Privacy Statement and Disclaimer

Effective Date: January 1, 2025
Last Updated: December 23, 2024

 

For transparency purposes, this is our privacy statement and disclaimer.

The CCS Group (“we,” “our,” “us”) is committed to protecting your personal information in accordance with applicable data protection laws, including Bermuda’s Personal Information Protection Act 2016 (PIPA), the General Data Protection Regulation (GDPR), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), The Freedom of Information and Protection of Privacy Act (FOIPOP)  in Nova Scotia  and the UK Data Protection Act 2018 (DPA).

We may have other notices which may apply to you depending on how you choose to interact with us.

You can find any of our notices here.

 

1. Who we are

CCS Group Limited is a Bermuda based full-service information technology company that provides local and international customers with advanced communications solutions and consulting services. CCS’s highly skilled ICT professionals, plan, design, build, implement and optimize leading edge technology solutions that deliver real value to its clients and their business.

CCS has been providing services to Bermuda, the Caribbean, North America and Europe for over 40 years. CCS is known for its attention to detail, its professional design, implementation, and support services. CCS is also known for its ability to consistently deliver large projects on time, and on budget. Today CCS represents a complete portfolio of communications technology products and services.

 

2. What Personal Information we collect

While we endeavour to limit the amount of personal information that we may collect to the necessary information relevant for the services we may offer to you. The following types of information may be collected by operation:

For Marketing purposes:

  • Full Name(s)
  • Photos
  • Videos
  • Email address(es)
  • Place of work
  • Job title
  • Job address

From our website and/or Apps

  • URL address(es)
  • Cookies/Preferences
  • IP Address(es)
  • browser type
  • device identifiers
  • log-in data

For Sales and Solicitation purposes

  • Full Name(s)
  • Email address(es)
  • Place of work
  • Job title
  • Job address
  • Telephone number(s)
  • Banking details

Financial

  • Name(s)
  • Photo(s)
  • Email address
  • Telephone number(s)
  • Banking payment details
  • Credit card payment details

Other Information

  • Any information you provide to us with your consent, through correspondence, surveys, or forms, etc.

 

3. How we collect Personal Information

We mainly collect your personal information in the following ways:

  • Directly from you when you sign up for our services, contact us or complete a form. This may be through our sales representatives, website forms, service requests, emails, telephone calls, meetings and mobile device.
  • From third parties, such as business partners, public databases such as Google and Microsoft Internet Explorer and through LinkedIn.
  • When you visit our offices
  • When we install or provide our products and service within your physical office location or your physical premise.

For a full list of third parties, business partners, vendors please see section 5. How we share your personal information.

 

4. How we use your Personal Information

We mainly process your personal information for the following purposes and reasons:

  • To provide and manage our products and services and to understand how you use our services.
  • To communicate with you, including sending service updates, completing service requests and/or marketing communications (where permitted with consent) and marketing analysis including trends in product offerings.
  • To comply with legal and/or regulatory obligations, which may be amended from time to time requiring us to change terms and conditions including how we use, protect and retain your information.
  • To improve our services and enhance user and customer experiences, through feedback loops and surveys.
  • To prevent fraud, breaches and ensure security of information and data through data analytics, audit, testing and monitoring.

 

5. How we share your Personal Information

We may share your personal information with the following third parties that the CCS Group Limited have determined as material third parties. This table may be amended periodically and will be posted on our website with the updated effective date.

Where a change, acquisition, removal or addition to any of our third parties is made which may change how, who or where we may share your information, we will provide notification through our website and contractually through our terms and conditions, where necessary and relevant.

Where necessary, we will obtain your consent prior to the change or new use of your personal information. We ensure all third parties with whom we share data and information adhere to data protection laws and implement adequate safeguards.

We contractually ensure through our terms and conditions with our third parties that there is:

  • a legal basis for joint processing;
  • a clause to honour your legal rights in respect of your data and personal information;
  • a process of security of joint processing;
  • a method to review compliance with these terms and conditions.

