Privacy Policy
1. ABOUT US
Fibrus is a full fibre internet service provider. We are a limited company registered in Northern Ireland under company number NI612703 and our registered office and main trading address is at Lanyon Plaza, West Tower, 8 Lanyon Place, Belfast, BT1 3LP
We are regulated in the UK by Ofcom. We are also a member of the UK Internet Service Providers Association (“ISPA”) and Ombudsman Services
Fibrus is the controller and responsible for your personal data.
Fibrus is committed to protecting and respecting your privacy. Our Privacy and Cookie Policy (“Privacy Policy”) lets you know how we collect and use your personal data and tells you about your privacy rights. When we refer to “personal data” in this Privacy Policy, we mean information which can identify you as an individual. It is important that you read this Privacy Policy so that you are fully aware of how and why we are using your data.
We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the DPO using the details set out later on in this Privacy Policy.
By (i) registering or placing an order at www.Fibrus.com (our “Website”), or (ii) placing an order for our services by calling our customer service agents (“Customer Support”) or (iii) completing a digital order form with us or (iv) giving us your details to record your registered interest in becoming our customer in the future (v) giving us your details for us to contact you in relation to our services or business development or (vi) consenting to manage (as a third party) the billing arrangements for a Fibrus customer (who has requested that you be permitted to do this) and giving your details in connection with this, you agree to the collection and use of your information under the terms of this Privacy Policy. If you do not agree to the data practices set out in this Privacy Policy, we will not be able provide you with our services.
2. INFORMATION WE COLLECT ABOUT YOU
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
Identity Data includes first name, last name, username or similar identifier, title, date of birth and gender.
Contact Data includes billing address, delivery address, email address, social media username (if given) and telephone numbers.
Financial Data includes bank account and payment card details.
Transaction Data includes details of payments made by you, any equipment we will supply, and services you have subscribed to.
Usage Data includes information about how you use our services, our network and our Website. Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website and our network.
Profile Data includes your username and password (if made available to us), orders made by you, your interests, preferences, feedback and survey responses.
Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect, use and share “Aggregated Data” (this means statistical or demographic data derived from your personal data). Aggregated Data is not considered personal data in law as this data does not directly or indirectly reveal your identity. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.
3. HOW WE COLLECT YOUR PERSONAL DATA
Identity Data, Contact Data and Financial Data You may give us your Identity, Contact and Financial Data by corresponding with us by via our Website, systems or communicating with our Customer Support online, by email, on the telephone or by post. This includes personal data you provide when you:
- fill in electronic forms or online forms on our Website
- register to use our Website
- record your registered interest in becoming our customer in the future
- give us your details for us to contact you in relation to our services
- post any material on our Website
- place an order for our services by telephone
- request any additional services or upgrades
- ask for help or advice or report a problem with our services
- request marketing communications to be sent to you
- enter a competition, promotion, or survey
- give us feedback
This also includes information you enter even when you only partially fill out an online form, and exit before completing it.
When you contact us (by phone, email or via our Website), we may keep a record of it and what you say to us.
We may also hold your Identity, Contact and Financial Data, if you have agreed for us to have this, in connection with you (as a third party) consenting to manage a Fibrus customer’s billing arrangements (at that customer’s request).
When you order services from us, we may make enquiries about you for credit reference purposes. These enquires include searching your records held by any credit reference agencies or any fraud prevention scheme. Where we receive information about you from them, we will always protect it in accordance with this Privacy Policy and keep it secure.
Transaction Data
We will collect and hold details of orders you make through our Website, by telephone or on electronic forms and details of any payments you have made, and any products/equipment supplied – e.g. routers.
Usage and Technical Data
When you use our services, we will automatically collect your Usage Data. When you (or someone using your Fibrus broadband or telephone service) use Fibrus’s network to make a telephone call or connect to the internet, we keep a record of that call (including the number called) so we can charge for it. We also receive information from other operators about calls made over our network, where we need that information for connecting and billing purposes. We will also collect information about your use of our services (such as the amount of time you spend online), which we will use to manage our network and for billing.
If someone abuses or damages the Fibrus telephone network, for example by making offensive or nuisance calls, we may keep information relating to that abuse.
If a customer abuses our internet service or any other services we provide, for example by not following any part of our Acceptable Usage Policy, we may keep any information relating to that abuse.
