This Privacy Policy explains how Cure IT ESSEX LTD (“we”, “our”, “us”) collects, uses, and protects your personal information in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Cure IT ESSEX LTD is a UK-based company providing IT repair, maintenance, and technical support services. We are the data controller for the personal data collected through this website and our service operations.
2. Information We Collect
We may collect and process the following types of information:
• Personal details (name, email address, phone number)
• Billing and delivery information
• Device and service details (for repairs and diagnostics)
• Payment and transaction data (processed securely via trusted payment providers)
• Technical data such as IP address, browser type, and site usage for analytics purposes
3. How We Use Your Information
We use your data to:
• Provide, manage, and deliver our services
• Communicate with you about your order, repair, or service request
• Improve our website, products, and customer experience
• Process payments and manage refunds
• Fulfil our legal and regulatory obligations
4. Legal Basis for Processing
We process your data under one or more of the following lawful bases as defined by UK GDPR:
• Contract — to fulfil our obligations under a service or sales agreement with you.
• Consent — when you have given us permission (e.g. for marketing or newsletters).
• Legal obligation — where we are required to keep records or share data by law.
• Legitimate interest — for fraud prevention, service improvement, and internal analysis.
5. Data Storage & Security
Your personal data is stored securely on servers located in the UK or the European Economic Area (EEA). We apply strict technical and organizational measures to prevent unauthorized access, alteration, or disclosure of your data.
We use encrypted communications (SSL/TLS), firewalls, access controls, and secure authentication for all systems. Only authorized staff with confidentiality obligations can access personal data.
6. Data Retention
We retain your information only as long as necessary to fulfil the purposes described in this policy or as required by law. For example, tax and accounting data may be stored for up to six years as required by HMRC regulations.
7. Sharing Your Data
We do not sell or rent personal information to third parties. We may share data only with:
• Service providers and subcontractors (e.g. couriers, payment processors) strictly for operational purposes
• Legal or regulatory authorities when required by law
• IT and cloud hosting partners who meet UK GDPR compliance standards
8. International Data Transfers
In limited cases, we may transfer data outside the UK or EEA, but only where adequate safeguards are in place (e.g. Standard Contractual Clauses or UK adequacy decisions).
9. Your Rights
Under UK GDPR, you have the following rights:
• Right to access — request a copy of the data we hold about you
• Right to rectification — correct inaccurate or incomplete data
• Right to erasure — request deletion of your personal data where legally permitted
• Right to restrict or object to processing
• Right to data portability — receive your data in a structured format
• Right to withdraw consent — at any time for marketing or optional data uses
10. Cookies & Website Analytics
Our website uses cookies and analytics tools to enhance functionality and analyze traffic. Cookies help remember your preferences and improve your experience. You can manage or disable cookies in your browser settings at any time. For more details, see our Cookie Policy.
11. Marketing Communications
We may send promotional or service-related messages if you have opted in to receive them. You can unsubscribe at any time by clicking the “unsubscribe” link in our emails or contacting us directly.
12. Third-Party Links
Our website may contain links to third-party sites. We are not responsible for their privacy practices or content. Please review their privacy policies before providing personal information.
13. Data Breach Notification
In the unlikely event of a data breach that poses a risk to your rights or freedoms, we will notify you and the UK Information Commissioner’s Office (ICO) in accordance with legal requirements.
14. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in law or our data processing practices. The latest version will always be published on this page with an updated revision date.
15. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
Cure IT ESSEX LTD
Email: privacy@cureit.co.uk
Address: Unit 27, 1st Floor, Stort Mill Ind. Est. Riverway, Harlow-Essex CM20 2SN
You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) via www.ico.org.uk.
