Privacy Notice.
Effective Date: 06/05/22
This privacy notice (“Notice”) explains how we collect, use and share personal data in the course of our business activities.
G.Network is committed to protecting and respecting your privacy in accordance with applicable law in this area, such as the General Data Protection Regulation (EU) 2016/679, including as it applies in the UK by virtue of the European Union (Withdrawal) Act 2018 (“GDPR”) and the Data Protection Act 2018 (each as amended from time to time).
This Notice (along with any of our other terms and conditions that apply to you) sets out when and how we’ll process any personal data we collect from you, or that you provide to us. Please read this Notice carefully, to understand this. When we refer to “personal data” in this Notice, we mean information, which can identify you either directly or indirectly as an individual. “Processing” personal data can include obtaining, recording, holding, using, disclosing or erasing it.
ABOUT US
G.Network Communications Ltd (“G.Network”, “we”, “us”) is a full fibre internet service provider (“ISP”). We’re a limited company registered in England and Wales under company number 10057745 and our registered office and main trading address is at 69 Wilson St, London, England, EC2A 2BB.
For the purpose of the GDPR the data controller is G.Network Communications Limited, 69 Wilson St, London, England, EC2A 2BB.
We are registered with the Information Commissioner’s Office (“ICO”) as a data controller with registration number ZA263155.
For queries in relation to this Notice, we can be contacted at dataqueries@g.network or by post at the address above.
We’re regulated in the UK by Ofcom. We’re also a member of Ombudsman Services (an independent alternative dispute resolution service).
ABOUT THIS NOTICE
This Notice applies to personal data that we collect in the course of our ordinary business activities, for example:
- When you visit and use our website www.g.network (“Website”) including when you submit personal data to our Website (e.g. to see if our network is available in your area);
- When you engage with us about our products or services (either before, during, or after you take out such products and services). This could be over the phone, by email, via our Website by post, or in person;
- When you use our products or services;
- When we engage with you (or your employer) for you to provide us with products or services; and
- When your personal data is provided to us by third parties (e.g. the companies we work with, or a friend or family that mentions you in the course of our engagement with them).
This Notice does not apply to any information that we process in the course of your employment, or application for employment, with us. If you are submitting personal data to us as part of a job application, please see our Recruitment Privacy Notice.
Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and others associated with us. If you follow a link to any of these websites, please note that these websites have their own privacy and cookie policies. G.Network accepts no responsibility or liability for these policies. Please check these policies before you send any personal data to these websites.
This Notice may be updated from time to time. We therefore advise you to consult it on a regular basis. The effective date at the top of this notice indicates when the Notice was last updated.
PERSONAL DATA WE MAY COLLECT FROM YOU
The specific personal data we may collect from you will depend on the precise nature of your relationship with us, however we will limit the personal data that we collect to that which is necessary for the purpose of collection.
You are not obliged to provide us with any personal data, however if you do not provide the information that we have requested, we may not be able to respond to your communications, or provide you with our services.
Some categories of personal data are given additional protection under the GDPR (“Special Category Personal Data”). Examples of this might be: information about your health (such as any disabilities), information about your racial or ethnic origin, and information about your sex life or sexual orientation. We do not anticipate routinely processing Special Category Personal Data, although we may in some circumstances. For example, if you include Special Category Personal Data in any emails that you send to us or where Special Category Personal Data is not redacted from documents provided as part of an application. Where we process Special Category Personal Data, we do so on the basis that you have explicitly consented to this processing, by freely providing us with the information. You may withdraw this consent at any time.
Residential customers
If you purchase products or services from us as a residential customer (i.e as a private consumer), either via (i) our Website; (ii) calling our customer service agents; or (iii) submitting a paper order form to us, we may collect and process personal data about you, such as:
- Basic personal details needed to engage with you and administer our relationship (name, title, address, email address, date of birth, etc.) and your marketing preferences.
- Payment and subscription information (bank details, payment methods and amounts, details of your agreement with us, etc.).
- Information regarding your eligibility for certain products (details of benefit eligibility, etc.).
