Brighton ☏ 01273 741400              Swindon ☏ 01793 626362

Find Out More

Privacy Policy

1. Introduction

This Privacy Policy explains how CSnotepad (“we”) collect, use, and protect your personal data. We are committed to handling your information lawfully, transparently, and securely.

We will never sell your personal data to third parties. This policy should be read alongside our Data Retention Policy and Cookie Policy.

CSnotepad is a trading name of Call Solution Limited. Under the UK General Data Protection Regulation (UK GDPR), we act as a “Data Controller” when we collect personal data, and as a “Data Processor” when managing personal data on behalf of our clients.

If you have any questions, please contact the Data Protection Officer (DPO) at info@csnotepad.co.uk or by post to:

Data Protection Officer
CSnotepad
The Offices
57 Newtown Road
Brighton
BN3 7BA

2. What Data We Collect

We may collect the following personal data when you register with us, enquire about our services, or use our website:

  • Name and job title

  • Company name and address

  • Contact details including email and telephone number

  • Financial information for invoicing and payment

  • Names and phone numbers of contacts you hold

  • Information necessary to deliver services (e.g. payment preferences, preferred contact times)

  • Primary ID where applicable and photographs of you holding your identification document (“ID selfie”) for identity verification

  • Technical data such as the phone number a call originated from when delivering services

Where clients provide us with personal data to process on their behalf, we act as Data Processor.

3. How We Use Your Data

We use personal data to:

  • Provide and personalise our services;

  • Verify identity and prevent fraud;

  • Process payments;

  • Carry out internal audits and compliance checks;

  • Improve our services;

  • Send marketing or research communications (where lawful).

Lawful bases for processing:

We process personal data on the following bases:

  • Contract – where processing is necessary to provide services to you;

  • Legal obligation – to comply with statutory requirements;

  • Legitimate interests – to operate our business in ways you would reasonably expect (e.g. improving services, client communications);

  • Consent – where required, such as for direct marketing to non-customers or processing special category data.

4. How Long We Keep Your Data

We keep your personal data only as long as necessary to deliver our services and meet legal obligations, in line with our Data Retention Policy.

  • Customer email data may be retained for up to six years in accordance with our Terms and Conditions.

  • Data processed solely for marketing purposes will be kept until you opt out or until deleted in line with our policies.

  • ID selfies will be kept only as long as necessary to verify your identity and then securely deleted.

5. Special Category Data

You may choose to provide information about health conditions or disabilities so we can tailor our services to your needs. This information is considered “special category data” and requires your explicit consent for processing.

ID selfies are also treated as special category data. They will only be used for identity verification and fraud prevention, stored securely, and deleted when no longer required.

6. Sharing Your Personal Data

We only share your personal data with:

  • Service providers who support our business (e.g. IT, payment processing), under strict contractual agreements;

  • Regulators, public authorities, or law enforcement when required by law;

  • Legal advisers where necessary to establish, exercise, or defend legal claims;

  • Successors in the event of a business transfer or acquisition.

ID selfies will never be shared with third parties except where legally required.

7. How We Protect Your Data

We use appropriate technical and organisational measures to safeguard your data, including:

  • Firewalls, encryption, and secure servers;

  • Secure Sockets Layer (SSL) for data transmission;

  • Physical access controls to premises and files;

  • Authorised access only for employees who require it.

Despite these measures, please note that no method of internet transmission is completely secure.

8. Supplier Agreements

As part of our commitment to data protection and confidentiality, CSnotepad has established a Master Service Agreement (MSA) with our suppliers. This includes a Non-Disclosure Agreement (NDA) and a Data Processing Agreement (DPA).

The MSA sets out how personal data is processed and shared, ensuring compliance with the UK GDPR and the Data Protection Act 2018. It protects both CSnotepad and our clients by clearly defining the responsibilities and obligations of all parties involved in handling personal data.

For more information about the MSA and its provisions, please contact our Data Protection Officer.

9. International Transfers

We do not routinely transfer personal data outside the UK or the European Economic Area (EEA). If it ever becomes necessary to do so, we will ensure appropriate safeguards are in place, such as UK-approved standard contractual clauses, to protect your data.

10. Your Rights

Under data protection law, you have the following rights:

  • Access – to request a copy of your personal data.

  • Rectification – to correct inaccurate or incomplete data.

  • Erasure – to request deletion of your personal data where lawful.

  • Restriction – to request restriction of processing under certain circumstances.

  • Objection – to object to processing based on legitimate interests or for direct marketing.

  • Portability – to request a copy of your data in a machine-readable format.

  • Automated decision-making – to not be subject to decisions based solely on automated processing. (CSnotepad does not process data in this way.)

To exercise your rights, contact our DPO at info@csnotepad.co.uk or call 01273 741400. We will respond within one month.

11. Complaints

If you are unhappy with how we handle your personal data, please contact us first so we can address your concerns. If you remain dissatisfied, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):

Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
https://ico.org.uk/concerns/

12. Updates to This Policy

We may update this policy from time to time to reflect changes in the law or our practices. Any significant changes will be communicated directly to customers where possible, and the latest version will always be available on our website.

Find out if CSnotepad is right for your business...

Fill in your details and one of our team will get in touch for a quick chat about what you’re looking for and how we can help.

  • Friendly, UK-based support
  • Tailored to your business needs
  • Simple, flexible plans

By clicking Get in touch you hereby agree to your details being held by Call Solution Ltd (trading as CSnotepad) for the purposes of contacting you via email and/or telephone regarding the services it provides.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Name*