Your privacy is important to us. This Privacy Notice explains what personal data we collect from you and how we use it.
If you are a current or former SCC Employee, then please refer to the SCC Employee Privacy Notice which can be found here.
Important Information: Specialist Computer Centres plc (“SCC”) is a company registered in England under company number 01428210. Our registered office is James House, Warwick Road, Birmingham B11 2LE. For the purposes of data protection laws, we will be the data controller for certain personal data collected from you in the circumstances described below, and our Data Protection Officer can be contacted at [email protected], or on 0121 766 7000.
What information we collect
SCC collects data to operate effectively and provide you the best experiences with our products. You provide some of this data directly when interacting with us, such as when you subscribe to our Newsletter, or contact us for more information or with a query. We get some of it by recording how you interact with our products by, for example, using technologies like cookies. For more information on this, please see our Cookies policy here.
You have control over what data we collect. When asked to provide personal data, you may decline. However, if you choose not to provide data that is necessary to provide goods or services, we may not be able to provide those goods or services.
The type and amount of data we collect varies according to your relationship with us, but may include some of the items below:
- Name and contact data. We collect your first and last name, email address, postal address, phone number and other similar contact data such as delivery address. In most cases, this will be your business contact data.
- Credentials. We collect business and personal online identifiers, passwords, password hints and similar security information used for authentication and account access.
- Purchases. We collect data about the orders you place and purchases you make.
- Feedback about our products and services. We may send you surveys to establish your satisfaction level with the service provided. For more information on how to manage your communication preferences, please see Your Rights (Your Communication Preferences) below.
- Your interactions with us. We collect the content of messages, e-mails, letters or phone calls you send us, such as feedback and product reviews you write, or questions and information you provide for customer support. When you contact us, phone conversations may be monitored and recorded.
- CCTV. If you enter SCC buildings, your image may be captured by our security cameras. We will regularly delete CCTV footage, unless it is being used to investigate an alleged crime or an incident, in which case it may be retained for up to 1 year following the conclusion of any investigation.
In addition, in very rare cases (such as a pandemic response), we may collect and process certain types of Special Category personal data where this is absolutely required. This includes:
- Health data. Information about medical or health conditions for which the organisation needs to make reasonable adjustments. This data would normally be collected directly from you, but may be provided by your employer in some circumstances.
Why we process your information
There are several legal grounds on which we may process your information.
- Because you have agreed. Where appropriate, we collect information about you with your consent. This is the case, for instance, when you fill in paper or online forms and choose to provide us with your information.
- Because we need it to execute or take steps to enter into a contract with you. If you are one of our customers, we collect or use your personal data because it is necessary for the performance of a contract you are a party to, for instance to deliver goods you have ordered. We may also collect your information because you requested us to take steps prior to entering into a contract with us, for instance when you ask us to give you a quote.
- Because it is in our legitimate interest. We also sometimes process your information in pursuit of our legitimate interests to:
- carry out direct marketing activities and send you communications in that regard;
- improve our business and operate it efficiently;
- prevent fraud; and
- ensure general safety and security.
When we process your information on that basis, we always make sure that we balance our interest in having the information with your rights and reasonable expectations.
- Because we need it to comply with the law. In some very rare cases, we will need to retain your information because we are compelled to do so by law.
What we do with it
We use your personal data in order to conduct business with you. Depending on your relationship with us, this may include sales, business improvement, marketing and communication activities, as well as essential business operations.
SCC uses the data we collect to operate our business and provide the goods and services we offer. We also use it to send communications, including promotional communications and to serve our legitimate business purposes.
- Sales. We use data to provide the goods and services we offer, manage customer relationships and aftersales.
- Providing our goods and services. We use your data to process your transactions with us, e.g. the purchase of goods, and to provide our goods and services to you.
- Customer support. We use your data to process any request for assistance you make and to provide other customer care and support services.
- Aftersales. We use your data to process product returns.
- Business improvement. We use your data to improve our goods and services.
- Customer satisfaction. We use your data to conduct satisfaction surveys or ask you for feedback on our products and services.
- Efficient communication. We analyse your use of our websites as well as your response to communications (e.g. whether you open our marketing e-mails) to improve their impact and the goods and services we offer.
- Marketing. You may choose not to receive marketing communications from us at the point of sale. If you do not opt-out from receiving marketing communications from us, you will be provided with communications about other similar products and services from time to time and we may also request you to complete customer satisfaction questionnaires. We use your data to set up contact lists, send newsletters, or personalise and deliver our communications to you. For example, we may contact you by email or other means to tell you about products, activities, promotions or other matters that we feel may be of interest or use to you, for example because they are similar to goods and services you have shown interest in or purchased previously or contain valuable information about the organisation, such as blog posts.
For more information on your rights with regards to direct marketing, please refer to “Your Rights” (Your Communication Preferences). - Essential business operations. We use data to detect and prevent fraud, to resolve disputes, enforce our agreements and defend our rights. We also use it for our own legitimate business purposes, including audit.
How we share your data
We share your personal data with your consent or as necessary to complete any transaction or provide any goods or services you have purchased. We may also share your details with suppliers or vendors we hire to carry out certain tasks on our behalf, and to exercise or defend our legal rights and fulfil our legal obligations.