- Account information (username, password, records of when you have logged in, etc.)
- If you (or someone using your G.Network telephone service) use G.Network’s network to make a telephone call we keep a record of that call (including the number called and the duration of the call) so we can charge for it. We also receive information from other operators about calls made over our network, where we need that information for connecting and billing purposes.
- We hold information about your use of our broadband services (such as when you are connected, the device used to connect, the amount of time you spend online, etc.).
- If you abuse or damage the G.Network telephone network, for example by making offensive or nuisance calls, we may keep information relating to that abuse.
- If you abuse our internet service or any other services we provide, for example by not following any part of our Fair Usage Policy, we may keep any information relating to that abuse.
- If you contact us, or we contact you, we may keep a record of the contact and any Personal Data included in the correspondence or call.
- We’ll hold details of your visits to our Website (including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise) and the websites and other products and services you access through it.
- We may hold information on which devices have accessed your network (e.g. type of device, brand, model, operating system and browser) in order to monitor and better understand how our services are used.
- We may collect information about your computer, including your IP address, and URLs you have accessed.
- We may ask you questions, from time to time, about how you use the services we provide, other services you’d like us to provide in the future and about other things, such as information about your lifestyle.
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them. These surveys are sent to gauge customer satisfaction and are not promotional or marketing communications.
Most of the personal data is obtained directly from you or another member of your household, and from your use of our services.
In addition, when you order services from us, we may collect personal data from other sources such as credit reference agencies and fraud prevention schemes. We may undertake credit checks on new customers by providing your basic personal details to one or more credit reference agencies. They then provide us with information they have on file about you so that we may determine whether to enter into a contract with you.
Business customers
If you purchase products or services from us as a business customer, either via (i) our Website; (ii) calling our customer service agents; or (iii) submitting a paper order form to us, we may collect and process personal data about you, as the representative of the business, such as:
- Basic personal details needed to engage with you and administer our relationship with your business or employer (name, job title, contact details, etc.) and marketing preferences.
- Account information (username, password, records of when you have logged in, etc.).
- If you use your businesses telephone service using G.Network’s network to make a telephone call, we keep a record of that call (including the number called and the duration of the call) so we can charge for it. We also receive information from other operators about calls made over our network, where we need that information for connecting and billing purposes.
- We hold information about your use of our broadband services, subscribed for by your business (such as when you are connected, the device used to connect, the amount of time you spend online, etc.).
- If you abuse or damage the G.Network telephone network, for example by making offensive or nuisance calls, we may keep information relating to that abuse.
- If you abuse our internet service or any other services we provide, for example by not following any part of our Fair Usage Policy, we may keep any information relating to that abuse. We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- If you contact us, we may keep a record of the contact and any Personal Data included in the correspondence or call.
- We’ll hold details of your visits to our Website (including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise) and the websites and other products and services you access through it.
- We may collect information about your computer, including your IP address, and URLs you have accessed.
- We may ask you questions, from time to time, about how you use the services we provide, other services you’d like us to provide in the future and about other things, such as information about your lifestyle.
Most of the personal data is obtained directly from you or another member of your business, or from your use of our services.
Suppliers, service providers and other third parties
If we engage with you, or your employer, for you to provide us with products and services, we may collect and process personal data about you (either in your own capacity, or as a representative of the business) such as:
- Basic personal details needed to engage with you and administer your businesses relationship with us (name, job title, email address, contact telephone number, address (which may be your home address if you operate your business from home or work remotely)).
- Details about the products or services being provided.
- In some cases, with your express consent, we may process Special Category Personal Data (for example, if you are attending our site and you alert us to a disability so that we may make reasonable adjustments to ensure access).
Most of the personal data is obtained directly from you or another member of your business.
Cookies and similar tracking technologies
As with most websites and other digital platforms, we employ cookies and similar technologies to collect and store certain information about your visits to our Website. We use this information to improve our Website, and to help us remember you and your preferences when you next visit. For more information about our practices in this area, please see our Cookie Notice.
