Book Demo

Privacy Policy.

This Privacy Policy explains how personal information is collected and used in connection with the FastDox platform, our websites, and our business operations.

1. About this policy

1.1 Scope of this policy

This Privacy Policy relates to our use of any personal information we collect from you via the following services:

  • Any HTEC website that links to this Policy (“Websites”); or
  • Social media or HTEC content on other websites; or
  • Whilst providing agreed services to you or receiving services from you; or
  • As your employer.

It also relates to our use of any personal information we collect through other means, such as:

  • Email
  • In person
  • Other third party sources.

We’ve approached our Privacy Policy with brevity and clarity in mind. If you would like any additional information or explanation or would like us to answer any questions you may have please contact us using the details provided (see the “HOW TO CONTACT US” section below).

1.2 Policy updates

We may update this Privacy Policy from time to time. The latest version will always be available on this page and the “Last updated” date will be shown at the top.

2. About HTEC

2.1 Who we are

HTEC Solutions Ltd (company number 11661968), trading as FastDox (“FastDox”, “we”, “us” and “our”), operates the FastDox platform and provides onboarding, verification, and workflow services to businesses in the United Kingdom.

2.2 Data protection roles

For the purposes of data protection laws, HTEC Solutions Ltd trading as FastDox acts as the data controller for personal information collected through our websites, marketing activities, recruitment, and supplier relationships.

Where our business customers upload or store personal information in the FastDox platform relating to their own customers, staff, or suppliers, FastDox acts as a data processor and processes that information only on the customer’s instructions and in accordance with our contract.

3. What information do we gather and how do we collect it?

3.1 What types of information do we collect about you?

The type of information we collect about you depends on the nature of your interactions with us. Depending on the circumstances, we may receive or collect personal information about you, when you contact HTEC for example by doing any of the following:

Data you give to us:

  • When you apply for our products and services.
  • When you talk to us on the phone or in our offices.
  • When we are “out on the road”, for example at conferences.
  • When you use our websites or any mobile device apps.
  • In emails and letters.
  • In customer surveys.
  • When you apply for a job with HTEC.

Data we collect when you use our services:

  • Payment and transaction data.
  • Profile and usage data. This includes the profile you create to identify yourself when you connect to our internet or any mobile and telephone services. It also includes other data about how you use those services. We gather this data from devices you use to connect to those services, such as computers and mobile phones, using cookies and other internet tracking software.
  • Data collected when you utilise our Fast Dox product which provides a structured and secure document collection for clients. A primary function of Fast Dox is document collection which may include personal data collected by HTEC’s customers from their own clients, and which HTEC will then hold on behalf of the customer in accordance with the agreed service.

Data from third parties we may work with:

  • Companies or individuals that introduce you to us.
  • Insurers.
  • Fraud prevention agencies.
  • Employers / Recruitment consultants.
  • Payroll service providers.
  • Public information sources such as UK Companies House.
  • Banks.
  • Market researchers.
  • Medical practitioners (in the case of our staff).
  • Government and law enforcement agencies.

3.2 Personal information about others

We may collect information from you about others, such as members of your household or family (in the case of staff) or, about customers of yours, in the case of clients (such as if use our Fast Dox product and we are required to hold personal data received from your own clients). If you give us information about another person it is your responsibility to ensure and confirm that:

  • You have either told the individual who we are and how we use personal information, as set out in this Privacy Policy; and have permission from the individual to provide that personal information (including any sensitive personal data) to us and for us to process it, as set out in this Privacy Policy; or
  • You are otherwise satisfied that you are not in breach of data protection legislation by providing the information to us.

3.3 Customer content and platform data

Where our business customers upload or store personal information in the FastDox platform (for example, documents or records relating to their own customers, staff, or suppliers), HTEC Solutions Ltd trading as FastDox acts as a data processor and processes that information only on the customer’s instructions and in accordance with our contract (including any data processing terms).

In these circumstances, the business customer is the data controller and is responsible for providing appropriate privacy information to the individuals concerned.
If you have questions about personal information contained in a customer’s FastDox account, please contact that organisation directly.

4. When do we need to collect your sensitive information?

In certain circumstances, we will collect information that is deemed sensitive. This is most likely to include:

  • Information about your health (for example if you are member of staff); and/or
  • Information about any criminal record you may have.

