Privacy Policy

Orcuma Ltd will operate as a Data Controller regarding any Personal Identifiable Information (PII) we gather from you. This policy sets out the following:

  • The type of Data we collect
  • How we use your Personal Data
  • When, and how we share that Data
  • How we protect your Personal Data
  • Your rights and choices regarding your Data

Types of Data

To carry out work on your behalf we may need the following information:

  • Your Business Name and Address
  • Information regarding your business

Data Usage

We use this data to:

  • Carry out contracted work set out in our terms and conditions.

Sharing Your Data

To carry out contracted work we may host some of your data with online services used by us to carry out our day-to-day business. Although your Data may be hosted with one or more of these services, no Data Processing is carried out by them at any time. For instance, we may use an online (encrypted) backup service or an online accounting package to prepare invoices and government-required taxation information.

All our supplied services have been checked for GDPR compliance and relevant GDPR compliance certificates are stored at Orcuma Ltd.

We may also share your Data:

  • If the Law or a public authority says we must share that data.
  • If we need to share data to establish or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk)
  • To any other successors in title to our business.

How we protect your Data

We use computer safeguards such as firewalls and data encryption and we enforce physical access controls to our building and files to keep this data safe. We only authorise access to your data for employees who need it to carry out their job responsibilities.

We protect your data in transit by using Secure Sockets Layer (SSL) or other encryption technologies unless specifically asked by you, the client, to do otherwise.

We enforce physical, electronic, and procedural safeguards in connection with the collection, storage and disclosure of your information. We may, on occasion, ask for proof of identity before sharing your data with you.

Whilst we take appropriate technical and procedural measures to safeguard your data, please be aware that we cannot guarantee the security of any data that you transfer over the internet to us.

Your Data will never be transferred to or stored at a destination outside the European Economic Area (EEA).

Your Rights and Choices

You have the right to see the personal data we hold about you, under the GDPR this is called a subject access request. If you wish to see this data then please inform us in writing.

Please inform us if you believe any of the data we hold regarding you is inaccurate and we will update that data accordingly.

You also have the right to ask us to delete all personal data we hold about you. Again, please submit this request in writing.