malicious activity.
- Employee behaviour is governed by a variety of policies such as the Cloud Essentials Information Security Policy, Bring Your own Device Policy, and Acceptable Usage Policy and all employees are required to sign Confidentiality and Non-Disclosure Agreements as a condition of their employment.
- Any employee mobile devices that are used to access Cloud Essentials’ Office 365 are required to register their devices with Microsoft Intune which the organisation uses to manage those devices.
- Although the company policy stipulates that no data may be stored on users’ endpoint devices, all devices are protected using Microsoft BitLocker.
- Cloud Essentials has adopted a classification taxonomy and leverages Microsoft Azure Information Protection to encrypt and protect high risk and sensitive information.
Along with our business and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
Your rights and requests
Whilst Cloud Essentials will make all effort to ensure the integrity and accuracy of your personal information, this may not be possible at all times. In light of this, you need to accept responsibility for keeping your personal information up-to-date and undertake to inform Cloud Essentials of any changes. POPIA, GDPR and the UK DPA has granted individuals and organisations certain rights with regards to their personal information:
Right of access
Cloud Essentials aims to be transparent to data subjects about the personal information we have and how we use it. You have the right, subject to certain exceptions, to be notified that your information is being collected, and how it will be processed. You can contact us at any time via the channels provided below if you’d like to access your personal information. You may, after providing Cloud Essentials with adequate proof of identity, request that Cloud Essentials confirm, free of charge, whether your personal information is being processed by us. Should you require us to share a copy of the information with you, Cloud Essentials will provide you with a written quote detailing the access fee and reproduction costs associated with the information access request. Note that we may require a deposit prior to providing this information but this will be outlined in the quote provided.
Right to Notification
You have the right to be notified that your personal information is being collected. You also have the right to be notified of any actual security breaches involving your information. We will report any such breach to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen. You will be notified of a security compromise or data breach, unless we cannot establish your identity.
Right to object
At any time during the collection and processing of your personal information, you have the right to object, on reasonable grounds, to the processing of your personal information, should we be processing it on the grounds of our or your legitimate interest or consent. You also have the right to object to the processing of your personal information for direct electronic marketing, including unsolicited electronic correspondence. This request must be made in writing by emailing us at firstname.lastname@example.org.
Right to rectification and/or deletion
You have the right to request that any inaccurate, incomplete or outdated personal information relating to you be amended or at any time. Alternatively, where this information is processed on the basis of your consent, you can request that we delete this information. This request must be made in writing by emailing us at email@example.com.
Right to data portability
The GDPR and the UK DPA grant data subjects the right of data portability. If requested, we will transfer your data into a commonly-used machine-readable format directly to a specified third party.
Right to complain to the Regulator
Should you feel that our use of your personal information is in contravention of your right to privacy or that the processing of your personal information is not consistent with the purpose(s) for which it was collected or subsequently processed, you have the right to lodge a complaint with the Information Regulator (South Africa), the Supervisory Authority (Europe) or the Information Commissioners Office (UK). The Information Regulator, Supervisory Authority or Information Commissioners Office can be contacted at:
In South Africa:
Contact Number: +32 2 283 19 00
In the UK:
Contact Number: +0303 123 1113
Right to institute civil proceedings
In addition to the right to complain to the Information Regulator or Supervisory Authority, you have the right to institute civil proceedings for loss or damages sustained as a result of our non-compliance with the relevant data privacy legilsation.
Right not to be subject to automated decision-making
You have the right not to be subject to a decision based solely on the automated processing of your personal information to create a profile of you where that decision produces legal effects concerning you or significantly affects you.
Cloud Essentials POPIA contact information
Should you have any questions about this policy, believe Cloud Essentials has not adhered to it, need further information about our privacy safeguards, need to give or withdraw consent or otherwise exercise your rights detailed above, please contact our Information Officer, Chris Hathaway at:
CloudEssentials (Pty) Ltd Unit 12, 11 York Street, Kensington B, Randburg
Tel: + 27 (0) 10 5912323
For a copy of your personal information (in terms of POPIA), please submit a completed access form to Cloud Essentials at any of the contact details above.
Updating of this privacy notice
Cloud Essentials may update this notice periodically. Customers should check the privacy notice on the Cloud Essentials website at www.cloudessentials.com for the latest notice.