We seek to limit any sensitive personal data that we collect and, unless we have other specific lawful reasons to use this information (such as in an emergency situation), we will ask for your consent to collect it.

5. How the law protects you

Your privacy is protected by law. This section provides an overview of how that protection works.

Data protection law states that we are only allowed to use personal information if we have a proper reason to do so. This includes sharing it outside HTEC. The law states that we must have one or more of the following reasons:

  • When you consent to it; or
  • To fulfil a contract we have with you; or
  • When it is our legal duty; or
  • When it is in our legitimate interest.

A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is best or right for you. If we rely on our legitimate interest, we will tell you what that is. The section below (“How We Use Your Personal Data”) contains a list of the ways in which we may use your personal information, and the reasons we rely on to do so. This is also where we tell you what our legitimate interests are.

6. How we use your information

We will only use your personal data fairly and where we have a lawful reason to do so. We are allowed to use your personal data if we have your consent or another legally permitted reason applies. These include to fulfil a contract we have with you, when we have a legal duty that we have to comply with, or when it is in our legitimate business interest to use your personal data. We can only rely on our legitimate business interest if it is fair and reasonable to do so.

We may use information to:

  • To provide guidance on our services, to manage and administer our business relationships, including to communicate with our clients, their employees and representatives, to administer client billing and payments, to collect and recover money that is owed to us and to keep records.
    Lawful basis: To fulfil our contract with our client(s) and to comply with legal obligations including accounting, tax and data protection.
  • To undertake due diligence on new clients and suppliers where appropriate; to help us identify, investigate, report and seek to prevent financial crime; and to comply with laws that apply to us.
    Lawful basis: To comply with our legal obligations including crime prevention and fraud.
  • To provide information services to clients and potential clients, including by email updates and newsletters; and to invite you to events that we may organise from time to time (including surveys to obtain feedback).
    Lawful basis: Where you have consented and expressed a preference to receive marketing communications; or if we feel it is appropriate and relevant to our business relationship with you.
  • To develop and carry out marketing activities and to show you information that is of interest to you, based on our understanding of your preferences (we combine information you give us with information we may receive about you from third parties to help us understand you better).
    Lawful basis: Where you have consented and expressed a preference to receive marketing communications; or if we feel it is appropriate and relevant to our business relationship with you.
  • To run our business in an efficient and proper way (e.g. audit, managing our business capability, managing risk for us and our clients, finances, planning, communications with service providers and clients and corporate governance, responding to complaints and seeking to resolve them).
    Lawful basis: When needed for the efficient operation of our business.
  • To maintain lists to ensure that you do not receive communications from us where you have objected to this or have unsubscribed.
    Lawful basis: To safeguard your rights and comply with our legal obligations.
  • To optimise our website and to collate information on how you interact with us and our services so that we can improve this if felt necessary.
    Lawful basis: Where we have consent from you or on the basis of our legitimate interests to operate and present an effective and convenient website to our website users.
  • To exercise our rights contained in agreements or contracts, website terms of use and other terms and conditions of business (including employment contracts and agreements with suppliers).
    Lawful basis: Fulfilling contracts or to protect our legal interests.
  • To ensure security and protect our business interests (including protecting against, investigating and deterring fraud, unauthorised or illegal activities; systems testing, maintenance and development).
    Lawful basis: Our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so.
  • Sharing personal data if we decide to sell or transfer part of all of our business.
    Lawful basis: When needed to comply with our legal obligations and to facilitate the transaction.
  • Other identified purposes when we collect the information (such as processing a job application whether directly or via an agent or recruiter).
    Lawful basis: Where we have your consent or on the basis of our legitimate interest to recruit new employees or contractors.

Groups of personal information

We collect and use lots of different types of personal data. Personal data is any information that relates to you and that identifies you either directly from that information or indirectly, by reference to other information that we have access to. The personal data that we collect, and how we collect it, depends upon how you interact with us.

