Privacy Policy

Union Street Technologies The Courtyard, 37 Sheen Road, Richmond, London TW9 1AJ,

info@unionstreet.co.uk | 020 8614 9090

Welcome to the Union Street Privacy Policy

When you use Union Street products and services you trust us with your information. We greatly appreciate the trust you place in us and take the secure management and protection of your information extremely seriously. Whilst we strive to ensure all of Union Street’s obligations to current regulations and data protection laws are met, we also endeavour to be transparent about the ways in which we manage and protect your information, privacy and security.

This Privacy Policy seeks to help you understand what data we hold and what we do with it.

 

Data Controller

As data controller we hold and collect data on all our employees. We also hold some personal customer contact information to allow us to meet our contractual obligations. We have performed Privacy Impact Assessments (PIAs) to identify our data stores and to ensure there is a lawful reason for holding such data. We have clear procedures in place to deal with all types of personal data requests in order to meet our commitments to the General Data Protection Regulations (GDPR). We do not share this data with third parties.

Users of products and services will always be informed of how any personal data will be collected and used as part of the submission process. Should a user wish to know what personal data is recorded about them, they can request this from us using the contact information at the end of this document. You can also contact us should you require your personal information to be rectified, no longer processed, or completely erased.

For submission of any enquiry related to individual rights under the GDPR please use the contact information at the end of this document. As a data controller we maintain oversight of our data and continually review our processes and procedures on how we secure data within Union Street.

 

Data Processor

Bureau Billing Services

At Union Street we offer our clients a bureau billing service in which we process billing information on their behalf and with their consent. Personal contact information for all our clients’ customers is either held within our EU cloud platforms or within their own on-premise IT network. We have access to those systems to carry out the billing process and do not use the data contained within those systems for any other purpose.

We meet recommended industry standards for processing such information and have gained Total Metering and Billing System (TMBS) certification to attest to our compliance with those standards. Through our TMBS certification there is a high focus on billing accuracy. For this we are independently audited in key areas related to the processing of billing activities.

The types of data processed primarily include telephone numbers, address details, account details, clients’ customer details and payment details, not all of which would necessarily fall into the Information Commissioner’s Office’s (ICO) definition of personal data. Our amended Standard Terms and Conditions takes account of all the requirements outlined by the ICO in relation to the GDPR.

Staff who process Personally Identifiable Information (PII) within their job roles have all signed a confidentiality agreement as well as receiving training on the GDPR and data security. We delete all customer databases that reside within our network within a week of the contract end date, unless there is a lawful or contractual reason not to do so.

We operate according to the principle of least privilege, ensuring a strict access control policy is in place. Access is restricted and allowed only to those individuals who require it as part of their “Job Role.” This ensures that any data Union Street processes is accessed only by appropriately trained staff. Our clients’ billing data is not readily available to all staff at Union Street and is always securely accessed. A clear audit trail is in place.

 

Data Security

ISO27001 – Information Security Management

We are certified against ISO/IEC 27001 and are regularly audited against this standard. Click this link to obtain a copy of Union Street’s Information Security Policy (ISP). We are unable to change this policy on individual customer request, please refer to our Supplier Exception Notice for further details.

Cloud Services

Union Street uses leading cloud infrastructure providers for hosting and storing client data. We ensure any cloud provider we use meets industry standards for data security and, in addition, our own ISO/IEC 27001 certified standards and controls for the data security.

Data Backup

Regular backups are taken for company and client data. Tests are conducted regularly to ensure reliability and ease of recovery.

Data Encryption

Sensitive data will always be encrypted in transit. Data stored within our Cloud Platforms will also be encrypted in storage.

Protection and Detection

Throughout our IT infrastructure we have a variety of anti-malware solutions. These are intended to detect and protect against unauthorised intrusion or access of data. We also operate a defence-in-depth policy with regards to data infrastructure and appliances.

Data Retention

Data is only retained for the time necessary to process it for the purpose provided. While the purpose of processing data will vary (the many different types of employee data, for instance), should you require information on retention times on any type of data, please contact us using the contact details at the end of this document.

 

Our Software

Privacy by Design

As a software development house, data privacy, security and accuracy are considered from the initial design phase. This way we ensure due consideration is given to the protection and security of data in any new products or enhancements to the products we develop.

 

How aBILLity™ Allows You to Comply with Your Customers’ Rights

The Right to Object

aBILLity allows the billing agent to cease billing processes at any time should an end user object to their data being processed.

The Right to Rectification

Where you receive a request to correct or amend billing details, you can simply change them within the relevant product screens.

