At Console Wizard, we are committed to maintaining the trust and confidence of visitors to our web site.
This will make your onsite experience whilst on our website, the best and easiest we can provide for you.
- Identifying you when you sign-in to our site.
- Delivery Content, allowing our services to give you the experience of our site as intended.
- Your Shopping Cart, making sure changes are kept for the session, preventing fraudulent activity
- Improving Security and Functionality of our services
- Google Analtics - To provide us data on customer search data and country location.
- Cookies allow you to take advantage of some of Console Wizard's essential features.
Most browsers will tell you how to prevent your browser from accepting new cookies.
Additionally, you can disable or delete similar data used by browser add-ons, such as Flash cookies, by changing the add-on's settings or visiting the website of its manufacturer.
For E.U. Clients, Console Wizard complies with the EU Data Protection Directive 95/46/EC framework as set forth by the European Union regarding the collection, use and retention of personal data from European Union member countries and Switzerland.
Console Wizard has certified that it adheres to the requirements of notice, choice, onward transfer, security, data integrity, access and enforcement.
The 'General Data Protection Directive' (GDPR) is an EU regulation that addresses the processing and free movement of personal data. It consists of data protection principles and requirements which must be adhered to when personal data is processed.
The purpose of the GDPR is to have the same data protection laws across all EU member states and to give its citizens more control over how and when their data is used, even if they are in a different country.
Console Wizard is fully committed to prepare for and, after 25 May 2018, to comply with the General Data Protection Regulation. The GDPR applies to all organisations that process data relating to their employees, as well as to others including customers, contractors and clients. It sets out principles which should be followed by those who process data; it gives new and extended rights to those whose data is being processed.
To this end, Console Wizard endorses fully and adheres to the six principles of data protection, as set out in the Article 5 of the GDPR. Data must be:.
- processed lawfully, fairly and in a transparent manner in relation to individuals;
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
- kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;; and
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
These principles must be followed at all times when processing or using personal information. Therefore, through appropriate management and strict application of criteria and controls, the organisation will:
- observe fully the conditions regarding the fair collection and use of information including the giving of consent
- meet its legal obligations to specify the purposes for which information is used
- collect and process appropriate information only to the extent that it is needed to fulfil our operational needs or to comply with any legal requirements
- ensure the quality of information used
- ensure that the information is held for no longer than is necessary
- ensure that the rights of people about whom information is held can be fully exercised under the GDPR (ie the right to be informed that processing is being undertaken, to access one’s personal information; to prevent processing in certain circumstances, and to correct, rectify, block or erase information that is regarded as incorrect)
- take appropriate technical and organisational security measures to safeguard personal information
- publicise and abide by individuals' right to appeal or complain to the supervisory authority (the Information Commissioner's Office (ICO)) in the event that agreement cannot be reached in a dispute regarding data protection.
- ensure that personal information is not transferred abroad without suitable safeguards.
Status of this Policy
The Policy does not form part of the formal contract of employment for staff but it is a condition of employment that staff will abide by the rules and policies made by Mark Stapleton from time to time. Any failure to follow the Data Protection Policy may lead, therefore, to disciplinary proceedings. This Policy was approved on 25th May 2019 . It will be reviewed no later than 12 months.
Designated Data Protection Officer
The Data Protection Officer (DPO) Mark Stapleton will deal with day-to-day matters. Any member of staff, or other individual who considers that the policy has not been followed in respect of personal data about himself or herself should raise the matter with one of the above named persons.
All staff are responsible for:
- checking that any information that they provide to the organisation in connection with their employment is accurate and up to date.
- informing the organisation of any changes to information that they have provided, e.g. changes of address, either at the time of appointment or subsequently. The organisation cannot be held responsible for any errors unless the employee has informed it of such changes.
All staff are responsible for ensuring that:
- any personal data that they hold is kept securely.
- personal information is not disclosed either orally or in writing or via Web pages or by any other means, accidentally or otherwise, to any unauthorised third party.
Staff should note that unauthorised disclosure will usually be a disciplinary matter, and may be considered gross misconduct in some cases. Personal information should be kept in a locked filing cabinet, drawer, or safe. If it is computerised, it should be coded, encrypted or password protected both on a local hard drive and on a network drive that is regularly backed up. If a copy is kept on removable storage media, that media must itself be kept in a locked filing cabinet, drawer, or safe.
- The organisation backs up data every day and has multiple copies (at least one set for each day of the week and additional weekly ones in order to have at least a month’s worth of data at any one time). Records of these are kept.
