Privacy Policy

Last Updated: March 2025

SiSTEM Technology Ltd (“we,” “our,” or “us”) is committed to protecting your privacy and ensuring that your personal data is processed securely and lawfully. This Privacy Policy explains how we collect, use, store, and protect your personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We are registered with the Information Commissioner’s Office (ICO) under Registration Reference: ZB872178.

By using our website, services, or engaging with us, you acknowledge that you have read and understood this Privacy Policy.

1.  Who We Are

Company Name: SiSTEM Technology Ltd

Registered Address: Suite 3, Innovation Centre, Silverstone Technology Park, Silverstone, Northamptonshire, NN12 8GX

ICO Registration Number: ZB872178

Data Protection Officer (DPO): Mrs. Janine van den Berg

Email: janine@sistemtechnology.com

If you have any questions about how we process your personal data, please contact our DPO at the email above.

2.  What Personal Data We Collect

SiSTEM Technology collects and processes personal data for specific, lawful purposes. The types of personal data we collect include:

2.1.  Visitors to Our Website

Name, email address, and contact details (if you fill out a contact form)

IP address and browser type (collected through cookies and analytics tools) Preferences for marketing communications

2.2.  Customers & Business Contacts

Name, business name, and job title

Email address, phone number, and business address Payment details (processed securely via third-party providers) Communications records (emails, phone calls, inquiries)

2.3.  Job Applicants & Employees

Name, contact details, CVs, employment history, and references Payroll, tax, and banking details (for employees only)

Right-to-work documents and background check information

2.4.  IT & Security Services

System login details for IT support purposes (only when necessary) Network activity and security logs (for cybersecurity monitoring)

We only collect personal data necessary for the purposes outlined in this policy.

3.  How We Use Your Data (Lawful Basis for Processing)

We process your personal data under the following lawful bases:

4.  How We Store & Secure Your Data

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or misuse. These measures include:

Data encryption for sensitive information

Access controls restricting data access to authorized personnel

Secure servers with regular security monitoring Data minimisation – we only retain necessary data Regular audits & security assessments

Retention Periods:

We store personal data only as long as necessary for its intended purpose, after which it is securely deleted.

5.  How We Share Your Data

We do not sell or rent your personal data. However, we may share it with:

5.1.  Third-Party Service Providers

We partner with trusted IT and cybersecurity providers, including Teklogic Ltd, to ensure system security and IT support. All third parties processing personal data on our behalf have Data Processing Agreements (DPAs) in place to ensure GDPR compliance.

5.2.  Legal & Regulatory Requirements

We may disclose your personal data if required by law, regulatory authorities, or to enforce our contractual rights.

5.3.  International Transfers

We primarily store data in UK-based servers. If personal data is transferred outside the UK, we ensure adequate safeguards (e.g., Standard Contractual Clauses).

6.  Your Rights Under GDPR

You have the following data protection rights:

Right to Access – Request a copy of your data

Right to Rectification – Correct inaccurate or incomplete data

Right to Erasure (‘Right to be Forgotten’) – Request deletion of your data (subject to legal retention requirements)

Right to Restrict Processing – Limit how your data is processed

Right to Data Portability – Obtain a copy of your data in a portable format Right to Object – Object to processing based on legitimate interests Right to Withdraw Consent – Withdraw marketing consent at any time

How to Make a Request:

To exercise any of these rights, contact our DPO at janine@sistemtechnology.com. We will respond within one month.

If you are unsatisfied with our response, you have the right to lodge a complaint with the ICO at ico.org.uk.

7.  Cookies & Tracking Technologies

We use cookies and tracking technologies to improve website performance and enhance user experience.

Essential Cookies – Necessary for site functionality

Analytics Cookies – Used to track website performance

Marketing Cookies – Used for targeted advertising (only with consent)

Managing Cookies:

Users can manage their cookie preferences via the cookie banner on our website. Read our cookie policy for more details.

8.  Marketing Preferences

We only send marketing emails with explicit consent. You can unsubscribe at any time using the link in our emails or by contacting janine@sistemtechnology.com.

We do not engage in unsolicited marketing or spam.

9.  Data Breach Notification

In the event of a data breach, we will:

Notify the ICO within 72 hours (if required)

Inform affected individuals if the breach poses a high risk Take immediate steps to secure affected data

10.  Policy Updates

This Privacy Policy is reviewed annually and updated to reflect changes in law, technology, or business practices.

Last reviewed: March 2025

Next review: March 2026

We encourage you to check this page periodically for updates.

11.  Contact Us

If you have any questions or concerns about this Privacy Policy, please contact:

Data Protection Officer: Mrs. Janine van den Berg

Email: janine@sistemtechnology.com

ICO Website: ico.org.uk