DIT Universal Solutions has created this privacy statement in order to demonstrate our firm commitment to privacy. The
following discloses our information gathering and dissemination practices for DIT Universal Solutions websites,
including DIT Universal Solutions and all sub-domains under these domains. These domains include, but are not limited to
In this policy, “DIT Universal Solutions”, “DITUS”,“we”, “us”, and ‘our” refer to Internet for Everything Limited trading as
DIT Universal Solutions.
In this policy “Personal data" is defined by Article 4(1) of the GDPR: ; ‘personal data’; means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier
such as a name, an identification number, location data, an online identifier or to one or more factors specific to the
physical, physiological, genetic, mental, economic, cultural or social identity of that natural person".
2. Data protection officer
Our current nominated Data protection officer is: Mehrdad Nikfarjam
This privacy statement only covers the information collected on DIT Universal Solutions’s websites, ie where we act as a
data controller. The DIT Universal Solutions’s websites contain links to other sites. DIT Universal Solutions is not
responsible for the privacy practices, actions, or the content of such websites.
4. Use of personal data
Section 4 outlines how DITUS makes use of personal data, including :
- the kinds of information we collect
- the purpose of collection
- the legal basis for processing data
DIT Universal Solutions operate in a business to business environment and personal data is only held on individuals
over the age of 18. Should we become aware of personal data being held by us of persons under 18 the data will be
4.1 Website activity tracking
Websites operated by DIT Universal Solutions use Google Analytics to collect information on website visits. Information collected includes geographic location of visitors number of visits pages visited web browser and OS used length of visit
on-site activity such as completing contact forms the value and products taken of any orders generated on dit-universal.com and dit-universal.co.uk. This is collected in an anonymous format with no identifiable user information collected.
This data is collected in an anonymised format with no information collected by DIT Universal Solutions as who the visitor was.
use for remarking purposes. Google’s own statement regarding this collection is:
“This includes data from Google’s signed-in users who have chosen to enable Google to associate their web and app
browsing history with their Google account, and to use such information from their Google account to personalise ads.
Google Analytics temporarily joins these identifiers to your Google Analytics data in order to support your audiences.
When you enable this setting, you must adhere to the Google Analytics Advertising Features Policy, including rules around
sensitive categories and the necessary privacy disclosures to your end users about the data you collect and share with Google.”
Additional report information is generated around visitor demographics and interests. DITUS receive this information
in an aggregated format from Google, with no personally identifiable information present.
Any information collected by Google Analytics that is associated with cookies, user-identifiers (eg User ID), or
advertising identifiers (eg DoubleClick cookies, iOS identifier for advertisers, or Android OS advertising ID) is automatically deleted after 14 months or whenever a user initiates a new event, whichever is shorter. Aggregated data, without personally identifiable information, is not affected.
4.2 Customer billing portal
Personal data is held on a customer’s billing portal to enable provision and administration of services. Information
collected includes Customer’s name Customer’s billing address Customer’s payment details (credit card, debit card,
bank details, etc, as appropriate) Customer’s contact telephone number(s) In general, this is collected at the time of initial order, though customers can amend the information held at any time in their billing portal. Contact information is collected in order to provide customer’s with status updates, including when new invoices are produced, planned upgrades or outages that will affect service, and other information deemed essential.
Financial information and payment details are collected to process payments for services provided by DIT Universal Solutions.
For legal reasons, it is necessary to maintain certain financial records for a period of time. Customer billing portal data is held in secure UK data centres.
4.3 Customer Relations Management database
DIT Universal Solutions maintain a Customer Relations Management (CRM) database. This holds Business premises address (as recorded in the customer’s billing portal) Known contacts at the business (as recorded through conversations with the sales team or enquiries made by customers)
Records of conversations between customers and DITUS’
sales / account management representatives.
This data is collected to provider a high quality service to customers, and for internal tracking / auditing of employee activity.
Customer Relations Management data is held in secure UK data centres.
4.4 Enquiry data
When customers, or prospective customers, make an enquiry with DIT Universal Solutions, a record of that enquiry is held by us. How the data is retained depends on how the enquiry was made. Enquiry data is held to provide a high quality response to individual enquiries hold an audit trail of conversations in case of dispute.
The personal information collected is that given by the person making the enquiry. Enquiry data is deleted 12 months after an enquiry has been
identified as no longer valid (for example when no further responses from the enquirer has been logged). Enquiry data is stored in secure UK data centres.
