Privacy Policy

OneStream Privacy Policy

Workstream is a trading style of Onestream Limited.

We ask that you read this privacy policy carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.

Who we are

We are OneStream Limited. We are a broadband provider. For more information see www.onestream.co.uk/.

We collect, use and are responsible for certain personal information about you. When we do so we are subject to the UK General Data Protection Regulation (“UK GDPR”).

Our collection and use of your personal information

We collect personal information about you when you access our website, register with us, contact us, send us feedback, purchase services from us, post material to our website and complete customer surveys or participate in competitions or surveys.

We collect this personal information from you either directly, such as when you register with us, contact us or purchase services or indirectly, such as your browsing activity while on our website (see ‘Cookies’ below).

We also collect personal information about you from other sources as follows:

  • from publicly accessible sources, e.g. Companies House or HM Land Registry;
  • directly from credit reference agencies, e.g. there are different credit reference agencies in the UK (for example Equifax and Experian). Each one might hold different information about you. If you want to find out what information they have on you, they may charge you a small fee;
  • from a third party with your consent;
  • from cookies on our website - for more information on our use of cookies, please see our cookie policy Cookie Policy.

We collect and use personal data to provide services to you. If you do not provide personal data we ask for, it may delay or prevent us from providing services to you. This information includes:

  • your name and contact information, including email address and telephone number;
  • information to check and verify your identity, e.g. your date of birth;
  • your billing information, transaction and payment card information;
  • your contact history and purchase history;
  • information to enable us to undertake credit or other financial checks on you;
  • information about how you use our website, IT, communication and other systems;
  • your responses to surveys, competitions and promotions.

We use this personal information to:

  • create and manage your account with us;
  • verify your identity;
  • provide services to you;
  • customise our website and its content to your particular preferences;
  • notify you of any changes to our website or to our services that may affect you;
  • improve our services;
  • re-marketing of any abandoned baskets.

We do not knowingly collect or use personal information relating to children.

Our legal basis for processing your personal information

When we use your personal information we are required to have a legal basis for doing so. There are various different legal bases on which we may rely, depending on what personal information we process and why.

The legal bases we may rely on include:

  • consent: where you have given us clear consent for us to process your personal information for a specific purpose
  • contract: where our use of your personal information is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
  • legal obligation: where our use of your personal information is necessary for us to comply with the law (not including contractual obligations)
  • legitimate interests: where our use of your personal information is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal information which overrides our legitimate interests)
    • Further information—the personal information we collect, when and how we use it

For further details on when we collect personal information, what we collect as well as how we use it, please read the following sections:

Providing services to you.

To perform our contract with you or to take steps at your request before entering into a contract.

Preventing and detecting fraud against you or us.

For our legitimate interests or those of a third party, i.e. to minimise fraud that could be damaging for you and/or us.

Conducting checks to identify our customers and verify their identity.

Other activities necessary to comply with professional, legal and regulatory obligations that apply to our business, e.g. rules issued by our professional regulator.

To comply with our legal and regulatory obligations.

Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies.

To comply with our legal and regulatory obligations.

Ensuring business policies are adhered to, e.g. policies covering security and internet use.

For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can deliver the best service to you.

Operational reasons, such as improving efficiency, training and quality control.

For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service to you at the best price.

Ensuring the confidentiality of commercially sensitive information.

For our legitimate interests or those of a third party, i.e. to protect trade secrets and other commercially valuable information.

To comply with our legal and regulatory obligations.

Statistical analysis to help us manage our business, e.g. in relation to our financial performance, customer base, product range or other efficiency measures.

For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service to you at the best price.

Preventing unauthorised access and modifications to systems.

For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for you and/or us.

To comply with our legal and regulatory obligations.

Updating and enhancing customer records.

To perform our contract with you or to take steps at your request before entering into a contract.

To comply with our legal and regulatory obligations.

For our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing orders and new products.

Statutory returns.

To comply with our legal and regulatory obligations.

Marketing our services and those of selected third parties to:

—existing and former customers;

—third parties who have previously expressed an interest in our services;

—third parties with whom we have had no previous dealings.

For our legitimate interests or those of a third party, i.e. to promote our business to existing and former customers.

Credit reference checks via external credit reference agencies.

For our legitimate interests or those of a third party, i.e. to ensure our customers are likely to be able to pay for our products and services.

External audits and quality checks, e.g. for ISO or Investors in People accreditation and the audit of our accounts.

For our legitimate interests or a those of a third party, i.e. to maintain our accreditations so we can demonstrate we operate at the highest standards.

To comply with our legal and regulatory obligations.