Examples of such sharing may include:
- Payment. When you make a purchase on www.scctrade.com, you will be redirected to one of our payment providers’ websites so they can securely process your payment. We will have no access to your payment data, and encourage you to check our providers’ Privacy Policies for further information on how they handle your personal data.
- Vendors and Suppliers. We sometimes use third party vendors or suppliers to carry out certain activities, such as processing and sorting data, or direct marketing campaigns. In such cases, we may share your contact details, sale data and other relevant information. Our partner companies must abide by our data privacy and security requirements, and are not allowed to use personal data they receive from us for any other purpose.
- SCC Group Companies. We share personal data among SCC affiliates and subsidiaries. We may also disclose personal data as part of a corporate transaction such as a merger or acquisition.
In some cases, we may need to transfer your information outside of the European Economic Area because we (or a third party or vendor we use) store it on systems that are hosted abroad, or because we need to share it with companies that are not situated in the European Economic Area.
Some of our support operations in Vietnam may be able to access your data; this is solely for the purpose of enabling the provision of internal IT support. The data is encrypted in transit and our staff in Vietnam are subject to strict security measures and will only access data where necessary.
Where we transfer your information outside the European Economic Area, we will always ensure that your information is safe and only sent to organisations providing adequate safeguards, such as:
- Organisations established in countries providing adequate provisions to safeguard your personal information;
- Organisations who are contractually bound to protect your information;
We may also transfer your data abroad if we have a legal obligation to do so.
Finally, we will access, transfer, disclose and preserve personal data when we have a good faith belief that doing so is:
- allowed under applicable law;
- necessary to respond to valid requests for information, including from law enforcement agencies;
- necessary to protect our customers, for example to prevent fraud.
SCC Academy may share your data with our delivery partners and affiliated educational institutions. This collaboration is essential to ensure the correct allocation of courses and to enhance your overall experience.
Your rights
You have rights over how SCC uses your data, and unless your request to exercise those rights is complex or there are numerous requests, we will normally respond within one month of receipt of your request.
Your rights include:
- Access. You have a right to know whether we hold personal information about you. Where such is the case, you can request a copy of your personal data held, as well as information about how it is being used. However, please note that your right of access is subject to limits and we may not be able to provide you with all the requested information. Where this is the case, we will explain the reasons why. Your request will be responded to within one calendar month of receipt. Please note that we may require you to provide proof of identity before we are able to provide any information.
- Rectification. Where information held about you is inaccurate or incomplete, you may request its rectification or completion.
- Erasure. In certain circumstances, you may request your information to be erased (subject to conditions).
- Restriction. You have a right to ask us to restrict our use of your personal information in some circumstances, for example whilst we investigate a complaint that the data we hold about you is inaccurate (subject to conditions).
- Portability. In certain circumstances, you may request the movement, copy or transfer of your information (subject to conditions).
- Objection. You have a right to object to the use of your information. Additionally, where we have used your information in pursuit of our legitimate interests, you can ask us to stop (subject to conditions).
Should you wish to exercise those rights, please contact our Data Protection Officer at [email protected].
Complaints. If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer at [email protected], who will investigate the matter. If you are dissatisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (www.ico.org.uk).
Your Communication Preferences. You can sign up for our Newsletter and choose whether you wish to be contacted to receive promotional communications from SCC by email, SMS, post and telephone. If you have given your consent to receive marketing literature, you can withdraw it at any time. For information about managing email subscriptions and promotional communications, please contact [email protected].
How long we keep your information
SCC retains personal data for as long as necessary to provide you with the goods and services you have requested, to operate our business, or for other essential purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. We will keep your data in line with our Information Retention Policy, and retention periods will vary for different types of data.
The criteria below are good indicators of how we decide how long to keep data for:
- How long is the personal data needed to provide the goods and services and operate our business? This includes such things as maintaining good business and financial records. This is the general rule that establishes the baseline for most data retention periods.
- Is SCC subject to a legal, contractual or similar obligation to retain the data? This includes cases where the law prescribes we should keep information for a given period of time, or where data must be preserved during an investigation, for current or potential litigation or contractual purposes. Some data must also be kept for audit purposes.
- Whether the data protection authority has provided guidance or recommendations for specific data or document types.
- Have you provided consent for a longer retention period? If so, we will retain data in accordance with your consent.
Security of your information
We apply technical and organisational security measures to protect your information and protect it from accidental or unlawful destruction, loss, alteration, or unauthorised disclosure. The security measures we apply vary depending on the type of data at stake, the reasons why we hold it and any specific risks.
The effectiveness of our security controls are assessed and verified periodically as part of our certification to ISO 27001, the International Standard for Information Security management, which applies to our whole business. We require all our staff and any third parties who carry out work on our behalf to comply with our security policies and appropriate compliance standards.
Links to other websites
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Changes to this Policy
This Policy (ref: SCC-NOT-00502 – v5.0) was last updated on 31st March 2023. If we change our Privacy Notice or Cookies Policy, we will update the changes on this website. We may also place notices on other pages of the website so you may check our current policy at any time.