At XUM we would like you to enjoy your shopping experience and we acknowledge in doing so you expect we will treat the information you provide in a serious and responsible manner.
We understand how important it is to protect your right to privacy and securely maintain your details, that is why we put such a high importance on ensuring that all personal information you provide either through the XUM website (xumenterprise.com), or by other means is kept private.
XUM lawfully processes personal data as a ‘Data Controller’ in accordance with the EU General Data Protection Regulation (GDPR) and other relevant legislation. This privacy statement discloses exactly what information we gather and how we use that information.
In summary you should know that:
- We enforce the highest security measures to ensure your personal information is kept secure.
- We only collect the information we need to provide you with the requested service.
- We will never sell, rent or give away your personal details to anyone.
- We loathe spam as much as you do!
Who are XUM?
XUM is a UK based company specialising in the supply of computer Memory upgrades since 1994. Please visit About XUM for more information.
Security
All traffic (transferral of files) between the XUM website and your browser is encrypted and delivered over HTTPS. The XUM website has security measures in place to protect against the loss, misuse, and alteration of the information under our control, including without limitation protecting information behind a firewall and encrypting your ordering information using a minimum of 128 bit encryption so that it cannot be read by a third party during transmission.
The XUMwebsite is independently scanned by Symantec and our internal systems are also scanned on a regular basis providing reassurance that your data is protected.
The information we require to process your order is held on high-security servers. Credit/Debit card numbers submitted on the website cannot be seen in full or used by any person. The information you provide for payment purposes is logged and processed securely using our payment gateway provider. This means that our website does not hold any of your financial details. Our payment provider is a PCI compliant online payment gateway that processes card payments and transactions in a secure host environment.
Credit/Debit card numbers provided over the telephone are entered directly into our secure payment system and are only stored if you have specifically requested this for convenience. In the event we do store your card details they are held securely with restricted access.
Information we collect
This notice applies to information collected or submitted on the XUM website, or by other means such as email, live chat, social media, post, fax, telephone or in person.
Orders and quotations
To process your order or to provide you with a quotation it is necessary for the performance of our contract with you to collect your personal information, including your full name, billing/delivery address, phone number, email address and where relevant, company name, VAT number and payment details. For the purposes of fraud prevention and security, we also have a legitimate interest to collect your devices IP address and to request additional information to verify your identity or to approve credit facilities (e.g. job title, company number).
If you register an account on the XUM website you will be required to provide a password to keep your details secure. Please follow our recommendations for choosing a secure password and do not reuse an old or existing password. We do not have access to your password as it is stored by the website in an encrypted form.
Contacting us
Should you choose to contact us using one of our online contact forms or any other means such as email, live chat, social media or telephone it is necessary for the performance of our contract with you, to process your personal information. The information collected is dependent on the type of enquiry and we will only ask for information that is relevant to provide you with the best response. Your details will not be entered into our database or other systems unless you have placed an order, requested a quotation, requested marketing or we need to keep a record of your enquiry for legal or regulatory reasons. When submitting your information using one of our online contact forms, the data is sent to us via email and is NOT stored on the XUM website. When your query has been fully dealt with all related emails are deleted.
Never send us confidential information such as credit card details by electronic means (e.g. email, online form, live chat). If you need to provide us with this information, please call us.
Other activities
We also have a legitimate interest to collect your personal information if you apply for a job, visit our premises or otherwise participate in activities we promote such as competitions or surveys.
We employ CCTV on our premises in order to:
- Prevent, deter and detect crime.
- Apprehend and prosecute offenders and provide evidence to take civil action in the courts.
- Help provide a safer environment for our staff and visitors.
- Monitor system access for regulatory (PCI) compliance.
Information disclosed to third parties
We may share your information with third-party vendors and service providers who we employ as ‘Data Processors’ to perform tasks on our behalf. These service providers (and their sub-processors) are subject to strict data processing terms and conditions and are prohibited from utilising, sharing or retaining your personal data for any purpose other than as they have been specifically contracted for.
The service providers we may share your data with include our payment processing providers (PayPal, Cardinal Commerce), email service providers (Rackspace, SendGrid), text messaging service (TextMagic), review collection service (Trustpilot) and courier services (Royal Mail, DPD, DHL etc). We may also share your name and delivery address with our suppliers to enable direct shipment of an order.
Where our service providers (or sub-processors) are located outside of the European Economic Area (EEA) there is a legal framework governing the transfer of your personal data to meet GDPR standards, for example companies located in the US are required to uphold EU-US Privacy Shield Certification.
The XUM website also uses third-party vendors to enhance the website and provide analytics, social media and advertising features using cookies and similar technology. For example, we use cookies to track conversions from clicks on adverts shown by our advertising partners (e.g. Google AdWords and Bing Ads). For further information see the Cookies section below.
Under certain circumstances, we may be required to disclose your personal information in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
Website analytics
The XUM website uses a number of tools such as Google Analytics, for statistics, search engine optimisation and to analyse how the website is used. These tools do NOT collect any personal data. Where the users IP address is collected it is anonymised, meaning it is not stored in full. Each of these tools set cookies on your device which you can control by clicking the ‘Cookie Settings’ button in the footer of any page.
Anti-Fraud checks
We may use your personal information to conduct anti-fraud checks that may help us detect, prevent and report fraud. This information may be disclosed to a fraud prevention agency (ActionFraud), which may keep a record of that information.
