ScreenCloud and General Data Protection Regulation (GDPR)

At ScreenCloud we are committed to protecting our customers’ personal information. We wanted to explain the steps we take to do this within ScreenCloud.

Security Policy

We have a comprehensive Security Policy which everyone who works here has to adhere to. It covers the steps we take to protect physical access to personal data via our computers and devices, as well as the software that we use. The policy makes it clear how and why we collect data and that safeguarding that data is a top priority. It also details the company’s policy around responding to a potential breach of data including reporting breaches as required under the GDPR.

Collecting only the data we need

We are not in the business of collecting data that we do not need. Rather, we only collect and store data that is needed to run our business effectively. However, the data we do collect may sometimes be of a personally identifiable nature. In order to operate our business we need to collect three types of data:

1.     Customer contact data. This is normally the person who orders our service or is the contact point for billing queries. We typically need their name, address, email address and phone number. We also collect historical purchasing data. We do not collect credit card details as these are handled directly by our payment handler.

2.     Data that is uploaded to ScreenCloud to be shown on the screens that people are subscribing for. This may or may not contain personal data, depending on what our customers choose to upload to the system. The main point here is that we do not mandate what data is uploaded to our system, but we accept that for some customers they may choose to upload personally identifiable data. For that reason, we treat this data with the same degree of importance that we would for customer contact data.

3.     Employee or potential employee data. People applying to work for us and those that do work for us will have sent us details including Resumés/CVs which will inevitably contain personal data. Employees also provide us with other personally identifiable data that we use to be able to pay them and pay taxes.

Making sure people know why we collect their data

We need certain data in order to be able to deliver the service that our customers pay us for. But like most companies, we also may use this data to tell our customers more about the service or to survey their opinions about us and our future plans. We have taken steps to make it clear to anyone whose data we intend to hold, why we need the data and what it will be used for. We also give people the option as to whether or not they want us to use the data in this way.

Data retention

We only hold onto data for as long as is needed to manage our business, be responsive to customers past and present and adhere to any legal requirements that may arise from time to time.

Data Protection and our Suppliers

We work with a range of carefully selected suppliers in order to deliver the service we provide: these range from the people we use to host content to the companies that manage subscription billing on our behalf. Where we identify that any of our suppliers may have access to data we ensure that we have an agreement with them that they also have rigorous protections in place. In most cases, our suppliers are established businesses such as Amazon Web Services or Salesforce who have every other one of their customers asking for the same agreements to be in place, and so they are fully prepared and aware of the requirements that GDPR places on all of us.

Maintaining transparency

At all times, our aim is to be open and transparent with individuals and the data we hold. We regularly review our policies and welcome any feedback or suggestions our customers have.

If you need to check what data we hold about you, you can make a subject access request by contacting us through the website.

For more details about how we collect, manage and process data, please see our Privacy Policy .