Privacy Notice
Cloud Essentials is committed to protecting your privacy. This Privacy Notice, refers to Cloud Essentials (Pty) Ltd and
Cloud Essentials Ltd.
This notice sets out what personal information Cloud Essentials collects and processes when you use our website or
when you make an enquiry via email or a phone call.
Cloud Essentials recognises its accountability in terms of privacy legislation together with its regulations to all our
clients, suppliers, service providers and other third parties, to carry out our business.
The following are the key areas of our privacy and cookies policy:
The personal information we gather
When using our website or when you make an enquiry via another route such as email or a phone call, you may choose to share the following personal information with us:
- Your first and last name;
- Your job title and current company;
- Contact information including your preferred email address for communication purposes and a contact phone number;
- Information provided as part of the enquiry;
- Any additional comments that you may have relating to a product enquiry or a blog article; and
- If you accept our cookies, we will also collect website usage data with the goal of improving our website, customers’ user experience and making sure that our marketing material is relevant to you, should you opt in to receive marketing purposes. You can read more about our use of cookies below.
IMPORTANT:
The personal information we collect does not typically exceed what would appear on your company business card. We do not collect or store any sensitive or special category personal information. Furthermore, the personal information collected will only be processed by Cloud Essentials. We will not disclose your personal information to anyone, nor will it be released to third-party partners without your explicit consent or without you being informed. We may need to share your information when it is required by law, or to help protect your rights and safety, ours, or others.
Why we process your information
The General Data Protection Regulation (GDPR), United Kingdom Data Protection Act (UK DPA) and the Protection of Personal Information Act (POPIA), require personal information to be retained for as long as it is necessary, for the purpose for which it was collected or according to our legal obligations. Cloud Essentials will only retain your personal information for the following purposes:
- Where our customer relationship management team and/or support desk need to maintain contact to facilitate technical support or provide upgrade information or services.
- Where we need to provide product support such as license renewals.
- Where our sales and consulting teams need to liaise with you in relation to a current project or solution enquiry.
- Where you opt in to receive marketing or additional information for services and products relevant to your needs or regarding similar services or products previously provided by Cloud Essentials.
- These are what we consider to be our ‘Legitimate Interests’ and enable us to provide the best service to you and your organisation. We also make sure we carefully consider and balance any potential impact on you and your rights before we process your data for our legitimate interests.
How data is collected
- Contact forms – When you request information about a certain solution, service or product on our website, we use Engagebay forms to collect this information.
- Emails – Any email links on our website simply launch your local email client and your email is sent directly from your email platform to our Exchange server.
- Newsletter Subscription – If you subscribe to our Cloud Essentials newsletter, we will collect your email address and incorporate into Engagebay.
- Website usage data – We use cookies to collect statistics about your visit such as which of our pages you viewed.
How we use your data
The personal information we collect is used expressly for:
- Keeping you updated: Where you’ve given us permission, we will send occasional marketing emails featuring technical insights and event invitations relating to the solutions and subject areas covered in this website. This information is held on our Engagebay marketing platform. You can stop our marketing communications at any time, upon which your details will be retained for the management of your subscription preferences. However, should you request we delete your information this request will be processed, , and your information will be deleted.
- Delivering customer services: When responding to solution enquiries and subsequently providing support and contract administration, we may store your contact details in our Customer Relationship Management (CRM) Platform. This is to ensure you, as our customer, are serviced in a professional and expedient way.
- Improving our website:To improve the layout of our web content and make life easier for you (e.g. by pre-filling forms if you’ve previously visited our site) we use certain cookies. See section on Cookies below.
The data collected from this site will only be shared with a third party only with your explicit, voluntary consent or as necessary for us to deliver a product or service which, requires the assistance of one of our partners, or where such information sharing is required by law or is necessary to protect your legitimate interest or that of Cloud Essentials or a third party.
Cookies
A cookie is a small piece of data that a website asks your browser to store on your computer or mobile device. This cookie allows the website to remember your actions or preferences over time.
Cloud Essentials uses third-party cookies supplied by Google Analytics and Engagebay. Like many other commercial organisations, we have incorporated these cookies to enable us to understand how our site is being used and therefore how to enhance our site.
We collect data through cookies and similar technologies, to recognise you/ or your device(s) on, off different services and devices. You can control cookies through your browser settings and other tools.
We use the following cookies:
- Session/ Period cookies: These are only stored for the time you are on the website.
- Permanent cookies: These are stored for a certain amount of time after you leave the website.
- Strictly necessary: A website cannot function without these cookies; these are on by default.
- Functional or analytical cookies: These make your user experience better; you can opt out of these.