Notifications about your order
We will use your email address and mobile phone number (UK only) to send you emails and text messages about the status of your order. This will include an order confirmation email plus an email and/or text message when your order has been dispatched. We will not use your email address or phone number to send you promotional offers without your prior consent.
Notification of special offers
If you have given us your consent, we may send you occasional emails containing news or special promotional offers which may be of interest to you.
These emails are ONLY sent from XUM, using our service provider. If you do not wish to continue receiving our special offer emails, an unsubscribe link is provided at the bottom of each email sent. Alternatively, please make an unsubscribe request. Please note that it may take up to 10 days to remove you from our marketing system, so you may receive correspondence from us for a short time after unsubscribing.
Communications relating to an order or enquiry are considered transactional and necessary to provide you with the service requested, therefore you cannot opt out of these messages.
Inviting you to leave a review
We may send you an email inviting you to leave a review following receipt of your order.
Unless you have previously asked us not to send review invitations, your name, email address and invoice number will be shared with our online review service provider (Trustpilot) in order to send you invitations and to collect your review. Trustpilot will only use your details as instructed by XUM. You can unsubscribe from future Trustpilot emails by clicking the unsubscribe link in the invitation email.
By leaving a review on Trustpilot you agree to Trustpilot’s terms & conditions.
Retention of your personal information
We will retain your personal information for the period necessary to provide the services requested (e.g. fulfilling an order or sending regular newsletters), after which time it will be destroyed, unless a longer retention period is required or permitted by law, for legal, tax or regulatory reasons, or other lawful purposes. For example, if you have made a purchase we are required under UK tax law to keep your basic personal data (name, address and contact details) for a minimum of 6 years.
For products covered by our lifetime warranty we will retain a record of your purchase indefinitely or until you inform us that you no longer own the product. This record will include your basic contact details to enable us to verify a future warranty claim. You can ask us to delete this data but in doing so we will be unable to verify a future warranty claim without proof of purchase, such as the original invoice.
If you have created an account on the XUM website your details will be stored by the website to enable you to access your order history and to make future purchases faster. Your details will be retained by the website until such time as you request deletion of your account.
Cookies
What is a Cookie?
Cookies are text files containing small amounts of information which are downloaded to your personal computer, mobile or other device when you visit a website. These Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user’s device, and can save data which remembers your preferences.
- Persistent Cookies
These cookies remain on a user’s device for the period of time specified in the cookie. They are activated each time that the user visits the website that created that particular cookie. - Session Cookies
These cookies allow website operators to link the actions of a user during a browser session. A browser session starts when a user opens the browser window and finishes when they close the browser window. Session cookies are created temporarily. Once you close the browser, all session cookies are deleted.
Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improve the user experience. They can also help to ensure that adverts you see online are more relevant to you and your interests.
Cookies used on the XUM website
We use an industry recognised cookie compliance tool from OneTrust. When you visit the XUM website a cookie notification banner will be displayed along the bottom of the browser window allowing you to choose which types of cookies we will place on your device. You can also click the ‘Cookie Settings’ button in the footer of any page for more details and to manage your cookie preferences. If you click the cross to close the cookie banner, we will only place cookies on your device that are necessary for the site to work.
Please note that your choice and any changes you make using the cookie preferences tool will only apply to cookies set by the XUM website or third-party services used by the website and must be set independently on each computer and browser that you use to browse the XUM website. Your preferences will also be reset if you clear your browsers cache.
Because cookies allow you to take advantage of some of the Website’s essential features, we recommend you leave them turned on. For example, if you block or otherwise reject our necessary cookies you will not be able to add items to your Shopping Basket, proceed to Checkout, or use any of our products and services that require you to Sign in. If you leave cookies turned on, remember to sign off when you finish using a shared computer.
Other ways to block or manage cookies
Most modern browsers allow you to control the use of cookies from the settings menu and you can opt out directly with some service providers. For example, you can opt out of Google’s use of advertising cookies by visiting Google’s Ads Settings.
Do Not Track signals
Because there is no industry or legal standard currently for recognising or honouring web browser Do Not Track signals, we don’t respond to them at this time. We await further guidance from the privacy industry to determine how these signals should be handled.
Children
For the purposes of this policy a child is an individual under the age of 16. Although the content of the XUM website is suitable for children, the services provided are not aimed at or intended for children. We ask that no-one under the age of 16 attempts to use these services, including submitting personal information via a contact form or by submitting an order.
Although we cannot stop a child from using the services provided, we attempt to prevent this by displaying a warning/disclaimer where relevant.
If we believe a child has submitted their personal data to us we will cease all communications and delete all personal data immediately.
Your rights
You have a right to access and request a copy of your personal data (including CCTV images of yourself), to object to or restrict the processing of your personal data and to request rectification or erasure of your personal data. If at any point you believe the information we hold about you is incorrect, please let us know and we will update our records.
If you have any questions about this privacy policy, the use of your personal information, or if you wish to request us to stop using your information in any way, please contact us using the details below. In order to comply with your request, we may ask you to verify your identity. If you request erasure of your personal data, please note that we may be required to retain some of your data for a minimum period as explained in the ‘Retention of your personal information’ section above. Deleting your data may also prevent us from verifying a future warranty claim.
If you wish to raise a complaint on how we have handled your personal data, please contact us using the details below. If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office.