Privacy Policy

1. Introduction

Raycon takes privacy very seriously and this policy sets out to provide a clear understanding on how we manage and use personal data in accordance to all Data Protection legislation including the Data Protection Act 1998, the General Data Protection Regulation ((EU) 2016/679) and any subsequent legislation or laws that come into effect from time to time. This Privacy Policy may be reviewed from time to time to comply and adhere to updates or changes in legislation, our business practices or advances in technology.


2. Who we Are

Raycon is a trading name of Harvest Systems Support Ltd (Company Registration No. 4657583), an IT Support Services company providing a wide range of IT products and services across the UK.


3. Use of Personal Information

Raycon will only use your personal data when the law allows us to. We may be required to collect certain personal information in order to:

  • provide you with information that you have requested or which we think may be relevant to a subject or service in which you have demonstrated an interest;
  • fulfil a contract that we have entered into with you or with the entity that you represent;
  • manage any communication between you and us;
  • be able to offer and provide a wide range of products and services.


4. What Information we Collect

The type of information we collect may include (but not be limited to):-

  • Contact information such as, your name, address, telephone numbers, email addresses and other contact information
  • Technical information required to assist, such as IP addressing.
  • Information from external sources such as credit references and identity verification agencies.


Please note that personal data will not be collected without the Consent of a data subject. Data will only be processed if there is a lawful basis for doing so.


5. Why we Collect Information

Raycon may use your information for the following purposes:

  • To answer queries
  • To provide technical support
  • To provide consultancy services
  • To review job applications
  • To maintain customer contracts and accounts
  • To notify clients of any important changes about products and services
  • To meet any legal and regulatory requirements


6. How do we Collect Information

We will collect information in the following ways:

  • Through contacting us via our website using forms
  • Through email enquiries and exchanges
  • Through telephone enquiries
  • Through recruitment agencies or job applications (if applying for Job’s)
  • When discussing or placing orders on services


7. Storage of information

Any data we hold is stored securely on our systems based in the UK. We do also use a number of Cloud Service Providers (CSPs), some of which have data centres in a number of locations globally, however we have ensured that they have the appropriate policies and procedures in place to comply with GDPR.


8. Sharing of Information

We do not purchase or sell any personal information. We do not share personal information unless lawfully required to do so or unless we have full written consent from the data subject.


9. Data Retention

We will only retain personal information for as long as necessary to fulfil the purposes it has been collected for, including for the purposes of satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Once you are no longer a customer of Raycon we will retain and securely destroy your personal information in accordance with applicable laws and regulations.


10.     Security Measures

Our Information Security Management System is certified to ISO 27001 standard which in turn shows commitment to our clients by ensuring that adequate security controls are in place to protect information and personal data from being accessed, corrupted, lost or stolen. We limit access to your personal information to employees and contractors within the business.

We do not store or transfer your personal data outside the European Economic Area, however should we do so, we will ensure our Suppliers are compliant with GDPR processes and procedures.

We currently have procedures in place to deal with any potential data breaches and will notify yourselves or regulators when we are legally required to do so.


11.     Your Rights as a Data Subject

As a data subject whose personal information we hold, you have certain rights. If you wish to exercise any of these rights, please email or use the information supplied in the Contact us section of our website. In order to process your request, we will ask you to provide two valid forms of identification for verification purposes. Your rights are as follows:


The right to be informed

We are obliged to provide clear and transparent information about any data processing activities we may undertake. This is provided by this privacy policy and any related communications we may send you.

The right of access

You may request a copy of the personal data we hold about you free of charge. Once we have verified your identity and, if relevant, the authority of any third-party requestor, we will provide access to the personal data we hold about you as well as the following information:-

  1. The purposes of the processing
  2. The categories of personal data concerned
  3. The recipients to whom the personal data has been disclosed
  4. The retention period or envisioned retention period for that personal data
  5. When personal data has been collected from a third party, the source of the personal data


If there are exceptional circumstances that mean we can refuse to provide the information, we will explain them. If requests are frivolous or vexatious, we reserve the right to refuse them. If answering requests is likely to require additional time or occasions unreasonable expense (which you may have to meet), we will inform you.

The right to rectification

When you believe we hold inaccurate or incomplete personal information about you, you may exercise your right to correct or complete this data. This may be used with the right to restrict processing to make sure that incorrect/incomplete information is not processed until it is corrected.

The right to erasure (the ‘right to be forgotten’)

Where no overriding legal basis or legitimate reason continues to exist for processing personal data, you may request that we delete the personal data. This includes personal data that may have been unlawfully processed. We will take all reasonable steps to ensure erasure.

The right to restrict processing

You may ask us to stop processing your personal data. We will still hold the data, but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies you may exercise the right to restrict processing:-

  1. The accuracy of the personal data is contested
  2. Processing of the personal data is unlawful
  3. We no longer need the personal data for processing but the personal data is required for part of a legal process
  4. The right to object has been exercised and processing is restricted pending a decision on the status of the processing


The right to data portability

You may request your set of personal data be transferred to another controller or processor, provided in a commonly used and machine-readable format. This right is only available if the original processing was on the basis of consent, the processing is by automated means and if the processing is based on the fulfilment of a contractual obligation.

The right to object

You have the right to object to our processing of your data where

  • Processing is based on legitimate interest;
  • Processing is for the purpose of direct marketing;
  • Processing is for the purposes of scientific or historic research;
  • Processing involves automated decision-making and profiling.


12.     Your Duty to Inform us of Changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.