Profile Data
We automatically collect Technical Data about your visits to our Website (including, but not limited to, traffic data, location data, weblogs, and other communication data) and the websites and other products and services you access through it. We collect this personal data by using cookies, server logs and other similar technologies. Please see the Cookie Policy section below for more information about how we use cookies and how to change your browser settings to refuse some or all cookies.
We will also collect information on which devices have accessed your Home Hub router (e.g. type of device, brand, model, operating system, and browser) in order to monitor and better understand how our services are used.
We may collect information about your computer, including your IP address, operating system, and browser type, to help keep our network running smoothly. Unless this information is needed for a service enquiry specific to your service, this is used as aggregated statistical information about our users’ browsing actions and patterns, and does not identify any individual.
We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them. We may ask you questions, from time to time, about how you use the services we provide, other services you would like us to provide in the future and about other things, such as information about your lifestyle.
Marketing and Communications Data
We will keep a record of whether you have opted out of receiving marketing from us. We will also keep a record of your communication preferences.
4. HOW WE USE YOUR PERSONAL DATA
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform a contract, we are about to enter into or have entered into with you
- Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests
- Where we need to comply with a legal or regulatory obligation
Performance of Contract means using your data as necessary for us to provide a quote to you or fulfil a contract to provide our services to you.
Legitimate Interest means using your data as necessary for the commercial interests of our business, allowing us to conduct and manage our business to give you the best possible service and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests.
Comply with a legal or regulatory obligation means using your personal data to the extent necessary for us to comply with a legal or regulatory obligation that we are subject to.
Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
We have set out below a description of the ways we use your personal data. Note that we may use your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data.
Purpose/Activity | Type of data | Lawful ground for processing |
---|---|---|
To register you as a new customer | (a) Identify
(b) Contact (c) Usage |
Perform our contract with you |
To process your order and provide our services including:(a) Making the services available to you and performing any necessary installation work
(b) Managing payments and charges (c) Providing billing information to you (d) Collecting and recovering money owed to us |
(a) Identity(b) Contact
(c) Financial (d) Transaction (e) Usage (f) Marketing and Communications |
(a) Perform our contract with you(b) Necessary for our legitimate interests (to recover debts due to us) |
To monitor your usage of our services and maintain records of your usage (including provide billing information to you) | (a) Identity(b) Contact
(c) Usage (d) Technical |
(a) Perform our contract with you(b) Necessary to comply with our legal obligations
(c) Necessary for our legitimate interests (to understand how customers use our service, maintain, and develop our service provision and protection of the network and service) |
To monitor and record our communications with you | (a) Identity(b) Contact
(c) Usage (d) Technical |
(a) Perform our contract with you(b) Necessary for our legitimate interests (for training and quality purposes) |
To manage our ongoing relationship with you which will include:(a) Maintaining your account
(b) Responding to any questions (c) Notifying you about changes to our services (d) Notifying you about changes to our terms or privacy policy (e) Asking you to leave a review or complete a feedback survey |
(a) Identity(b) Contact
(c) Profile (d) Marketing and Communications |
(a) Perform our contract with you(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests (to keep our records updated, maintain, and develop our service provision and to understand how customers use our services) |
To administer and protect our business, network, and Website (including troubleshooting, data | (a) Identity(b) Contact | (a) Necessary for our legitimate interests (for running our business, provision of |
To deliver relevant Website content and advertisements in the most effective manner to you and measure or understand the effectiveness of the advertising we serve to you | (a) Identity(b) Contact
(c) Profile (d) Usage (e) Marketing and Communications (f) Technical |
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) |
To use data analytics to improve our Website, services, marketing, customer relationships and experiences | (a) Technical(b) Usage | Necessary for our legitimate interests (to define types of customers for our services, to keep our Website updated and relevant, to develop our business and to inform our marketing strategy) |
To enable you to manage (as a third party) the billing arrangements of a Fibrus customer who has requested that you be permitted to do this. | (a) Identity(b) Contact
(c) Financial |
(a) To perform our contract with the customer on whose behalf you are acting(b) May be necessary to comply with our regulatory obligations to allow a third party to manage the billing arrangements for a customer with special accessibility requirements |
To get our install partners to contact you to arrange your installation | (a) Name(b) Email address and phone number | (a) &(b) Perform our contract with you |
To request a voucher from the Government Department for Digital, Media, Culture and Sport | (a) Name(b) Email address and phone number | a) (a) &(b) Necessary for our legitimate interests (To be able to offer free installation to you with the help of government funding) |
Marketing Communications
If you are a customer, we may also use your Identity, Contact, Technical, Usage, Profile and Marketing and Communications Data to form a view on what services and offers may be relevant for you and to send you recommendations about services that we think may be of interest or to invite you to participate in prize draws or competitions (“marketing communications”).