4.4.1 Website enquiries made by completing an enquiry form
- Personal information is held within the Customer Relations Management database and the website’s internal forms database
- For website enquiries, the person completing the contact form is given the option of allowing DITUS to use the information for further contact
4.4.2 Telephone enquiries
- Personal information is held within the Customer Relations Management database
4.4.3 Direct email enquiries
- Personal information is held within DITUS’ email mailbox, the Customer Relations Management database, the online ticketing system (depending which email address the direct enquiry was sent to)
4.5 Marketing database
DIT Universal Solutions may process personal data on customers, and people making enquiries for our service, in order to provide future information on new services, promotions, and other marketing communications. Marketing
data held would include: Name Contact email Contact telephone Contact postal address Communication preferences Responses to marketing activity such as emails, website pages visited, conversations held with DITUS agents. Marketing data is held in the Customer Relations Management database.
Individuals can opt-out of the marketing database at any time either by contacting DITUS directly. Customers, and non-customers making enquiries are given the option of opt-into future marketing communications.
Depending on how their enquiry is made (see ‘Enquiry data’) the method of obtaining an opt-in will differ.
Only where a valid opt-in has been given will the person be added to the marketing database.
4.6 Legal defence
We may process personal data to establish, exercise, or defend legal claim in either court proceedings or in administrative and out-of-court procedures. Information is processed to protect and assert our legal rights, or the legal rights of others.
4.7 Professional advice
We may process personal data as part of obtaining professional support and advice from others. Information is processed to improve services to customers, adapt to changes in legal requirements, or to protect DITUS against business risk.
4.8 Log files
To fulfil legal obligations, log files are kept of server activity. We may process personal data as part of these obligations,
including IP addresses, user login IDs. Log files are stored for a minimum of 30 days as required by the Regulation of
Investigatory Powers Act 2000.
4.9 Other uses
In addition to the above, personal information may be processed by DIT Universal Solutions for the purposes of completing our agreements with customers, internal auditing, supplier auditing, or for legal requirements.
5 Providing personal data to third parties
At times is may be necessary to disclose personal data to third parties in the general operation of business duties.
Personal data is only shared with third parties when necessary and in a secure, encrypted, electronic method of
communication. Third parties are required to demonstrate their own commitment to data protection and GDPR requirements
before information is shared with them.
5.1 Providing a service requested by a customer
- Where a customer’s services are delivered by a third party supplier (such as Qunifi, DropBox, or others) it is necessary to pass personal data onto the supplier for the efficient delivery of services
- Personal data is only shared with suppliers providing a customer’s service. Information on customer’s not using that supplier’s service is not shared
- A full list of suppliers is available upon request
5.2 Processing financial transactions
- Payment service providers are used to process customer payments
5.3 Legal defence
- Personal data may be shared with third party legal
companies as part of a legal defence against claims
Personal data may be shared with a third party to fulfil marketing communications, such as sending email newsletters out to subscribers, when individuals have consented to receive such information from DITUS.
6 International transfer of personal data
DITUS provide services from suppliers based in different locations. This section outlines where personal data may be held.
Only customers who have chosen a specific service will have their data processed in the location utilised by the supplier.
Personal data is only shared with non-UK or non-EU suppliers when necessary and in a secure, encrypted,
electronic method of communication. Where personal data is processed by a non-UK or non-EU provider, suppliers are required to demonstrate their own commitment to data protection and GDPR requirements before information is shared with them. The following suppliers may have personal data transferred to their location outside of the EU as part of normal
operations to fulfil a customer’s service requirements
- Dropbox for Business — Data centres located in the United States of America
Domain registration — Personal data may be processed by enom, Goddady, a US-based domain provider.
7 Individual rights for personal data
Individuals may request a copy of the personal data held on them by DIT Universal Solutions. The fulfilment of this
request is dependent on:
- An administration fee of £10
- Proof of your identity such as a photocopy or scan of your passport or driving licence certified by a solicitor, or utility bill with address shown.
- Particular personal data may not be supplied as part of your request to the extent permitted by law
You can request removal from marketing databases at any time without the need for an administration fee of proof of your identity
You have the right to request removal of your personal data, or selected elements of your data, at any time. Where information must be retained for legal compliance, that data will not be deleted.