Privacy Policy


Here at Flex IT Ltd we are committed to protecting your privacy and keeping your personal
data secure. This notice is provided for you to understand what personal data we collect,
how we collect it and why we need it to run our business.

Who we are

Flex IT Ltd is an IT managed service provider based in Woodstock, Oxfordshire. We provide IT services to a large client base in the UK and internationally. We are committed to maintaining the trust and confidence of our clients, customers, suppliers, and visitors to our website. Flex IT Ltd is the ‘Data Controller’ for any data you provide to us, and we process it in accordance with all applicable Data Protection law including the Data Protection Act (UK) 2018 and the General Data Protection Regulations (2018). If you have any questions regarding this notice or our handling of your data, our contact details can be found at the end of this notice.

Ways we collect your data may include times when:

  • You request a proposal from us in respect of the services we provide.
  • You OR your employer OR our customer engages us to provide our services and during the provision of those services.
  • As part of a contract with our customer we may be allowed incidental access to personal data processed by that customer but only as necessary to install, configure or diagnose software or hardware issues. Our staff are trained not to record, transfer, or otherwise share such information.
  • You contact us by email, telephone, post, or social media (for example when you have a query about our services).
  • We obtain information from third parties and/or publicly available resources (for example, from your employer or from Companies House); or
  • You engage with our website; Please see our cookie policy below for further details.

Types of data we collect

Website Cookies

Certain types of cookie contain personal information – for example, if you click to “remember me” when logging in, a cookie will store your username. Most cookies will not collect information that identifies you and will instead collect more general information such as how users arrive at and use our website, or a user’s general location.

What sort of cookies do we use?

Generally, our cookies perform up to three different functions:

  • Performance cookies – We utilise these types of cookies to analyse how our visitors use our website and to monitor website performance. This allows us to provide a high-quality experience by customising our offering and quickly identifying and fixing any issues that may arise. For example, we might use performance cookies to keep track of which pages are most popular, which method of linking between pages is most effective, and to determine why some pages are receiving error messages
  • Functionality cookies – We use functionality cookies to allow us to remember your preferences and to enable the delivery of specific services
  • Essential cookies – some cookies are essential for the operation of our website

Does anyone else use cookies on our website?

We do not allow advertisers to place cookies via this website.

We also use Google Analytics to help us monitor our website traffic and improve its performance over time so that we can improve the services it provides and its relevance for visitors.

How to block or delete cookies?

As we have explained above, cookies help you to get the most out of our website. When you enter the website, a prompt may appear to solicit your consent to the different types of cookies.

If you choose to delete cookies from your computer, follow the information provided by your browser which is usually located within the ‘Help’, ‘Tools’ or ‘Edit’ facility. Alternatively, you can follow the instructions at . Please remember that if you do choose to disable cookies, you may find that certain sections of our website do not work properly.

Customer Data

To fulfil our contractual obligation to our customers, it is necessary for Flex IT Ltd to collect specific personal data about our customers. The data that we collect includes:

  • Your personal contact details (such as your name, address, email address, phone number)
  • Bank account details
  • Details of contact we have had with you in relation to the provision, or the proposed provision, of our services
  • Our correspondence and communications with you
  • Information about any complaints and enquiries you make to us
  • Information we receive from other sources, such as publicly available information, information provided by your employer OR our clients or from our member network firms which may include financial and credit check information.

Lawful reasons for processing your personal data

We process your personal data for the following lawful reasons:

a. For the performance of our contract with you OR your employer OR our clients and to comply with our legal obligations. This may include processing your personal data where you are an employee, subcontractor, supplier, or customer of our client.

b. For our legitimate interests provided that those interests do not override any of your own interests, rights and freedoms which require the protection of personal data. This includes processing for marketing, business development, statistical and management purposes.

Please note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data.

Data sharing

We will share your personal data with third parties:

  • Where it is necessary to administer the relationship between us, for example with invoice and accounting agents.
  • Where we have another legitimate interest in doing so in connection with the services we are providing to you.
  • We will never sell to, or share your information with, third parties to use for their own sales and marketing purposes.

Third-party service providers

“Third parties” includes third-party service providers. We use the third-party service providers such as IT and cloud services and accounting services.

All our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions.

Transferring personal data outside the European Economic Area (EEA)

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection by ensuring at least one of the following safeguards is implemented:

  • we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

Mailing Lists

As of the date of this notice, we do not collect your data for use on mailing lists for marketing purposes. However, we may periodically use the contact information you provide to update you with essential service information.

Data security

We apply appropriate security measures, including Cyber Essentials, to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Rights of access, correction, erasure, and restriction

Your duty to inform us of changes

It is important that the personal data we hold about you is accurate and current. Should your personal information change, please notify us of any changes of which we need to be made aware by contacting us, using the contact details below.

Your rights in connection with personal data

Under certain circumstances, by law you have the right to request access to the personal data we hold, and we are obliged to keep it accurate as far as it is within our control to do so. You have other rights to object to or restrict our processing and request its transfer to another party under certain circumstances.

If you wish to exercise these rights please contact: [email protected]

You will not have to pay a fee to access your personal data or to exercise any of the other rights. However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is an appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Changes to this Privacy Notice

Any changes we may make to our privacy notice in the future will be updated on this page. This privacy notice was last updated on 27th November 2020

Contact us

If you have any questions regarding this notice please email [email protected]