Data Protection Framework
FireText has completed applicable Privacy Impact Assessments (also known as Data Protection Impact Assessments under GDPR) for activities related to this website and it's services.
1. Customer and Citizen Data
You may decide to send us your personal information via this website if you are seeking more information, or for signing up and accessing an account for the services provided by FireText. Your decision to disclose your personal data is entirely voluntary, and by doing so, you are taking an affirmative action by providing us with specific consent to use your personal data only for the purposes for which you have disclosed it to us.
FireText may access and use your personal data only for the purposes for which you have submitted it to us to (a) provide information to you, (b) make contact with you, (c) provide services to you, or (d) maintain the operations and security of the website and services we provide to you. We will not use your personal information for any other purposes, unless we have your specific consent that permits us to do so.
Furthermore, FireText acts as a “data processor” in providing services for you to upload, store and process personal information. As a “data controller”, you are responsible for complying with the EU GDPR in relation to your own data and personal information that you possess, upload and process with the services provided by FireText. We will not use personal information obtained in the course of providing our service(s) for any other purpose and will not release it, in whole or in part, to anyone other than yourself in your capacity as the data controller, unless we are obliged to do so by law.
We will, at all times, handle and store your personal data in accordance with industry best practice aligned with ISO27001, the international standard for information security. This includes the activities and procedures undertaken by our own personnel & authorised third parties and the technical controls which we have implemented to prevent unauthorised access, compromise or theft of information from our applications, supporting computer systems and premises.
2. Sensitive Personal Data
GDPR specifies a set of personal data categories which are “sensitive”, and which require special consideration by Data Controllers. This website, and any services available from this website, do not knowingly collect or process any sensitive personal data.
3. Data Retention
We retain your personal data we process for as long as an account is active or as needed to provide the service(s). If you wish to terminate your account or request that we no longer use your data, please contact your account manager or at firstname.lastname@example.org.
Your customer data within your FireText account (for example, sent and received message history & destination) will be retained as long as an account is active, unless otherwise agreed and confirmed with your account manager.
If an account is in-active for a period of 2 years, all data, including the account itself, will be permanently obfuscated & deleted.
We will retain any data as necessary to comply with our legal obligations, maintain accurate financial and other records, resolve disputes, and enforce our agreements.
4. Children’s Personal Data
This website, and any services available from this website, are not directed to children under the age of 13. If you learn that a child under the age of 13 has provided us with their personal information without having parental consent, please contact the Company’s Data Protection Officer immediately so that we can take appropriate action.
5. Customer and Citizen Data Rights
As prescribed within data protection regulations, you have specific rights connected to the provision of your personal data to FireText using this website and the services accessed as part of FireText. These include your rights to request we:
- confirm to you what personal data we may hold about you, if any, and for what purposes
- change the consent which you have provided to us in relation to your personal data
- correct any inaccurate or incomplete personal data which we may hold about you
- provide you with a complete copy of your personal data for you to move elsewhere
- stop the processing of your personal data, whilst an objection from you is being resolved
- permanently erase all your personal data promptly, and confirm to you that this has been done (there may be reasons why we may be unable to do this)
To contact FireText, please see Section 10 below.
If FireText does not address your request, or fails to provide you with a valid reason why we have been unable to do so, you have the right to contact the Information Commissioner’s Office to make a compliant. They can be contacted via their website (www.ico.org.uk) or by telephone 0303 123 1113.
6. Where we store your personal information
As a data processor, all of your customer data uploaded to FireText is stored on ISO27001 accredited hosting services inside the European Economic Area ("EEA"), specifically the United Kingdom.
As a data controller, and by registering on the website or sending us your personal information by other means, you are indicating your consent for your personal information to be stored on our servers within the EEA. Should your personal data be processed by any of our GDPR-compliant sub-processors, in order to fulfil our services to you, that are based outside of the EEA – your data is protected under the EU-US Privacy Shield framework.
7. Website Cookies
Cookies are small text files sent by us to your computer, and from your computer or mobile device to us each time you visit our website. They are unique to you or your web browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser session. Persistent cookies last until you or your browser delete them, or until they expire.
8. External Links
This FireText website may include relevant hyperlinks to external websites not controlled by us. Whilst all reasonable care has been exercised in selecting and providing any such links, you are advised to exercise caution before clicking any external links. We cannot guarantee the ongoing suitability of external links, nor do we continually verify the safety or security of the contents which may be subsequently provided to you. You are advised, therefore, that your use of external links is at your own risk and we cannot be responsible for any damages or consequences from your use of them.
10. Contacting FireText
The Data Protection Officer
FireText Communications Ltd
17A Bell Street, Reigate, Surrey