USES MADE OF YOUR PERSONAL DATA AND THE LEGAL BASIS FOR THIS
We use personal data held about you in a number of ways during the course of our business operations. We will only collect, use and share your personal data where we are satisfied that we have an appropriate legal basis to do this.
This may be because the processing is necessary:
For our legitimate business interests (or those of a third party) provided that such interests are not outweighed by your fundamental rights and freedoms. For example:
- To promote our products and services, and you have not selected a direct marketing opt-out box when this if offered;
- To liaise with employees of our business customers about our products and services, and to administer the contract entered with our business customers;
- To liaise with employees of suppliers, service providers and other third parties in relation to products and services offered to us;
- To ensure that content from our Website is presented in the most effective manner for you and for your computer;
- For our internal network monitoring, allowing us to deliver optimal network performance to our customers, gain insights into how our network is being used, and aid in troubleshooting any problems you may face;
- To get your views, improve our services and provide you with information that makes our services more useful to you;
- To comply with lawful requests made by authorities, and to otherwise voluntarily co-operate with regulatory bodies at our discretion; and
- To tell you about changes to our services.
To perform a contract entered into between you and us, or to take steps at your request before entering into such a contract. For example:
- To determine whether we can offer residential customers our products and services;
- To maintain the accounts or our residential customers, provide them with service and billing information, and respond to account related queries or complaints;
- To process orders and payments;
- To carry out our obligations or use our rights from any contracts entered into between residential customers and us; and
- To allow you to use the interactive features of our service when you choose to do so.
To comply with a legal obligation to which we are subject. For example:
- Where we are obligated to provide information, or assistance, to courts, government authorities, or other regulatory bodies;
- Where we are obliged under investigatory powers legislation to share information with law enforcement agencies, including the police, to help detect and stop crime, prosecute offenders and protect national security;
- To demonstrate compliance with our obligations relating to fraud, anti-money laundering, anti-bribery, and other such laws; and
- When necessary to block unlawful content and to prevent such content being uploaded or accessed.
Or where you have consented to our processing.
- If we are processing your personal data on the basis of your consent, this can be withdrawn at any time.
If you would like to find out more about the legal basis for which we process your personal data, please contact us using the details in the About Us section above.
DIRECT MARKETING
We might wish to process your personal data for marketing reasons (or pass it onto others to do the same on our behalf). We’ll usually let you know (before collecting your data) if this is what we plan to use it for.
You can tell us not to do this (i) by ticking certain boxes on the forms we use to collect your personal data or (ii) at any time by contacting us at dataqueries@g.network or writing to us at the address set out under About Us section, above.
If you tell us that you do not wish to receive marketing communications, we may still contact you with information about your specific product or service (e.g. to let you know about any service disruptions).
HOW WE SHARE PERSONAL DATA WITHIN G.NETWORK AND WITH THIRD PARTIES
We may share your personal data with other companies with the G.Network group as part of the provision of our services to you.
We may share your personal data with third parties, for example:
- Service providers who help to manage our business and deliver services (e.g. payment providers). These third parties have agreed to confidentiality restrictions and use any personal data we share with them or which they collect on our behalf solely for the purpose of providing the contracted service to us.
- Marketing agencies that we work with on marketing our products and services to customers.
- Credit reference agencies (for example if you fail to make contractual payments on time).
- Our legal, financial, or other advisors in order to obtain professional services.
- In order to prevent fraud, investigate crimes (or potential crimes), and ensure security.
The personal data that we collect from you may in some cases be transferred to third parties based outside the UK and the European Economic Area (“EEA”). This may occur, for example where necessary to provide our services or manage our business systems and Website. Where we do this, we obtain contractual commitments from such third parties to protect your personal data, such as the Standard Contractual Clauses. The Standard Contractual Clauses have been approved by the European Commission and the UK Government for transfers of personal data to third countries.
You have a right to contact us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments) to ensure the adequate protection of your personal information when it is transferred outside the EEA.
