Supplier Privacy Notice

Switch2 are committed to implementing all suitable and sufficient controls to ensure the privacy of our suppliers’ data. Switch2 undertake all our business operations in strict compliance with data protection legislation, most notably the UK GDPR.

This privacy notice provides our suppliers with information on our how we collect, handle and use your personal data, as well as the relevant justifications under which we perform these tasks. This privacy notice relates only to personal data of an individual and not the organisation itself in accordance with the principles of UK GDPR.

1. How do we get your information

In the majority of cases, personal data belonging to our suppliers is provided to us directly by the individual, or a colleague of the individual within the organisation, typically for the following reasons:

  • To enable our onboarding process of new suppliers and ensure that all required verification checks are made
  • To facilitate financial transactions between the organisations
  • To allow for communication and consultation relating to the service provision

2. Type of data we process

The type or category of personal data belonging to our suppliers that we process will normally include:

  • Name
  • Company address
  • Contact details including phone number and email address
  • Bank details

3. How we use your data

Your personal data will be used in one of the following ways:

  • To complete our internal onboarding process
  • To enable us to administer payments to your company
  • To handle any enquiries or concerns relating to an existing service agreement
  • To enquire about future service provision
  • To perform any investigations where required

4. Is your data shared

We will only share your personal data where we are required to by law or by an enforcing authority where we are obligated to do so.

5. How is your data protected

Access to your data will be restricted only to people at Swicth2 that have valid reasons for handling this. This will typically include;

  • The Switch2 employee you initially engage with and anyone on their team that will be involved in the business relationship
  • Switch2 employees involved in the onboarding and approval process
  • Switch2 employees in our accounts team that administer payments

Switch2 have suitable and robust cyber security measures in place to ensure your data is protected once it is stored on our systems.

6. Data Retention Period

We will keep your personal data for as long as we have a business relationship with you. When deciding how long to keep your personal information after our relationship with you has ended, we will keep your information for a period of time that takes account of our legal, professional and regulatory obligations as well as any investigations that may arise.

7. Legal Justification

Switch2 rely on the following legal justifications for processing your personal data:

  • Contractual – to fulfil the requirements of the contracted service between the two parties
  • Legitimate Interests – we process your data in a manner that you would reasonably expect to facilitate the business relationship

8. Further Information

Should you have any queries regarding the processing of your personal data please email our DPO at dataprotection@switch2.co.uk