- Backups are kept off site. Any kept on site are in special heat-proof safes: fire-proofing alone is inadequate.
- Backups are verified regularly by the software and system supplier.
- Master copies of software are stored off site or in a heat-proof safe.
- Firewalls and virus checkers are kept up to date and running, and users are trained in virus avoidance and detection.
- Computers are protected from physical harm, theft or damage, and from electrical surges using protective plugs.
- The organisation plans for how to deal with loss of electricity, external data links, server failure, and network problems. It uses paper forms where necessary for temporary record keeping.
- In the event of a data breach or other problem that is likely to result in a risk to the rights and freedoms of individuals, the people affected will be informed as soon as possible and the ICO will be notified within 72 hours.
The GDPR sets a high standard for consent and requires a positive opt-in. Neither pre-ticked boxes nor any other method of default consent are allowed. As required by the GDPR, the organisation takes a "granular" approach ie it asks for separate consent for separate items and will not use vague or blanket requests for consent. As well as keeping evidence of any consent, the organisation ensures that people can easily withdraw consent (and tells them how this can be done).
It should be noted, however, that consent is only one of the lawful bases on which data processing depends. In brief, the others include:
- Contract: if processing someone’s personal data is necessary to fulfil the organisation's contractual obligations to them (eg to provide a quote).
- Legal obligation: if processing personal data is necessary to comply with a common law or statutory obligation
- Vital interests: not one that will occur often as it refers to processing personal data to protect someone’s life (and even then, it cannot be relied on with regard to health data or other special category data if the individual is capable of giving consent
- Legitimate interests: the most flexible lawful basis for processing and one which applies when data is used in ways people would reasonably expect and which have a minimal privacy impact, or where there is a compelling justification for the processing.
Note that the GDPR provides for special protection for children’s personal data and the organisation will comply with the requirement to obtain parental or guardian consent for any data processing activity involving anyone under the age of 16.
An employee may request details of personal information which the organisation holds about him or her under the GDPR. A small fee may be payable and will be based on the administrative cost of providing the information.. If an employee would like a copy of the information held on him or her, they should write to [address]. The requested information will be provided within one month. If there is any reason for delay, that will be communicated within the four week time period. A request which is manifestly unfounded or excessive may be refused. The person concerned will ten be informed of their right to contest this decision with the supervisory authority (the ICO),
If an employee believes that any information held on him or her is incorrect or incomplete, then they should write to or email [ ] as soon as possible, at the above address. The organisation will promptly correct any information found to be incorrect.
We may collect, store and use the following kinds of personal data:
- Information about your computer and about your visits to and use of this website, such as your IP address, geographical location, browser type, referral source, length of visit and number of page views
- When someone visits www.consolewizard.co.uk use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
- Information relating to any transactions carried out between you and us on or in relation to this website, including information relating to any purchases you make of our goods or services including name, address, telephone number, email address and console information
- Information that you provide to us for the purpose of registering with us such as email address and password.
- Any other information that you choose to send to us
How we use collected information
- To improve customer service Information you provide helps us respond to your customer service requests and support needs more efficiently.
- To personalize user experience We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
- To improve our Site We may use feedback you provide to improve our products and services.
- To process payments We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
- To send periodic emails We may use the email address to send User information and updates pertaining to their order. It may also be used to respond to their inquiries, questions, and/or other requests. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, they may do so by contacting us via our Site.
How we protect your information
- To the extent that we are required to do so by law
- In connection with any legal proceedings or prospective legal proceedings
- In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)
- To the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling
When we do, we will revise the updated date at the bottom of this page and send you an email.
We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect.
Third party websites
Users may content on our Site that link other sites and services and other third parties.
We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing.
These sites and services may have their own privacy policies and customer service policies.
Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website's own terms and policies.
Your acceptance of these terms
If you do not agree to this policy, please do not use our Site.
Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
Access to personal information
Console Wizard provides customers with access to their personal information and the opportunity to amend and update their details or preferences (including consent to receive marketing communications) in order to keep the information up-to-date and accurate.
- You can see the information you have provided to us through the registration process by accessing the ‘My Account’ section of the Console Wizard website. You can also use this section to change or delete this information including any consent you have provided to receive marketing communications. To do so, click on ‘Change registration details’.
- You have the right to modify and delete all the personal information held on our web site.
- This can be carried out once you are logged into our website in the "My Account" page, within the GDPR section.
+44 (0)1204 388557
This document was last updated on 03rd January 2022