Your data and the systems we use
Offering you transparency around the systems we use to store your data, how we access it and what to do if you wish to know more.
Vu Online uses a number of third party services to store your data. This data is necessary for us to use these services. These services are, in turn, necessary for us to provide the best service possible to you.
Email communications and documents (Gmail and GSuite)
If you get in touch about working with us, the first thing we will do is receive your email and start an email thread of communication. We are likely to gather and store some personal information from your emails (e.g. your name, phone number, email address and company details). This data will enable us to contact and communicate with you.
Our email systems are handled by Gmail. Like all of our systems below, these systems are accessed through password protected machines with logins held in a secure vault. Only Vu employees and third parties authorised by Vu will have access to these systems.
CRM (Capsule)
We keep a record of all of our contacts and the conversations we are having with them through a CRM tool and we would advise you to do the same.
The information stored here will be your name, phone, email address and a description of your requirement.
This information is stored digitally and securely through a third party system called Capsule and only the relevant staff will have access to this information (i.e. those at sales and director level). We use this system to support us in looking after the relationship we are forming with you. If you would like to see or remove your data from this process you may, however you will also be denying yourself the same level of customer service experienced by the rest of our clients.
Accounting (Xero)
Once you have agreed to work with us, you become a client of Vu (lucky you!) It is vital we use IT systems to communicate with you effectively. We will most likely send you an invoice from our accounting system. For this we will require the business name and address and the contact details for the person or department responsible for payment (i.e their name, email and phone number).
We use a system called Xero which is accessed only by finance and director level staff ( in order to manage the payments in and out of the business) and our accountants who have access to higher level reporting to submit our annual accounts.
Project Management Software (Teamwork)
Upon starting work with us, you will be given access to our project management software: Teamwork. Here we will store your business name, your name and email, project tasks and any related information you add. This system will update you regularly via email with notifications of actions taken on the tasks within your project. You can choose to turn these off if you feel in any way harassed.
The project team with access to this data will vary per project but is viewable within Teamwork. If you wish to be removed from this system you may but we will then be unable to manage the project effectively.
Bug tracking software (Bugherd)
We use Bugherd for tracking and dealing with website backlog issues. As a customer, we will invite you to use Bugherd using your name and email address. This data is only accessible by Vu.
Content Gathering (GatherContent)
We use GatherContent to collect and organise website content at the copywriting stage of a project. As a customer we will invite you to the platform using your email address. We store your email and name in this software which allows you secure access to the software.
Company communications service (Mailchimp)
We also store our clients’ information within Mailchimp, a secure mass email service, in order for us to efficiently inform you about our service, process updates and other important updates. For example, we may send out an email alerting you of a service fault that may affect your hosting or at Christmas to alert you of changes to our office hours.
In order to ensure our communications are as accurate and relevant as possible, we record information such as whether we built your website or not, the type of website it is, the CMS (content management system) it runs, the third party services we use for hosting, whether we hold the domain registration. We store this alongside your name and email address.
This segmentation is useful, for example, if there is a vital WordPress update upcoming and we need to send this information only to those clients who use that system.
Other sources of personal data
As you can see, at Vu we have invested in using the best software for each job we do. This is to keep our service up-to-date and digital, safe, secure and easy to use. However, we are still a fan of old fashioned pen and paper note taking when we sit face to face with you or if we are designing ideas for you.
We store this physical data in client box files whilst you are engaged in a project or ongoing work with us, We safely destroy the data afterwards.
Data retention and legitimate use
Vu has a data retention period of 7 years. Our lawful basis for processing data may be any of the following:
- Consent (To receive marketing email from us)
- Contract (Provision of digital services)
- Legal obligation (Record keeping for business purposes)
Vu does not hold any special category customer data.
Your rights
We respect your individual data rights. These include the right to be informed, the right to access and the right to erasure, you can read a little more about your right to erasure here.
As highlighted above, our service is dependent to a greater or lesser extent by how our third party services functionally handle these requests. If you wish to erase the data held in third party systems, we may be unable to offer the same level of service to you. In extreme cases, we may have to cancel delivery of work or our relationship altogether.
If you wish to make a request for removal then please contact us. One of the team at Vu will get back to you within a week to confirm your identity and the data that will be removed. Then, on confirmation, we will remove the data and confirm that the data has been removed (within one month upon receiving proof of identity and your agreement).