Policy key definitions:
“I”, “our”, “us”, or “we” refer to the business, [Business name & other trading names].
“you”, “the user” refer to the person(s) using this website.
GDPR means General Data Protection Act.
PECR means Privacy & Electronic Communications Regulation.
ICO means Information Commissioner’s Office.
Cookies mean small files stored on a users computer or device.
Processing of your personal data
Under the GDPR (General Data Protection Regulation) we process any personal information about you electronically using the following lawful bases.
We are registered with the ICO under the Data Protection Register
We are a both a Controller and Processor of data; we process data provided by third parties i.e. you, The Customer, Networks, Suppliers and other third party companies. We also decide how we manage your data, in agreement with you, The Customer, to effectively manage your account.
Lawful basis: Contract
The reason we use this basis: To effectively manage your account whilst under contract with use outlined in the terms and conditions given to you before your contract commenced.
We process your information in the following ways: Processing your order using telephone numbers, email addresses; managing your account using names, telephone numbers, email addresses, to provide a full and complete service, including checking your contract bill, completing tariff reviews based on your requirements, building quotes based on your requirements, providing other products where necessary and effectively managing your contract/s.
Data retention period: We shall continue to process your information until the last contract between us ends or is terminated under any contract terms. We will keep your information on file for a maximum of double your contract length + 1 year if you terminate your contract with Frontier (e.g. 5 years for a 2 year contract) but no longer than 6 years. This is to ensure that all information is available after you terminate your contract in case of any future queries or disputes. We may retain invoices and technology fund statements for up to 7 years.
Sharing your information: We do share your personal information with third parties for account management purposes only and they include; Vodafone, EE, O2, Microsoft, and all other relevant suppliers. We will only share your information with the suppliers that you are purchasing from and will never share any information third parties irrelevant to your contract or account with us.
Examples of data we hold on you, provided by you, The Customer:
Business Direct Debit Details
MDM information including location and device usage (if MDM is purchased)
It is your responsibility as an employer to ensure you have an agreement in place with your employees that allows us The Frontier Group to effectively manage your account, including their names or username aliases, mobile numbers and end usage.
Email marketing messages & subscription
Under the GDPR we use the legitimate interest lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal data” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any previous marketing messages for instructions on how to unsubscribe or manage your preferences, you can also email email@example.com or reply to the email address you received marketing from.
Our EMS provider is; iContact via Salesforce. We hold the following information about you within our EMS system;
Subscription time & date
Name and business
Lawful basis: Legitimate interests
The reason we use this basis: We may have purchased your data (Business name, business telephone, contact name, business email address) from a third party company that you have ‘double opted-in’ to, meaning you have given them permission to receive information from third parties such as Frontier. This will mean you are on a marketing database and can opt-out at any time using the clear ‘unsubscribe’ function. You can also be removed from all databases by emailing firstname.lastname@example.org
We process your information in the following ways: Marketing emails
Data retention period: We will only hold your data for a maximum of 12 months for marketing purposes unless you have specifically shown a reasonable interest in our products or company, or become a customer.
Sharing your information: We do not share your information with third parties. We will not transfer or share your data with any other countries except the United Kingdom.
You have the right to request information on where and how we received your data at any time, and will be provided with a full and transparent response. Please use the contact details provided in the ‘Subject Access Request’ section of the policy.
If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
Some cookies are required to enjoy and use the full functionality of this website.
Read more here
We may use Google Analytics track the effectiveness and functionality of this website.
The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.
Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal Data collected: Cookies and Usage Data.
Data security and protection
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Transparent Privacy Explanations
We have provided some further explanations about user privacy and the way we use this website to help promote a transparent and honest user privacy methodology.
To help provide you with end-to-end communications solutions, Frontier has partnered with a range of third-party software and service providers. We ensure that any third-party providers take protecting information seriously. Frontier ensure that suppliers have GDPR compliant systems and processes.
Privacy notice amendments
This privacy notice will be updated from time to time and the latest version will always be on our website. If significant changes are made which may impact you, we will also notify these changes in advance via email.
Right to object to direct marketing
You can instruct us not to process your personal information for marketing purposes by email at any time by using the unsubscribe link in a marketing email you receive or by emailing email@example.com with your request.
Right to update or correct information
Please let us know if the personal information which we hold about you needs to be corrected or updated by emailing firstname.lastname@example.org
Right to be forgotten
You have the right to ask us to delete the personal information that we have about you by emailing email@example.com
Retention of personal information
We will retain your information for the period necessary for the purposes for which the data was collected outlined above in the ‘Processing Of Your Personal Data’ section.
The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
Subject Access Requests
We handle subject access requests in accordance with the GDPR.
You have the right to request any and all information we hold on you at any time. A reasonable time frame for us to complete your request is 30 days. We will collate any information we hold on you as an individual either relating to your contract or held for marketing purposes and relay it in a form that you request e.g. spreadsheet.
You can instruct us to provide you with any personal information we hold about you by emailing your request to firstname.lastname@example.org or by writing to us at: 5 Hedley Court, Orion Business Park, North Tyneside, NE29 7ST. Our appointed in-house Data Protection Officer is Jess Lawrence.
If you have any questions about this privacy notice, or our treatment of your personal information, please contact: email@example.com or write to: The Frontier Group, Frontier House, 5 Hedley Court, Orion Business Park, North Tyneside, NE29 7ST.