The Right to Restrict Processing

aBILLity allows for all processes to be restricted at any time for a single customer or an entire bill run. This also applies to our WLR gateway and provisioning portals that are designed using our Mosaix™ software.

The Right to Data Portability

aBILLity allows the export of customer information should a data portability request be received.

The Right of Access

If a client needs to provide information that is stored on one of their customers, they can do so by accessing information from the “Site Details” section inside aBILLity.

The Right to Erasure

aBILLity allows for the complete removal of any contact information including Personally Identifiable Information held within the system.

Rights in Relation to Automated Decision Making and Profiling

aBILLity does not process data in this way.

 

Legacy Product Lines

There are some products that Union Street will be discontinuing as they do not meet the specific requirements of the GDPR. We are offering affected clients an upgrade path for these products that will ensure compliance with the GDPR. If you currently use one or more of these products and require further information or advice on this matter, please refer to your Union Street account manager.

Affected Products:

WLR3 Portal – The WLR3 Portal is superseded by our WLR3 gateway powered by Mosaix. This features an enhanced user interface that delivers a superb user experience.

WebaBILLity – The WebaBILLity portal, a telecoms billing management portal that interfaces with the aBILLity platform to provide billing information to end-user customers, has been superseded by WebaBILLity Pro. WebaBILLity Pro is a significant upgrade of WebaBILLity and features a raft of enhancements.

Some older versions of aBILLity, those prior to version 2.7.21, do not have the latest security and privacy features required to comply with GDPR. We therefore recommend an upgrade to the latest version of aBILLity. Please be aware that if you’re on a version that has some elements of bespoke functionality, you may lose that functionality by upgrading.
Please contact your account manager who can advise you on the best course of action.

 

About This Website

Types of Data Collected Through This Website

User data is collected to allow us to provide our services, as well as for analytics and contacting the user. Union Street profiles website visitors, in order to better understand the way in which our website content is viewed by visitors. It is also used to identify the types of organisations that might be interested in using our products and services.

Any use of cookies – or of other tracking tools – by this website, unless stated otherwise (see Google Analytics and Wow Analytics Cookies), serves to identify users and remember their preferences for the sole purpose of providing the service required by the user. Failure to provide certain personal data may make it impossible for this website to provide its services.

Google Analytics

A web analysis service provided by Google Inc. (“Google”). Google utilises the data collected to track and examine the use of this website, to prepare reports on its activities and share them with other Google services. Google may use the data collected to contextualise and personalise the ads of its own advertising network. Personal Data collected: Cookie and Usage data.

WOW Analytics Cookies

A tool that identifies the business or organisation that website visitors belong to, based on a reverse IP Lookup. WOW Analytics also use cookies to process this identification, and personal information about individual users is stored. Cookies used by WOW Analytics store information about your current web browsing session (pages viewed, time on site etc) and the dates and times of previous website visits. This information is used by Union Street Technologies to profile website visitors, in order to better understand the way in which our website content is viewed by visitors. It is also used to identify the types of organisations that might be interested in using our products and services.

Data Submitted on This Website

Where you submit your data for addition to a mailing list or contact purposes on this website, a privacy notice will explain how the data will be used and for what purpose. You will need to consent for your data to be used as explained in the privacy notice in order to submit it. Where you can select a link to email us your recruitment details, a privacy notice explains how the details will be used. As you are taking an affirmative action in sending us your recruitment details there is no need for further confirmation or consent. Users are responsible for any personal data of third parties obtained, published or shared through this website and confirm that they have the third party’s consent to provide the data to the owner.

Customer Information

Where a user submits data for recruitment, to contact us or to be added to a mailing list, the information that is submitted will be retained. While this may vary depending upon the submission, it will typically contain data such as first and last name, phone number and address details including postcode.

Methods of processing

In addition to Union Street Technologies Ltd, in some cases, the data may be accessible to certain types of persons in charge, involved with the operation of the site (administration, sales, marketing, legal, system administration), or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies). Those involved in operation and maintenance of this website may collect files that record interaction with this website (system logs).

 

Additional Information

If you require further details regarding the data we collect or your personal information please use the contact information at the end of this document.

 

Changes to This Privacy Policy

Union Street Technologies Ltd. reserves the right to make changes to this privacy policy at any time by giving notice to its users on this page. It is strongly recommended you check this page often, referring to the date of the last modification listed at the bottom.

Unless stated otherwise, the current privacy policy applies to all personal data Union Street Technologies Ltd. holds about its clients, its clients’ end user customers, its prospective customers and visitors to this website.

 

Contact Us

Email: info@unionstreet.co.uk

Address: Union Street Technologies, The Courtyard, 37 Sheen Road, Richmond, London TW9 1AJ

Last modification: 16 April 2018