Privacy: suppliers

Privacy: suppliers

You can find out how we handle your data in the following privacy policies.

Employees  for current, former and prospective employees
Health and safety  relevant for anyone working on, or visiting our sites
Visitors  for visitors to our site
Customers – for individuals who are direct customers of Cybanetix
Suppliers  for sole traders and partnerships who are suppliers to Cybanetix
Shareholders  for individuals who hold shares in Cybanetix
Website – for users of our website
CCTV  covers images captured by our CCTV systems

What is supplier Data?
Supplier data refers to the information collected and maintained by Cybanetix about its suppliers. This data is used to manage relationships, negotiate contacts, ensure compliance, and optimise procurement processes.

What is the legal basis for our processing of your data?

Legitimate Interest: We collect, and process supplier data based on our legitimate interests, which allow Cybanetix to maintain accurate and up-to-date records of our suppliers, to manage our procurement processes and to develop and maintain strong relationships with our suppliers.

Contractual Obligation: We collect and process personal data to fulfil our contractual obligations to you. This includes contact fulfilment, ensuring both parties meet their respective obligations, including the delivery of goods and services. 

Information we collect/Categories
We collect information necessary to perform the contract between us. This includes:
• Your contact details
• Information on our transactions, including orders, quotes and invoices
• Other correspondence you may have with us in the course of business
We retain this information for 7 years so we can fulfil our legal record keeping obligations.

Purposes of the Processing
Legitimate Interest: We collect and process supplier data based on our legitimate interests, which allow Cybanetix to maintain accurate and up-to-date records of our suppliers, to manage our procurement processes and to develop and maintain strong relationships with our suppliers.

Contractual Obligation: We collect and process personal data to fulfil our contractual obligations to you. This includes contact fulfilment, ensuring both parties meet their respective obligations, including the delivery of goods and services.

How is the information collected?
We get this information directly from you or generate it in the process of transacting business.

Where will we store your data?
We store all supplier data within the UK to ensure compliance with applicable data protection laws and regulations. We implement robust security measures and protocols to safeguard your data from unauthorised access, disclosure, alteration, or destruction, ensuring the confidentiality, integrity and availability of your information is always maintained.

Disclosure
We may share your information with our consultants and professional advisors.

Data Transfer 
We do not currently transfer data outside of the UK.
If we do so in the future we will use a legal framework approved by the UK Government for the protection of your data.
We do not do any profiling or automated decision making.
We do not process any special categories of information.

How long do we keep your data?
We keep your data for 7 years following your last transaction with us.

Your duty to inform us of changes
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your business relationship with us.

Your rights
Under the UK General Data Protection Regulation (UK GDPR) and The Data Protection Act 2018 (DPA) you have a number of rights with regard to your personal data. You have the right to request from us access to, rectification of or erasure of your personal data.

You have the right to request that we restrict processing your data (have us store but not use your data), object to our processing of your data as well as in certain circumstances the right to data portability.

Exercising these rights
If you wish to exercise your rights contact dpo@cybanetix.com

However, you may also make the request to any Cybanetix staff member, who will start the process for you. If the request is made verbally the Cybanetix staff member receiving the request shall record it in writing and confirm the wording with you.

If we decide not to act on your request within a month, or refuse the request, we will set out clearly the reason we took no action.

Right to complain
And, if you do not agree with our decision, or otherwise believe we have not complied with the requirements of UK GDPR, you can ask the Information Commissioners Office to review how we have handled your request.

Data security
Cybanetix protect your information by following industry recognised standards and regulations such as ISO27001, PCI DSS, Cyber Essentials and UK GDPR. 

We restrict who can access your information to just those who need it for the purposes described in this document.  When we transmit your data over the Internet we encrypt it.

Contact details
Cybanetix Limited
The Coade
Level 9
98 Vauxhall Walk
London
SE11 5EL
Tel: 020 8396 7442
Our data protection officer can be contacted at dpo@cybanetix.com