Who we share your personal information with

We routinely share personal data with:

  • companies within the BIOS and Ridown group;
  • third parties we use to help deliver our services to you, e.g. payment service providers, and delivery or installation companies;
  • other third parties we use to help us run our business, e.g. marketing agencies or website hosts;
  • third parties approved by you, e.g. social media sites you choose to link your account to or third party payment providers;
  • credit reference agencies, - we give credit reference agencies details of your accounts and bills, including how you manage them. This includes telling them about your account balances, what you pay us and if you miss a payment.

We only allow our service providers to handle your personal data if we are satisfied, they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.

We may also need to:

  • share personal data with external auditors;
  • disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations;
  • share some personal data with other parties, such as potential buyers of some or all of our business or during a restructuring—usually, information will be anonymised but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations.

If you would like more information about who we share our data with and why, please contact us (see ‘How to contact us’ below).

  • We will not share your personal data with any other third party.
  • Whether information has to be provided by you, and if so why

We require you to provide certain personal data to us (e.g. name, address, delivery address etc) to enable us to provide our services to you. We will inform you at the point of collecting information from you, whether you are required to provide the information to us.

  • Where your personal data is held
  • Personal data may be held at our offices and those of our group companies, third party agencies, service providers, representatives and agents as described above (see above: 'Who we share your personal data with').
  • How long your personal data will be kept
  • We will keep your personal data while you have an account with us or we are providing services to you. Thereafter, we will keep your personal data for as long as is necessary:
  • to respond to any questions, complaints or claims made by you or on your behalf;
  • to show that we treated you fairly;
  • to keep records required by law.
    • We will not keep your personal data for longer than necessary. Different retention periods apply for different types of personal data. For example we will keep:-
  • a summary copy of your bills for six years from the date of the bill;
  • your contact details whilst you are one of our customers, and for six years after; and
  • details relating to any dispute for six years after it was closed.
    • In other cases we will store personal information for the periods needed for the purposes for which the information was collected or for which it is to be further processed.
    • When it is no longer necessary to keep your personal data, we will delete or anonymise it.
    • Cookies and other tracking technologies

A cookie is a small text file which is placed onto your device (e.g. computer, smartphone or other electronic device) when you use our website. We use cookies on our website. These help us recognise you and your device and store some information about your preferences or past actions.

For further information on cookies, our use of ‘cookies’ and/or similar technologies, when we will request your consent before placing them and how to disable them, please see our Cookie Policy.

Marketing

We would like to send you information about services, competitions and special offers, which may be of interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by post, email, telephone, text message (SMS) or automated call.

We would also like to share your information with selective third parties so that they may send you information about their products AND/OR services, depending on what you agree with us.

We will only ask whether you would like us and other businesses to send you marketing messages when you tick the relevant boxes when you complete our online order form for the first time.

If you have previously agreed to being contacted in this way, you can unsubscribe at any time by:

—contacting us at privacy@onestream.co.uk

—using the ‘unsubscribe’ link in emails or ‘STOP’ number in texts

It may take up to 2 days for this to take place.

For more information on your rights in relation to marketing, see ‘Your rights’ below.

Your rights

Under the UK General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:

  • fair processing of information and transparency over how we use your use personal information;
  • access to your personal information and to certain other supplementary information that this Privacy Policy is already designed to address;
  • require us to correct any mistakes in your information which we hold;
  • require the erasure of personal information concerning you in certain situations;
  • receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
  • object at any time to processing of personal information concerning you for direct marketing;
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
  • object in certain other situations to our continued processing of your personal information;
  • otherwise restrict our processing of your personal information in certain circumstances.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

  • email us at privacy@onestream.co.uk ;
  • let us have enough information to identify you (e.g. account number, user name, registration details),
  • let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
  • let us know the information to which your request relates including any account or reference numbers, if you have them.
    • Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

  • How to complain
  • Please contact us if you have any query or concern about our use of your information (see below ‘How to contact us’). We hope we will be able to resolve any issues you may have.
  • You also have the right to lodge a complaint with the Information Commissioner. The Information Commissioner may be contacted at https://ico.org.uk/make-a-complaint or telephone: 0303 123 1113.
  • Changes to this website privacy policy

This privacy policy was published on 04/03/2021 and last updated on 04/03/2021.

We may change this website privacy policy from time to time, when we do we will inform you via a notice on our website.

How to contact us

Please contact us if you have any questions about this privacy notice or the information we hold about you.

If you wish to contact us, please send an email to privacy@onestream.co.uk.


Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to privacy@onestream.co.uk.