Book A Free Asessment

or

Call Us for FREE on 0800 043 0043

Privacy Policy

Privacy Policy – D8A IT Services

Last updated: 2 April 2026
Company: D8A IT Services Ltd ("D8A", "we", "us", "our")
Website: https://d8a-it-services.co.uk

1. Introduction

D8A IT Services is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy applies to:

  • Visitors to our website
  • Prospective clients
  • Clients and their nominated contacts
  • End users supported by us under managed IT or helpdesk services
  • Suppliers and business contacts

2. Our Role Under Data Protection Law

Depending on the activity, D8A IT Services acts as either:

  • Data Controller – where we determine the purposes and means of processing personal data (e.g. sales enquiries, billing, website administration, HR, supplier management).
  • Data Processor – where we process personal data strictly on the documented instructions of a client (e.g. providing IT support, managing user accounts, or administering systems on a client’s behalf).

Where we act as a data processor, processing is governed by our contract and/or a Data Processing Agreement (DPA) with the client.

3. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Website and Technical Data

  • IP address
  • Browser type and version
  • Device and operating system information
  • Date/time and page interaction data
  • Cookies and similar tracking technologies

3.2 Enquiry and Client Data

  • Name
  • Company name
  • Email address
  • Telephone number
  • Job title
  • Information provided during audits, enquiries, or quotations

3.3 Service and Helpdesk Data (Processor Activity)

  • Client user names and work email addresses
  • Support case notes and correspondence
  • System identifiers required to deliver IT support

3.4 Billing and Financial Data

  • Billing address
  • Invoice and payment history
  • Direct Debit details (bank account number and sort code)

4. Lawful Bases for Processing

We process personal data under the following lawful bases:

  • Contract – where processing is necessary to deliver services or fulfil a contract
  • Legitimate Interests – for business administration, service improvement, and security (balanced against individual rights)
  • Legal Obligation – for accounting, tax, and regulatory requirements
  • Consent – where required, e.g. certain marketing communications

5. How We Use Personal Data

We use personal data to:

  • Respond to enquiries and prepare quotations
  • Deliver managed IT and support services
  • Operate and administer our helpdesk systems
  • Communicate about service issues or changes
  • Issue invoices and take payments
  • Maintain security and prevent misuse
  • Comply with legal and regulatory obligations

6. Data Sharing and Third Parties

We do not sell personal data.

We may share personal data with:

  • Technology and hosting providers who act as our processors
  • Accounting and payment service providers
  • Professional advisers (legal, financial)
  • Law enforcement or regulators where legally required

All suppliers are subject to appropriate contractual and security obligations.

7. International Data Transfers

Where personal data is transferred outside the UK:

  • We ensure appropriate safeguards are in place, such as UK-approved Standard Contractual Clauses
  • Transfers are limited to what is necessary for service delivery

Further information on safeguards is available upon request.

8. Data Retention

We retain personal data only for as long as necessary:

  • Enquiry data: up to 24 months
  • Client and support data: for the duration of the contract and a reasonable period thereafter
  • Financial records: typically 6–7 years to meet legal obligations

Data processed on behalf of clients is retained in line with client instructions and contractual requirements.

9. Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

  • Access controls and least‑privilege permissions
  • Secure systems and encryption where appropriate
  • Regular security reviews and staff awareness

10. Your Rights

Under UK GDPR, individuals have the right to:

  • Access their personal data
  • Request rectification of inaccurate data
  • Request erasure (where applicable)
  • Restrict or object to processing
  • Data portability
  • Withdraw consent (where processing is based on consent)

Requests can be made using the contact details below.

11. Complaints

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

12. Cookies

We use cookies to ensure our website functions correctly and to analyse usage. You can control cookies through your browser settings. Further details are provided in our Cookie Notice.

13. Contact Details

For privacy or data protection enquiries, please contact:

D8A IT Services Ltd
Email: enquiries@businessnetworks.co.uk

14. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be published on our website.