If you have given us your details to record your registered interest in becoming our customer in the future or for us to contact you in relation to our services or business development (including to receive our newsletter), we may use your Identity Data to keep you up to date about our services and coverage.
You will only receive marketing communications from us if you have registered an interest in receiving our services (whether current services or in the future when your building or location is connected to our network), requested information from us in relation to our services or purchased services from us and, in each case, you have not opted out of receiving that marketing.
You can ask us to stop sending you marketing communications at any time by contacting us by telephone on 02890 993230 or send us and email to [email protected]
If you opt out of receiving marketing communications, we will still send you service-related communications, as necessary.
Change of Purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
5. DISCLOSURES OF YOUR PERSONAL DATA
We may sometimes need to share your personal data with the types of third party listed below:
- Our partner organisations and subcontractors who provide some of the services on our behalf
- Credit reference agencies (to carry out credit checks) and debt recovery agencies (if you do not pay your bills)
- Analytics and search engine providers that assist us in the improvement and optimisation of our Website
- IT and system administration services service providers
- Professional advisers including lawyers, auditors, and insurers
- Third parties to whom we may choose to sell, transfer or merge parts of our business with
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
If, as a Fibrus customer, you have requested and/or consented to a third party managing your Fibrus billing arrangements, you agree that this may involve that third party (i) having online access to your Fibrus account details (through Fibrus’s website) insofar as they relate to your bills and/or (ii) being given details of your billing arrangements when calling Customer Support or writing to us in connection with managing these arrangements and/or (iii) arranging for any of your bills to be paid. You have informed us which of these options you have chosen and given your consent accordingly. We accept no responsibility in relation to you choosing that third party to manage your billing arrangements or in relation to their use or misuse of such of your personal information to which they have access under these arrangements.
We may also disclose your personal data to a third party if we are under a duty to do so in order to comply with a legal obligation or in order to enforce or apply our terms of use. This includes exchanging information with other companies and organisations for the purposes of law enforcement, fraud protection and credit risk reduction.
6. INTERNATIONAL TRANSFERS
We might share your personal data within Fibrus’s organisation which involves transferring your data outside the European Economic Area (EEA). We ensure your personal data is protected by requiring all our divisions to follow the same rules when processing your personal data to ensure its security. These rules are called “binding corporate rules”.
In addition, some of our third-party suppliers are based outside the EEA so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- The third-party country has been deemed to provide an adequate level of protection for personal data by the European Commission;
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe
- The service provider has provided adequate safeguards to ensure that individuals rights are enforceable and legal remedies are available
7. DATA SECURITY
We have in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We also have in place procedures to deal with any suspected personal data breach and will notify you and the ICO (the UK supervisory authority) of a breach where we are legally required to do so.
All information you provide to us is stored on our secure servers. Any payment information will be stored securely. Where we have given you (or you have chosen) a customer ID, password(s), or logins to allow you to can access certain parts of our Website, you are responsible for keeping these confidential. You are responsible for how our services are used from your account and for keeping your account information secret. Please keep this information safe, and do not share it with others.
Unfortunately, sending information using the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of the data you send to our Website; you take the risk for this. Once we have received your information, we will try our best to keep it secure. This includes using strict procedures and security features to try to prevent unauthorised access.
Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and others associated with us. If you follow a link to any of these websites, please note that these websites have their own privacy and cookie policies. Fibrus accepts no responsibility or liability for these policies. Please check these policies before you send any personal data to these websites.
8. DATA RETENTION
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for at least 7 years after they cease being customers for tax purposes.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
9. YOUR LEGAL RIGHTS
You have various rights in relation to your personal data – these are set out in detail below. If you wish to exercise any of these rights, please email us: [email protected]
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete your personal data when we no longer need it. You may also ask us to delete your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with a legal obligation. However, we may not be able to comply with your request of erasure, for example, if we are required to retain your personal data for legal reasons. We will let you know if this is the case.
Object to processing of your personal data where we are processing your personal data for direct marketing purposes. You also have the right to object where we are relying on a legitimate interest, but you feel the processing impacts on your fundamental rights and freedoms.