Categories of personal data that we collect include:

  • Contact: Such as your name, email address and telephone number.
  • Socio-Demographic: This includes details about your work or profession, nationality and education.
  • Contractual: Details about the products or services we provide to you.
  • Locational: Data we get about where you are (e.g. mobile phone data) or the address where you connect a computer to the internet.
  • Behavioural: Details about how you use our products and services.
  • Communications: What we learn about you from letters, emails, conversations, feedback and survey responses.
  • Open data and public records: Details in public records (e.g. UK Companies House, the UK Electoral Register) and openly available internet information.
  • Usage Other data about how you use our products and services.
  • Documentary Details stored in documents in different formats, or copies of them (e.g. passport or drivers licence).
  • Special types of Racial or ethnic origin; religious or philosophical beliefs; trade union membership; genetic and bio-metric data; health data including gender; criminal convictions and offences.
  • Consents: Any permissions, consents, or preferences that you give us (including how you want us to contact you).
  • Financial: Billing and financial information such as billing address, bank account and payment information.
  • National identifier: A number/code given by a government to identify you (e.g. National Insurance number).

7. How we share your information outside of HTEC

7.1 Sharing your personal information

If you request an estimate for services, or purchase a product or service, your personal information may be shared with and processed by persons that are not HTEC employees but who work for or on behalf of HTEC, such as any consultants HTEC may appoint.

Your information may also be disclosed when we believe in good faith that the disclosure is:

  • Required by law;
  • To protect the safety of our employees, the public or HTEC property;
  • Required to comply with a judicial proceeding, court order or legal process; or
  • In the event of a merger, asset sale, or other related transaction; or
  • For the prevention or detection of crime (including fraud).

We may also share your personal data when you have consented to us doing so.

We may also disclose your information to third party suppliers or service providers to conduct our business (e.g. to assist in managing and storing data, provide data analytics, conduct market research and to communicate with you effectively).

In addition, unless you opt out of receiving direct marketing, we may share your information with third parties who help run any marketing campaigns.

We may share your information with governmental bodies in the United Kingdom (directly or via shared databases) to prevent and detect fraud.

Where we do share your information with third parties, we will wherever possible require them to maintain appropriate security to protect your information from unauthorised access or processing.

7.2 If you choose not to give personal information

We may need to collect personal information by law, or under the terms of a contract we have with you. If you choose not to give us this personal information, it may delay or prevent us from meeting our obligations.

Any data collection that is optional would be made clear at the point of collection.

7.3 Our service providers and suppliers

We are based in the United Kingdom. If we send personal information to countries outside the European Economic Area (“EEA”), we will ensure that there will be a contract in place to make sure the recipient protects the data to the same standard as the EEA. This may include following international frameworks for making data sharing secure.

We will only transfer your personal data outside of the European region under the following circumstances:

  • Where the transfer is to a country or other territory which has been assessed by the European Commission (or an equivalent UK body) as ensuring an adequate level of protection for personal data;
  • With your consent; or
  • On the basis that the transfer is compliant with the GDPR and other applicable laws.

8. Marketing

8.1 When you’ll hear from us

At present, we do not undertake direct marketing. However, we may in the future use your personal information to send you marketing by post, by phone, through social media, by email and by text. We may also use your personal information to help us identify, tailor and package our products and services, determine pricing and offer discounts that we believe may be of interest to you.

We can only use your personal information to send you marketing material if we have your permission or a legitimate interest as described above.

If you don’t want to receive emails from us, you can click on the ‘unsubscribe’ link that appears in all emails we send. If you don’t want to receive texts from us you can tell us by contacting us at any time. Otherwise, you can always contact us to update your contact preferences.

You have the right to object to direct marketing and profiling relating to direct marketing. Please see the section about your rights for more details.

8.2 Opting out of or withdrawing your consent in relation to marketing

If you no longer want to hear from us, you can opt out or unsubscribe by:

  • Following the “unsubscribe” link contained in any marketing communications that you receive from us
  • By Email to: hello@fastdox.co.uk
  • By Phone on: 0330 088 7844
  • By contacting us on the details given in section 13 below headed “HOW TO CONTACT US”.

8.3 Third parties and marketing

We might rely on third parties to help us manage our marketing communications, but we won’t share your information with any third parties for their marketing purposes unless you agree to our doing so.

9. Our site and cookies

Where required, we will ask for your consent before placing non-essential cookies and you can manage your preferences at any time via our cookie settings.

9.1 What we collect when you interact with our sites and apps

Most websites collect certain information automatically about the way in which you interact with them. This might include your IP address, geographical location, device information (such as your hardware model, mobile network information, unique device identifiers) browser type, referral source, length of visit to the site, number of page views, the search queries you make, and similar information.

This information will be collected by us or by a third party site analytics service provider and will be collected using cookies.

We use this information to save your settings, help improve our functionality and services, run diagnostics, analyse trends, track visitor movements, gather broad demographic information and personalise our services.