 

Current Third Parties and Business Partners

Third Party Data Transferred Method Method of Protection
Finance

Information Technology

Marketing

 Northview Consulting Ltd Nova Scotia, Canada – Email address, name, phone number Microsoft email, telephone, core systems Email encryption
Facilities Management Trina Investment Limited Bermuda – Email address Email, phone Swipe cards
Warehouse Management East End Group  Bermuda – Email address, name, address, phone number Email Security camera, swipe card
Storage Island Self Storage Bermuda – Physical documents Physical delivery Lock, key & swipe card
Insurance CFC  Underwriting Limited London, UK: Aggregate data Email Encryption
Cybersecurity Arctic Wolf  USA – Email address, address, name Email & digital transfer Encryption, MFA
Operations Microsoft Email address, address, name, phone number Email & digital transfer Encryption, MFA, single sign-on
CRM SalesForce Email address, address, name, phone number Email & digital transfer Encryption, MFA, single sign-on
Privacy Tool Netwrix Email address, address, name, phone number Digital transfer/cloud Encryption, MFA
Vendor Cisco Email address, address, name, phone number Digital transfer/cloud Encryption, MFA
Marketing LinkedIn Email address, name, phone number Digital transfer/cloud LinkedIn Privacy Policy
Marketing MailChimp USA: Email address Digital transfer/cloud Global Privacy Statement | Intuit

 

6. International Data Transfers

If your personal information is transferred outside of Bermuda to either the UK, the USA, Canada or the European Economic Area (EEA), we will ensure adequate safeguards are in place, such as standard contractual clauses and/or other approved mechanisms.

Our current geographic regions where information may be transferred include:

  • Canada
  • United Kingdom
  • United States of America
  • European Economic Area (EEA)
  • Mexico

Any changes or updates to this list will be provided by notification through our website.

 

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal and regulatory obligations and in line with our internal Data Retention Policy. If you would like further information in relation to how long we may keep information, including personal information, please contact our privacy officer at privacy@ccs.bm

 

8. Know your rights

Under global data privacy and protection laws you have the following rights:

  • Access: You can request access to your personal information.
  • Correction: You can request corrections to inaccurate or incomplete data.
  • Deletion/Erasure: You can request deletion of your personal information under certain conditions, where we do not have any legal or regulatory obligation to continue to hold the information.
  • Objection: You may elect to object to processing your information based on legitimate reasons[1].
  • Portability: You may request transfer of your data to another entity in a structured, machine-readable format.
  • Withdraw Consent: You may withdraw consent at any time, for processing based on original consent.
  • Lodge Complaints: You may file a complaint with a supervisory authority if you believe your rights are being violated.

 

How to submit a request:

You may submit a request from the categories above and in relation to your personal information by emailing privacy@ccs.bm. You will have to complete our verification of identity process, and we have to verify the request for authenticity in order to prevent fraud or a fraudulent request. This is to protect you, your information, us and our customers.

Once your identity is verified, you can complete and submit the Data Subject Request Form. Once the form has been received by us, between the hours of Monday – Friday 9:00am AST to 5:00pm AST, we will provide you with a confirmation of receipt and an assigned ticket number within 24 to 48 hours.

We will complete the request in line with the Bermuda PIPA Act 2016 requirement of 45 business days.

 

9. Cookies and Tracking Technologies

We do not use cookies and/or similar technologies to capture any information on our website. Please note this is subject to change at any time. We endeavor to notify and receive your consent prior to and if there are changes.

Currently all cookies and data analytics tools on our website are disabled, except for standard use of Google website search engine services of Google ReCaptcha, that may appear if you are using our website through Google or Google Chrome. Google ReCaptcha may or may not appear if you are using Microsoft Internet Explorer, Safari, Firefox or another website search engine to access our website page. The responsibility remains with you and how you choose to access our website, however from the https://www.ccs.bm/ website hosting end there are no tracking tools activated.

For more information on Google Recaptcha please see Google Privacy Policy  and Terms of Use .

 

10. Security and Protection of your Personal Information

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, use, transfer, loss, alteration, or misuse.

We also require our material third parties, vendors, suppliers and business partners to meet our standards and to ensure they are at minimum in line with our internal Privacy and Data Protection Policy.

We may use your information to help protect you, our customers, our third parties and ourselves against fraud, cyber crime and to generally protect information.

 

11. Changes to this Privacy Statement

We may update this Privacy Statement and Disclaimer periodically. Any changes will be posted on our website with the updated effective date.

[1] Legitimate reasons may only include reasons that are outside obligations to hold information and will not impact our operations, risks, liabilities, products and/or services and where there are no legal and/or regulatory requirement to use or retain information.