Skip to main content

Privacy Policy

How One2Call Limited collects, uses and protects your personal data

We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or the supervisory authority in the event you have a complaint.

We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This privacy policy applies where One2Call Limited acts as a controller of your personal data, including where you are a visitor to our website, a prospective customer, a customer, a supplier, a partner, or a representative of one of those organisations.

In some circumstances, when we provide managed IT, cyber security, cloud, connectivity, telecoms and related services to our business customers, we may process personal data on behalf of those customers. In those circumstances, the relevant customer is usually the controller and should be your first point of contact in relation to that processing.

Key terms

Here are the meanings of some key terms which we use in this policy:

 Term  Meaning
We, us, our One2Call Limited (company number 06220567), registered office: Unit 5-8 Jessops Riverside, 800 Brightside Lane, Sheffield, S9 2RX
Personal data Any information relating to an identified or identifiable individual
Data subject The individual who the personal data relates to

 

Personal data we collect about you

The personal data we collect about you depends on the particular relationship we have with you. We may collect and use the following personal data about you:

  • your name and contact information, including email address, telephone number, postal address, job title and organisation details
  • information relating to your enquiry, request or instructions
  • your contact history with us, including records of correspondence and communications (including communications with us through social media or similar platforms)
  • meeting, appointment and event booking details
  • details of services you have enquired about, requested or received
  • your billing information, transaction and payment information
  • your marketing preferences
  • information from publicly accessible sources, such as company websites, Companies House and professional networking sites
  • information about how you use our website, communication systems and other systems, including cookie identifiers, IP address, browser and device information
  • your responses to forms, pop-ups, surveys, promotions or feedback requests
  • information you provide when using our website contact channels, including live chat, meeting booking tools or WhatsApp links
  • other information you choose to provide to us

We collect and use this personal data for the purposes described in the section “How and why we use your personal data” below. If you do not provide personal data we ask for, it may delay or prevent us from responding to you, providing services, or managing our relationship with you or the organisation you represent.

How your personal data is collected

We collect most of this personal data directly from you — in person, by telephone, text, email, live chat, messaging services and via our website. However, we may also collect information:

  • from publicly accessible sources, such as Companies House, company websites and professional networking platforms
  • directly from a third party — for example your employer or the organisation you represent, referral partners or introducers, event or webinar partners, or service providers who support our website, communications, marketing and customer relationship management activities
  • from cookies on our website — for more information on our use of cookies, please see our cookie policy
  • via our IT systems — for example through automated monitoring of our websites and technical systems, and through our communications, email, live chat and meeting booking systems

How and why we use your personal data

Under data protection law, we can only use your personal data if we have a proper reason, for example: where you have given consent; to comply with our legal and regulatory obligations; for the performance of a contract with you or to take steps at your request before entering into a contract; or for our legitimate interests or those of a third party.

A legitimate interest is when we have a business or commercial reason to use your personal data, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, where appropriate. The table below provides further details, including the legal bases we rely on.

 Purpose  Lawful basis under the UK GDPR  Categories of personal data
Communications with you not related to marketing, including about changes to our terms or policies, services, systems or other important notices Compliance with a legal obligation (Article 6(1)(c)) your name, organisation details and contact information, including email address and telephone number
Communications with you not related to marketing Legitimate interests (Article 6(1)(f)) — to administer our business and relationships effectively and provide services efficiently your name, organisation details and contact information; records of your dealings with us; service and account information
Responding to enquiries and arranging consultations, meetings, events and IT health checks (by phone, email, website forms, live chat, meeting booking tools or messaging services) Steps at your request before entering into a contract (Article 6(1)(b)); and/or legitimate interests (Article 6(1)(f)) — to respond to business enquiries and develop relationships your name, organisation details and contact information; enquiry details; correspondence; booking information
Relationship management and service administration — records of customer, prospect, supplier and partner contacts; quotations, proposals, contracts, renewals, billing and related communications Performance of a contract (Article 6(1)(b)); legal obligation (Article 6(1)(c)); and/or legitimate interests (Article 6(1)(f)) your name, organisation details and contact information; contact history; service, account, billing and transaction information
Marketing — updates about our services, events, insights and other business information by email, telephone or post, where permitted by law Consent (Article 6(1)(a)); and/or legitimate interests (Article 6(1)(f)) — to promote our business and services to relevant business contacts your name, organisation details and contact information; marketing preferences; records of engagement with our communications
Website operation, analytics and related tools — cookies and similar technologies; analysing website use; measuring campaign performance and improving our website and communications (see our cookie policy) Consent (Article 6(1)(a)) where required for cookies; and/or legitimate interests (Article 6(1)(f)) — to operate, secure and improve our website and communications IP address; cookie identifiers; browser and device information; website usage information; form and enquiry data
Security, fraud prevention and legal compliance — protecting our website, systems, communications and business; handling complaints and data protection requests; keeping records needed to comply with law Legal obligation (Article 6(1)(c)); and/or legitimate interests (Article 6(1)(f)) — to protect our business, systems, users and legal position contact information; website and technical usage information; correspondence; records relevant to the issue or request

 

Special category personal data

Certain personal data is treated as a special category to which additional protections apply under data protection law. “Special category personal data” means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetic data, biometric data (where used for identification), and data concerning health, sex life or sexual orientation.

