As we do process some personal data in line with our Business, we ensure that we consistently act in accordance to the latest data protection legislation.
Personal data must be processed for specified lawful purposes
We lawfully collect data taken from an enquiry such as your telephone call to us, your email to us, or your enquiry or request to be added to our marketing list submitted online through our website and process it in direct line with our Business model. In providing Quotations, Selling our Services and future E-Marketing. It maybe passed to our Suppliers when appropriate (such as Sage UK Limited when you are purchasing a Sage software package) and Professional Services for Technical and Sales advice, or to Financial Houses for Credit Checking.
Personal data must be adequate, relevant and not excessive
We collect the minimum amount of information that we need to carry out our Business. This would be Names, Phone Numbers, Email Addresses, Job Roles, Website address, Business Sector and where applicable existing Software and related Hardware Products needed to provide Services we provided.
Personal data must be accurate and up to date
We aim to hold the most factually and up to date data, based on information given to us initially or by further communications and research. Individuals can easily rectify this via phone calls or email.
Personal data must not be kept for any longer than is necessary
The data we collect will not necessary be time limited, it can be used on going for customers whose details will be kept for Accounts processing. Both Prospects and Customers details will be used for e-marketing relevant Products and services. Should the business no longer feel those details are relevant to the purpose they will be amended/deleted accordingly. Individuals may opt out of our email marketing list at any time using the link at the bottom of marketing emails. Active support users who unsubscribe from marketing emails will still receive important case emails directly in relation to support calls you have personally logged with us.
Personal data must be processed in accordance with the rights of individuals
As the Data Owners we are fully aware of our responsibilities under the Data Protection Act and GDPR legislation and are registered accordingly with the ICO and follow their procedures and protocol. ICO Registration Number: ZA371026
Personal data must be kept secure
We hold your personal data securely within our CRM system on our own internal servers in-house, which are protected by industry standard security measures; Both of our physical office locations implement the latest hardware firewall technology, we use secure SSL (https protocol) to transmit your data over our internal networks to prevent eavesdropping, our systems are locked down and require two sets of valid credentials for access and data hard drives and internal backups are encrypted.
Personal data must not be transferred outside the European Economic Area without adequate protection
The data we hold is kept in the UK and Ireland only. Should the case arise that your information needs to be transferred outside of the EEA for a specific enquiry you have made with us we will make you aware of this beforehand.
How Century Deals With Your Company Data
Your Sage 200, Sage 50 or Sage Line 100 data is kept solely on your own internal Sage server. It is not transmitted or accessible over the internet by default. As such your information is behind your own internal security such as username and password access to Sage, usernames and passwords to the server or your computers and protected by internal firewalls. Your hardware/network support team would be able to elaborate on your internal procedures for you. Sage 200 CRM and Sage CRM customers may allow for their CRM system to be accessible remotely over the internet. If this is the case, your data is still kept on your own servers and protected by the same internal security measures.
For Century supported clients, in the event that we need to take a copy of your data away to investigate a support issue, we will specifically ask for your permission to do so on a case by case basis. The data will be encrypted with a password before transmission and transferred using only secure channels. We would delete your data entirely from our systems or online data transfer service as soon as we’re finished with the support enquiry that required us to take the data. On some of these occasions it may be necessary to send your data to Sage UK Limited for Sage systems or our other software suppliers for users of other software packages. Again, we will specifically ask for your permission to do this, and our suppliers would also delete your data as soon as the individual support case had been resolved for you.
Can I Delete Old Customer/Suppliers in Sage 200c?
It is difficult to delete old customers and suppliers when you have transaction and order history stored against them. Don’t forget you must also retain complete accounting data/records for seven years by law. You can however, from Sage 200c version 2017, make customer and supplier accounts inactive, so that they are no longer shown on your lists and screens. There are also new reports to show who you have not traded with in x number of years and a GDPR contact information search tool, to assist with individual data removal requests.
GDPR is designed to protect the privacy rights of an individual, not a business. If, for example, your customer Mr John Smith from ABC Trading Ltd calls in and asks you to remove all personal data you hold on him, you would modify the customers account record and delete his contact name, telephone number and email address to satisfy the request.