We may share in aggregate, statistical form, non-personal information regarding the visitors to our Website, traffic patterns, and Website usage with advertisers. As such data is anonymous (it cannot be used to identify you) it is not treated as personal data.
HOW WE PROTECT YOUR PERSONAL DATA
We’ll take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Notice. All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology.
Where we’ve given you (or you’ve chosen) a customer ID, password(s) or log-ins to allow you to can access certain parts of our Website, you’re responsible for keeping these confidential. We ask you not to share them with anyone. You’re responsible for how our services are used from your account and for keeping your account information secret. Please keep this information safe, and don’t share it with others.
Unfortunately, sending information using the internet isn’t completely secure. Although we’ll do our best to protect your personal data, we can’t guarantee the security of the data you send to our Website; you take the risk for this. Once we’ve received your information, we’ll try our best to keep it securely. This includes using strict procedures and security features to try to prevent unauthorised access.
HOW LONG WE STORE YOUR PERSONAL DATA FOR
We will store your personal data for as long as is reasonably necessary for the purposes for which it was collected, as explained in this Notice. For example, eligibility documentation is deleted once your eligibility for certain products has been verified, if applicable. In some circumstances, we may store your personal data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax or accounting requirements.
In specific circumstances we may store your personal data for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal data or relationship with us.
Once your personal data is no longer needed, it is securely destroyed.
YOUR RIGHTS
Subject to certain exemptions, and in some cases dependent on the processing activity we are undertaking, you have certain rights in relation to your personal data, as outlined below.
You can exercise your rights by contacting us using the details at the About Us section above. Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if with require further information in order to fulfil your request.
We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with your request in a different way. Please note that we’ll need to confirm your identity before giving you details of any personal data we may hold about you.
- Right to access personal data
The GDPR gives you the right to request that we provide you with a copy of the personal data that we hold about you.
You also have the right to be informed of: (a) the source of your personal data; (b) the purposes, legal basis and methods of the processing; (c) rights that are available to you; (d) our identity; and (e) the entities or categories of entities to whom your personal data may be transferred. Much of this information is contained in this Notice.
- Right to rectify or erase personal data
You have a right to request that we rectify inaccurate personal data. We may seek to verify the accuracy of the personal data before rectifying it.
You may also request that we erase your personal data in limited circumstances where:
- it is no longer needed for the purposes for which it was collected;
- you have withdrawn your consent (where the data processing was based on consent);
- following a successful right to object (see right to object);
- it has been processed unlawfully; or
- where erasing the data is necessary to comply with a legal obligation to which we are subject.
The right to erasure is not an absolute right, and there are exceptions. For example, we are not required to comply with your request to erase personal data if the processing of your personal data is necessary:
- for compliance with a legal obligation; or
- for the establishment, exercise or defence of legal claims.
- Right to restrict the processing of your personal data
You may ask us to restrict the processing of your personal data (so we may keep the data but we may not use it for further purposes). Again, this is not an absolute right and it only applies where:
- the accuracy of the personal data is contested, but we need to keep it to allow us to verify its accuracy;
- the processing is unlawful, but you do not want it erased;
- the personal data is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
- you have exercised the right to object, and we need to verify if we have an overriding basis to continue the processing (see below).
We can continue to use your personal data following a request for restriction, for example where:
- we have your consent;
- to establish, exercise or defend legal claims; or
- to protect the rights of another natural or legal person.
- Right to transfer your personal data
You can ask us to provide your personal data to you in a structured, commonly used, machine- readable format, or you can ask to have it transferred directly to another data controller (for example if you wish to switch broadband provider), but in each case only where:
- the processing is based on your consent or on the performance of a contract with you; and
- the processing is carried out by automated means.
- Right to object to the processing of your personal data
You can object to any processing of your personal data which has our legitimate interests as its legal basis if you believe your fundamental rights and freedoms outweigh our legitimate interests.
If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.
- Right to lodge a complaint with a supervisory authority
You have a right to lodge a complaint with your local supervisory authority (which will be the ICO in the UK) if you have concerns about how we are processing your personal data.
We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.