Privacy Statement

Updated for 2025 Compliance

1. Data Controller and Contact Information

For the purposes of UK General Data Protection Regulation (UK GDPR) and, where applicable, the Data Protection and Digital Information Act 2023 (DPDI), Document Network Services Limited acts as the data controller. You may contact us regarding your personal data by emailing our Data Protection Officer at gdpr@dnslimited.co.uk.

This statement was last reviewed in December 2024 and will be reviewed regularly to reflect changes in legislation, internal processes, or best practices. Updates will be posted on this page.

2. How Do We Collect Data?

We gather data through various interactions, including:

• Direct Interactions: In face-to-face meetings, phone or video calls, email exchanges, letters, and other written communications, including when we receive a business card.

• Contractual Agreements: When you enter into a contract with us for machine purchases, services, or finance-related agreements.

• Website Submissions: When you fill out forms on our website—such as subscribing to newsletters, responding to surveys, submitting forms, adding comments, or engaging in live chat features.

• Digital Engagement: When you interact with our digital channels, such as email newsletters or social media platforms like LinkedIn.

• Cookies: Please see below for more details on our use of cookies.
   

3. Processing of Personal Data

We collect and process personal information only as necessary to support our services, fulfil our legal obligations, and ensure security. Types of data we may collect include:

• Contact and Identification Information: Name, address, email, and phone number.

• Transaction Information: Payment details, records of your transactions with us.

• Communication Preferences: Your preferences regarding how you wish to be contacted.

• Usage Information: Details of your visits to our website, including traffic data and other browsing information.

• Call Transcripts & Call Recordings: This is for training and monitoring purposes.

When personal data is transferred outside the UK, we ensure such transfers are compliant with GDPR requirements, including the use of approved data transfer mechanisms like adequacy decisions or standard contractual clauses (SCCs). 

4. How Do We Use Your Information?

In line with the latest GDPR requirements, we may use the information we collect from you for the following purposes:

• To Manage Interactions: Record and track our interactions with current, prospective, and past customers, as well as suppliers, to maintain effective communication and support.

• To Deliver Services: Provide the services or products you have purchased or requested, ensuring a seamless customer experience.

• To Enhance Our Website: Analyse usage and feedback to improve our website’s functionality, usability, and relevance to better serve you.

• To Request Feedback: Invite you to provide ratings and reviews of our products or services, supporting continuous improvement and customer satisfaction.

• To Personalise Your Experience: Tailor content, services, and product offerings to better align with your preferences and interests.

• To Share Updates and News: Keep you informed about updates related to our company, products, or services. You may unsubscribe at any time.
  

5. Data Sharing and Third-Party Transfers

Your data may be shared with:

• Our business associates, including suppliers and partners, under strict agreements to protect your data.

• Regulatory or law enforcement authorities, if required by law or as necessary to protect our interests.

For transfers to third parties, including those outside the UK, we ensure all parties adhere to GDPR and DPDI standards.

6. Data Security and Retention

We have implemented strict measures to ensure the security of your data, including:

• Encryption and secure storage of all sensitive information.

• Regular security assessments, including Cyber Essentials Accreditation, to ensure compliance.

• Defined data retention schedules, and disposal of personal data through secure methods once it is no longer necessary for business or legal reasons.
  

7. Data Subject Rights

Under UK GDPR, you have expanded rights regarding your personal data, including:

• Right of Access: Request a copy of personal data we hold about you.

• Right of Rectification: Correct any inaccuracies in your data.

• Right to Erasure: Request deletion of data under certain conditions.

• Right to Restrict Processing: Limit processing of your data in specific situations.

• Right to Data Portability: Receive a copy of your data in a machine-readable format.

• Right to Object: Object to processing, particularly for direct marketing on legitimate interests.

To exercise your rights, contact gdpr@dnslimited.co.uk.

8. Data Breach Notification

If a personal data breach occurs, we will assess the impact and notify the Information Commissioner’s Office (ICO), along with affected individuals if the breach presents a high risk to their rights and freedoms.

9. Use of Cookies

We use cookies to enhance the functionality of our website. You can manage your cookie preferences through your browser settings. Details of our cookie use are provided when you access our website, and by continuing to use the site, you consent to this usage.

10. Updates to This Statement

We reserve the right to update this privacy statement to reflect legal or operational changes. Any substantial updates will be communicated through our website and, where appropriate, directly to you.

11. Contact Information

Questions or comments about this privacy statement should be addressed to:

 Document Network Services Ltd
The Innovation Centre, Unit 9
Royal Scot Road, Pride Park
Derby, DE24 8AJ
Tel: 01332 362 900
Email: gdpr@dnslimited.co.uk

For unresolved concerns, you may contact the ICO via their website at www.ico.org.uk