For the purpose of this policy the term ‘Live Register’ refers to Live Register Ltd and Cyclone Industries Ltd.
Remote Access Policy
Live Register will only obtain remote access to customer’s systems through a channel which has been agreed with them in advance. We currently use TeamViewer and LogMeIn Rescue. Live Register will use alternative methods if the customer has given instructions and credentials and only for the purpose of providing support.
Live Register will close a session when it is no longer required for the purpose of providing support and request a subsequent session if needed for further work.
At no time shall Live Register download or otherwise extract Personal Information from a customer’s system without the prior written consent of the customer. Live Register shall use its best efforts to ensure that downloading Personal Information from customer’s systems is not necessary.
When requesting access Live Register shall make clear the reason it is required (which is typically to resolve an issue reported to the helpdesk).
Live Register shall not invite a third party to use a remote access session without first obtaining consent of the customer.
Data Protection Policy
Live Register shall make every effort to ensure that the software and services it provides shall be in accordance with the requirements of UK legislation. Specifically it shall not take action which breaches the EU General Data Protection Regulation and shall assist customer’s with their compliance as Data Controllers and Data Processors.
If a device is returned for repair which is found to contain personal information then Live Register shall keep the device secure to the same extent it would with its own devices. If the device is not to be returned directly to the customer it shall remove all personal information.
If a breach is found to have occurred as a result of Live Register’s actions it shall notify the customer’s Data Protection Officer in writing within 24 hours of discovering the breach.
Live Register shall keep personal information of contacts for the purpose of providing support to meet its obligations under maintenance contracts with customers. It shall delete personal contact information when it is notified that a contact is no longer associated with a customer. It shall keep this information secure and not provide to a third party.
Live Register is neither a Data Controller nor Data Processor as defined by GDPR in the supply of software and services collectively known as Live Register Suite. This includes attendance, cashless catering, access control, visitor management, password reset and secure printing.
Live Register shall ensure that all its staff are aware of this policy.
If you have a query regarding this policy you can contact us by email at firstname.lastname@example.org
Nothing in this policy shall prevent Live Register from taking action to meet statutory obligations or to comply with the Law.
Effective: 27th February 2018