Third party cookies
Third party cookies are created by domains other than the one you are visiting directly. These are installed by third parties with the aim of collecting information to carry out various research into behaviours’, demographics, such as advertisers. These are not on by default, you can opt-out from our use of cookies that track your behaviour on the sites of others for third party advertising.
We also use some social plugins and video hosting platforms that have their own cookies.
Google Analytics (Privacy Policy)
Analytics cookies provide us with information about the traffic and users’ behaviour on our website. This includes the number of visitors, number of clicks to pages, and others. Most often, the data these cookies collect is anonymous.
We measure visitors to our website using Google Analytics. This records what pages you view within our site, how you arrived at our site and some basic information about your computer. All that information is anonymous – so we do not know who you are – just that somebody visited our site. These cookies keep your personal details confidential, and we do not have access to them. It just informs us that a person visited our website.
The information we collect from analytics helps us understand what parts of our sites are popular, how people arrive at our site and so on. Like most websites, we use this information to make our website better.
You can learn more about Google Analytics or opt out if you wish. Disabling cookies on your internet browser will stop Google Analytics from tracking any part of your visit to pages on this website. All modern browsers allow you to change your cookie settings.
LinkedIn, Twitter, YouTube and other social networks
These services provide social buttons and similar features which we use on our website – such as the “Share on LinkedIn” and “Tweet” buttons.
To do so we embed code provided by the social networks. We have no knowledge of nor control over the functionality of the code embedded in or linked to these buttons nor are we aware of how these buttons operate.
These social networks, particularly if you are logged in at the time, could potentially know that you’re viewing this website if you are in-use. We strongly suggest that you familiarise yourself with the terms and conditions of using those platforms.
Engagebay (Privacy Policy)
Engagebay is a third-party data processor and is used to manage our website visitor enquiry forms and newsletter subscriptions.
To enable expedient processing of any enquiries that come through our web forms, your information is pushed from Engagebay into our Microsoft Dynamics (a Customer Relationship Management application) (over a secure link) and a notification is sent via email to our Marketing Department.
If you have subscribed to Cloud Essentials’ newsletter or any other marketing communications, your email address will remain within our database on the Engagebay platform until you specifically request removal from the list. Should you elect to no longer receive our newsletter and other marketing communications, it needs to be noted that your details will be retained as a record that you have opted out of receiving these communications and that we have complied, but you will not receive such communications going forward.
We have concluded a data protection agreement directly with EngageBay to ensure protection of your data and compliance with applicable data privacy laws.
Security of your personal data
Cloud Essentials takes all reasonable technical, physical, and administrative steps to help protect your personal data in our custody or control from loss, misuse and unauthorised access, disclosure, alteration and destruction.
Some of the organisational technical measures implemented to protect your information include:
- Your personal information will be stored in Microsoft Office 365 – for further information on how Microsoft protects data within Office 365 see Microsoft’s independent audit reports in the Microsoft Service Trust Portal (https://servicetrust.microsoft.com/).
- Access to customer data is granted on a least privilege basis – this means that access will only be given to personnel that require such access to perform their duties.
- All personnel are required to authenticate using Microsoft’s Multi-factor Authentication which means that they must log in with their usernames and passwords as well as another authentication factor such as a one-time-pin.
- Cloud Essentials uses Microsoft Defender which incorporates Advanced Threat Protection for protection against malware, phishing and other malicious activity.
- Employee behaviour is governed by a variety of policies such as the Cloud Essentials Information Security Policy, Bring Your own Device Policy, and Acceptable Usage Policy and all employees are required to sign Confidentiality and Non-Disclosure Agreements as a condition of their employment.
- Any employee mobile devices that are used to access Cloud Essentials’ Office 365 are required to register their devices with Microsoft Intune which the organisation uses to manage those devices.
- Although the company policy stipulates that no data may be stored on users’ endpoint devices, all devices are protected using Microsoft BitLocker.
- Cloud Essentials has adopted a classification taxonomy and leverages Microsoft Azure Information Protection to encrypt and protect high risk and sensitive information.
Relevant legislation
Along with our business and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
- The Data Protection Act 2018 (UK)
- The General Data Protection Regulation 2018 (GDPR)
- The Protection of Personal Information Act 4 of 2013 (POPIA)
- POPIA supporting Regulations
- The Promotion of Access to Information Act 2 of 2000 (PAIA)
- PAIA supporting Regulations
Cross Border Information Transfers
In the event of cross border transferring of personal information, we will take the necessary steps to ensure the processing of personal information is done, in accordance with the laws of the jurisdiction the information is transferred to and/or that binding corporate rules or binding agreements are in place that provide for levels of protection, at an adequate level in accordance with the requirements of POPIA and the GDPR.
Data Retention
We keep most of your personal information while we still have a purpose for the information, when we need to provide you with services, or when we are legally obligated to.
We will also keep your information where you have agreed for us to do so or have provided your consent.