Request restriction of processing of your personal data. You may ask us to suspend the processing of your personal data in the following scenarios: (a) if you do not think the data we hold is accurate, whilst we verify its accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where we no longer need to process it but you require us to store it in relation to a legal claim; or (d) if you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We will if feasible practically provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to information which we process by automated means and use to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your personal data (for example, for marketing purposes). However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
You will not have to pay a fee to access your personal data or to exercise any of your other rights. However, if we feel that your request is unfounded, repetitive, or excessive, we may charge a reasonable fee, or we may let you know that we are refusing to comply with your request. If we refuse your request, we will explain why, and you will be entitled to raise the issue with the ICO.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data or to exercise any of your other rights. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We will respond to all legitimate requests within 30 days of receipt and, if possible, achieve a satisfactory resolution within that time period. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
10. CHANGES TO THIS PRIVACY POLICY
Any changes we may make to this Privacy Policy in the future will be posted on this page. You should check this page from time to time for any changes we made. We may also email you about these changes if you are a customer of Fibrus.
11. CONTACT
If you have any questions, comments, and requests regarding this Privacy Policy, including any requests to exercise any of your legal rights under it, please contact us using the details set out below.
Post: The Data Protection Officer, Fibrus Networks Ltd, Lanyon Plaza, West Tower, 8 Lanyon Place, Belfast, BT1 3LP
If you have any complaint about how we are using your personal data or otherwise in relation to this Privacy Policy, please contact us in the first instance and will we do our best to resolve it. If we do not resolve it to your satisfaction, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
COOKIE POLICY
Our Website uses cookies – these are small files of letters and numbers which we store on your browser or the device you use to access our Website. Some of the cookies we use are essential (our Website will not work without them) and others make our Website work more efficiently and help us to recognise you when you return to our Website.
1. HOW WE USE COOKIES
We use these types of cookies:
Essential cookies: These are cookies that are required for the operation of our Website. They include, for example, cookies that enable you to log into secure areas of our Website.
Functionality cookies: These are cookies we use to recognise you when you return to our Website. They enable us to personalise our content for you and save your preferences in a cookie on your device (for example, your choice of language or region or, if you select the ‘Remember me on this computer’ box, your username and password). This means that the next time you log on to our Website using that device you will not need to re-enter those details. We suggest you do not select the ‘Remember me’ box if you use a shared device or publicly available computer. The cookie file itself will not store your personal information.
Analytics cookies: These allow us to recognise and count the number of visitors and to see how visitors move around our Website when they are using it. This helps us to improve the way our Website works, for example, by ensuring that users are finding what they are looking for easily. We use Google Analytics and Hotjar to track use of our Website and our users’ needs. All information collected for these purposes and shared with our analytics providers is anonymous or collected in such a way that users cannot be identified from this data. This information allows us to improve our Website and our services, for example, to measure the effectiveness or success of our advertising campaigns and products. For more information about Google Analytics, please see their privacy policy at: www.google.com/policies/privacy .
Affiliate and advertising cookies: We use cookies to place adverts about Fibrus products on other websites and manage referrals from those websites to our Website. If you follow a link from another website then purchase our services, we may use cookies to tell the other website that you have made a purchase. Or if you click on a link to an advert, video, or social media channel on our Website, we may use cookies to gather statistics about this.
Except for essential cookies, all cookies will expire after 12 months.
2. HOW TO BLOCK COOKIES
You can block cookies by activating the setting on your browser which allows you to refuse the setting of all or some cookies. If you want to stop cookies being stored on your computer in future, you should check your browser manufacturer’s instructions by clicking “Help” in your browser menu. However, if you block all cookies (including essential cookies) you may not be able to access all or certain parts of our Website. Unless you have set your browser to refuse cookies, our system will issue cookies as soon you visit our Website.
If you want to delete any cookies that are already on your computer, you should check the instructions for your file management software to locate the file or directory that stores cookies.
You can learn about and opt out of a number of commercial third-party cookies (including some used by us) at www.optout.networkadvertising.org. Some of the opt-outs used by our commercial service providers require a cookie to be placed on your computer. This “opt-out” cookie is only used to tell the relevant cookie servers not to send you any more cookies. If you keep deleting cookies (including “opt-out” cookies) from your temporary internet files, you might need to repeat the opt-out process, the next time you visit our Website.
For more information about deleting and controlling cookies visit www.youronlinechoices.com or www.aboutcookies.org.
Date
This Policy is effective from 1st of May 2020