9.2 What do we mean by “cookies”?

Cookies are small amounts of information in the form of text files that we store on the device you use to access our site or our marketing communications. Cookies allow us to monitor your use of our services and improve them.

For example, a temporary cookie is also used to keep track of your “session”. Without that temporary cookie you will not be able to purchase products or other services that may be offered via our site.

We also use cookies for site analytics purposes and to monitor how customers interact with and receive our marketing communications (for example if you open a marketing communication and/or click on any of our offers). We use this information to try to improve the relevance and tone of our future communications.

If you don’t want cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your internet browser settings, please consult the “Help” section of your internet browser or visit http://www.aboutcookies.org.

Please note that if you do set your Internet browser to reject cookies, you may not be able to access all of the functions of the site.

10. Your rights

10.1 Your data protection rights

Under data protection legislation you have various rights in respect of the personal information that we hold about you, including:

  • You can require us to update or correct any inaccurate personal data, or to complete any incomplete personal data, concerning you.
  • You can require us to stop processing your information for direct marketing purposes.
  • You have the right to object to our use of your personal data more generally.

You may also have the right, in certain circumstances, to:

  • Be provided with a copy of any personal data that we hold about you (exceptions apply).
  • Require us, without undue delay, to delete your personal data.
  • Restrict our use of your information.
  • Require personal data you have provided to us (processed by automated means, based on consent or contract performance) to be provided in machine readable format so it can be ported to a replacement service provider.

Please note that we reserve the right to retain certain information for our own record-keeping and to defend ourselves against any claims. We may also need to send you service-related communications relating to the services that we provide to you even when you have requested not to receive marketing communications.

10.3 How to exercise your rights

  • You can exercise your rights by contacting us using the details in the “HOW TO CONTACT US” section below, or by ticking the applicable boxes on forms that we use to collect your information.
  • If you wish to remove your information from our marketing circulation lists, you can unsubscribe by scrolling to the bottom of the email and clicking the ‘unsubscribe’ link.
  • We will comply with your requests unless we have a lawful reason not to do so.
  • We may need you to provide satisfactory proof of your identity.

11. How we look after your information

11.1 Security measures

We are committed to protecting the confidentiality and security of the information that you provide to us. We put in place appropriate technical, physical and organisational security measures to protect against any unauthorised access or damage to, or disclosure or loss of, your information. By way of example we:

  • Ensure the physical security of our offices.
  • Ensure the physical and digital security of our equipment, devices and systems by mandating appropriate password protection, encryption and access restrictions.
  • Ensure appropriate access controls so that access to your information is only granted to those of our people that need to use it in the course of their work.
  • Carry out annual penetration testing of our systems.
  • Maintain internal policies and procedures to make sure our staff understand their responsibilities in looking after your information.

11.2 Links to other sites and resources

  • Our website may from time to time contain content and links to other sites that are operated by third parties. We do not control these third party sites or the cookies that such third parties operate and this Privacy Policy will not apply to them.
  • Communications over the internet, such as e-mails, are not secure unless they have been encrypted.

12. How long we keep your information for

We do not keep your personal data for any longer than is necessary to fulfil the purpose for which we collected it, or to comply with any legal, regulatory or reporting obligations or to assert or defend against legal claims.

We will generally keep your data for no longer than seven years for one of these reasons:

  • To comply with our legal obligations.
  • To respond to any questions or complaints.
  • To show that we treated you fairly.
  • To maintain records according to rules that apply to us.

We may keep your data for longer than seven years if we cannot delete it for legal or technical reasons. We may also keep it for research or statistical purposes. If we do, we will make sure that your privacy is protected and only use it for those purposes. Further information can be found in the Company’s Data Retention Policy.

13. How to contact us

If you have any questions about this Privacy Policy or the ways in which we handle your personal information or if you want to make a subject access request, please contact us at:

The Data Protection Officer
HTEC Solutions Ltd
Caidan House
Canal Road
Timperley
Altrincham
England, WA14 1TD

Email: hello@fastdox.co.uk
Telephone: 0333 305 0172

However, if you remain dissatisfied with our response, you have the right to take the matter up with the United Kingdom Information Commissioner’s Office (ICO). The ICO is the UK’s independent body set up to uphold information rights.

You can contact the Information Commissioner via the ICO website at https://ico.org.uk/global/contact-us