Cloud Essentials will make all effort to ensure the integrity and accuracy of your personal information, this may not be always possible. Please inform Cloud Essentials of any changes or updates regarding your personal information.
POPIA, GDPR and the UK DPA grants individuals and organisations certain rights with regards to their personal information, kindly take not that these rights are not absolute.
Right of access
Cloud Essentials is transparent to data subjects regarding the personal information we have and how we use it. You have the right, subject to certain exceptions, to be notified that your information is being collected, and how it will be processed. You can contact us at any time via the channels provided below if you would like to access your personal information. You may, after providing Cloud Essentials with adequate proof of identity, request that Cloud Essentials confirm, free of charge, whether your personal information is being processed by us. Should you require us to share a copy of the information with you, please complete a Form 2 (request for access to records) as available on our website if you are based in South Africa. Alternatively, please send us an email or give us a call if you are not based in South Africa.
Right to Notification
You have the right to be notified of security breaches involving your information. We will report a data breach to the relevant supervisory authorities as soon as possible or within 72 hours of knowledge of the breach. Should the data breach result in a substantial risk to you, you will be notified of a security compromise or data breach. Should the notification of the data breach be delayed, we will provide reasons for the delay.
Right to object
At any time during the collection and processing of your personal information, you have the right to object, on reasonable grounds, to the processing of your personal information, should we be processing it on the grounds of our or your legitimate interest or consent. You also have the right to object to the processing of your personal information for direct electronic marketing, including unsolicited electronic correspondence.
Right to rectification and/or erasure
You have the right to request that any inaccurate, incomplete, or outdated personal information relating to you be amended or at any time, kindly note that this right is not absolute and is subject to certain criteria. Alternatively, where this information is processed based on your consent, you can request that we delete this information.
Right to data portability
Should you request us to transfer your data, we will gladly transfer it into a commonly used machine-readable format directly to a specified third party.
Right to complain to the Regulator/Supervisory Authority
Should you feel that our use of your personal information is in contravention of your right to privacy or that the processing of your personal information is not consistent with the purpose(s) for which it was collected or subsequently processed, you have the right to lodge a complaint with the Information Regulator (South Africa), the Supervisory Authority (Europe) or the Information Commissioners Office (UK).
The Information Regulator, Supervisory Authority or Information Commissioners Office can be contacted at:
In South Africa
Contact Number: 010 023 5200
Website: https://inforegulator.org.za/
Should you feel that your personal information has been violated, you may use this e-mail address to lodge a complaint with the Information Regulator: enquires@inforegulator.org.za
Should your PAIA request be denied or there is no response from us for access to records you, please complete a Form 5 use the email address below to lodge a complaint with the Information Regulator:
In Europe:
Contact Number: +32 2 283 19 00
Email: edps@edps.europa.eu
Website: https://edps.europa.eu/data-protection/our-role-supervisor/complaints_en
In the UK:
Contact Number: +0303 123 1113
Email: Complete the steps to lodge a complaint here
Website: https://ico.org.uk/make-a-complaint/
Cloud Essentials South Africa Contact Information
Should you have any questions about this Notice, believe Cloud Essentials has not adhered our POPIA requirements, need further information about our privacy safeguards, need to give or withdraw consent or otherwise exercise your rights detailed above, please contact us at compliance@cloudessentials.com or contact our Information Officer, Chris Hathaway at:
CloudEssentials (Pty) Ltd
Unit 12, 11 York Street, Kensington B, Randburg
Tel: + 27 (0) 10 5912323
Email: compliance@cloudessentials.com
For a copy of your personal information (in terms of POPIA), please submit a completed access form to Cloud Essentials at any of the contact details above.
Cloud Essentials UK Contact Information
Should you have any questions about this notice, believe Cloud Essentials has not adhered to our UK DPA/ UK GDPR, need further information about our privacy safeguards, need to give or withdraw consent or otherwise exercise your rights detailed above, please contact our Data Protection Officer, Nivasha Sanilal at:
Cloud Essentials Ltd
Unit 12, 11 York Street, Kensington B, Randburg
Tel: + 27 (0) 10 772490
Email: compliance@cloudessentials.com
For a copy of your personal information (in terms of POPIA and PAIA), please submit a completed Form 2 to Cloud Essentials at any of the contact details above.
Updating of this privacy notice
We may modify this Privacy Notice from time to time, as required by changes in legislation, therefore, your continued use of this website or our service and/or continued provision of information to us will be subject to the terms of the current Privacy Notice. Customers should view our Privacy Notice on the Cloud Essentials website at www.cloudessentials.com for the latest notice. You acknowledge that your continued use of our services after we update our Privacy Notice means that the collection, use, and sharing of your personal information is subject to the updated Privacy Notice.
Updated: May 2024