Privacy Policy
Privacy Policy
Last Updated: 23rd November 2024
Version: 2.2
​​​
1. Introduction
Introduction This policy outlines how Quantum Switch ("we," "us," or "our") handles personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy applies to all personal data processed by our organization.
2. Data Controller Information
Quantum Switch is the data controller for personal information processed under this policy.
• Registered Address: Nelson House, 2 Hamilton Terrace, Leamington Spa, Warwickshire, UK CV32 4LY
• Company Registration Number: 11174898
• Data Protection Officer: Tim Howard, Chief Information Office
3. Data Collection and Processing
We may collect the following categories of personal data:
​
Standard Personal Data
-
Identity Information (name, date of birth, employee ID)
-
Contact Details (email, phone, address)
-
Professional Information (job title, department)
-
Technical Data (IP address, login data)
-
Usage Data (system access logs, activity records)
​
​Legal Basis for Processing
-
We process personal data under the following legal bases:
1. Contractual Necessity
o Processing required for employment contracts
o System access and authentication
2. Legal Obligation
o Tax and financial reporting
o Health and safety compliance
o Regulatory requirements
3. Legitimate Interests
o IT security and system maintenance
o Business improvement and analytics
o Asset protection
4. Consent
o Marketing communications
o Optional employee benefits
o Biometric data processing
​
4. Your Rights
Under data protection law, you have the following rights:
-
Right to access your personal data
-
Right to rectification of inaccurate data
-
Right to erasure ("right to be forgotten")
-
Right to restrict processing
-
Right to data portability
-
Right to object to processing
-
Rights related to automated decision-making
5. Data Security
We implement appropriate technical and organizational measures including:
-
Encryption of data at rest and in transit
-
Multi-factor authentication
-
Regular security assessments
-
Employee training and awareness
-
Access control and monitoring
-
Incident response procedures
-
Regular backup and recovery testing
​
6. International Data Transfers
We transfer personal data outside the UK/EEA under the following safeguards:
-
Standard Contractual Clauses
-
Adequacy decisions where applicable
-
Binding Corporate Rules for intra-group transfers
6. How We Use Your Personal Data
Your data is used for:
-
Providing and improving our services.
-
Responding to inquiries.
-
Ensuring website security and functionality.
-
Complying with legal obligations.
-
Conducting marketing, where consent is provided.
7. Data Retention
We retain personal data according to the following periods:
-
Employee Data: Duration of employment plus 10 years
-
Security Logs: 10 years or per vendor term
-
System Backups: 3 years
-
Email Communications: 10 years
-
Financial Records: 10 years
-
Health and Safety Records: 40 years
​
8. Third-Party Processing
Categories of Recipients
We share personal data with:
-
IT service providers
-
Cloud storage providers
-
Security monitoring services
-
Professional advisors
-
Regulatory authorities
Processor Requirements
All third-party processors must:
-
Implement appropriate security measures
-
Process data only on our instructions
-
Assist with data subject rights requests
-
Support security incident management
​
9. Complaints and Contact Information
Internal Resolution
For privacy concerns, contact:
-
Data Protection Officer: qsecurity@quantumswitch.com
-
IT Security Team: noc@quantumswitch.com
​
External Resolution
You have the right to complain to the Information Commissioner's Office (ICO):
-
Website: www.ico.org.uk
-
Helpline: 0303 123 1113
Additional Information
-
This policy is complemented by our Cookie Policy: https://www.quantumswitch.com/cookie-policy
-
Third-party links on our systems are not covered by this policy
-
We do not sell personal data to third parties
Policy Review
This policy is reviewed annually or when significant changes occur.
-
Next review date: November 2025
-
Policy owner: CIO – Quantum Switch
​
​