We do not generally seek to collect special category personal data about you. If we do process it, we will ensure we are permitted to do so under data protection law — for example because we have your explicit consent, the processing is necessary to protect vital interests where you are incapable of giving consent, the processing is necessary to establish, exercise or defend legal claims, or the processing is otherwise permitted by applicable law.

Marketing

We may use your personal data to send you updates by email, telephone or post about our services, including news, events, insights, promotions and service updates.

We may rely on our legitimate interests to send marketing to relevant business contacts where this is permitted by law. Where consent is required, we will ask for this separately and clearly.

You can opt out of marketing at any time. The easiest way is to use the unsubscribe or “manage preferences” link in any of our marketing emails, which lets you update your choices yourself. You can also contact us at privacy@one2call.net, or by telephone, and we will action your request promptly.

We may ask you to confirm or update your marketing preferences in the future if you ask us to provide further services, or if there are changes in the law, regulation, or the structure of our business. We will always treat your personal data with respect and will not sell your personal data to third parties for marketing purposes.

Who we share your personal data with

We routinely share personal data with:

  • third parties we use to help deliver our website, contact channels and communications tools
  • third parties we use to help us run our business, such as providers of hosting, cloud services, customer relationship management systems, meeting booking tools, live chat tools, analytics tools, marketing support, finance and accounting systems, document management and e-signature services
  • our insurers, brokers and bank
  • professional advisers, such as lawyers, accountants, auditors and other advisers
  • regulators, law enforcement agencies, courts, tribunals and public authorities, where we are required or permitted to do so
  • third parties approved by you, or where necessary to deal with your enquiry or request
  • other parties that have or may acquire control or ownership of our business in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale or in the event of our insolvency

We only allow those organisations to handle your personal data if we are satisfied they take appropriate measures to protect it. We also impose contractual obligations on them, where appropriate, to ensure they can only use your personal data for the purposes for which it was shared. If you would like more information about who we share your personal data with and why, please contact us.

Payments

Card payments are processed by Stripe through a secure payment link on our invoices. We do not collect or store your card details. Where you pay by Direct Debit, payments are collected through GoCardless. These providers process your payment information as our service providers under appropriate contractual terms.

Where your personal data is held

Personal data may be held at our offices and those of our third party agencies, service providers, representatives and agents as described above. Some of these third parties may be based outside the UK. For more information, including how we safeguard your personal data when this happens, see “Transferring your personal data out of the UK” below.

How long your personal data will be kept

We will not keep your personal data for longer than we need it for the purpose for which it is used. Different retention periods apply for different types of personal data. We will retain your personal data only for as long as is reasonably necessary for the relevant purpose, including to respond to your enquiry, manage our relationship with you or the organisation you represent, provide services, keep appropriate business records, and comply with legal, regulatory, tax, accounting or reporting requirements.

The specific retention periods we apply are set out in our internal records retention policy, which we can summarise on request. Following the end of the relevant retention period, we will delete or anonymise your personal data.

Transferring your personal data out of the UK

It is sometimes necessary for us to transfer your personal data to countries outside the UK. In those cases we will comply with applicable UK laws designed to ensure the privacy of your personal data.

Under data protection laws, we can only transfer your personal data to a country outside the UK where the UK government has decided the country ensures an adequate level of protection; where there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you; or where a specific exception applies under relevant data protection law.

Where we transfer your personal data outside the UK, we do so on the basis of an adequacy regulation or, where this is not available, legally recognised transfer mechanisms such as the UK International Data Transfer Agreement, the UK Addendum to the standard contractual clauses, or another lawful transfer mechanism permitted under UK data protection law. If you would like further information about data transferred outside the UK, please contact us.

Your rights

You have the following rights, which you can exercise free of charge:

 Right  Description
Access The right to be provided with a copy of your personal data
Rectification The right to require us to correct any mistakes in your personal data
Erasure (right to be forgotten) The right to require us to delete your personal data, in certain situations
Restriction of processing The right to require us to restrict processing of your personal data in certain circumstances, for example if you contest the accuracy of the data
Data portability The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format, and/or to transmit it to a third party, in certain situations
To object The right to object at any time to processing for direct marketing, and in certain other situations to our continued processing, for example processing for our legitimate interests unless there are compelling legitimate grounds or the processing is for legal claims
Automated decision-making Where significant decisions are made about you based solely on automated processing with no meaningful human involvement, you have the right to certain safeguards. We do not currently make significant decisions about you in this way
Withdraw consent Where you have given consent, you can withdraw it easily at any time. Withdrawal does not affect the lawfulness of processing carried out before you withdrew it

 

For more information on each of those rights, including the circumstances in which they apply, please contact us or see the guidance from the Information Commissioner. To exercise any of those rights, please email, call or write to us (see “How to contact us”), provide enough information to identify yourself, and let us know which right you want to exercise and the information your request relates to.

Keeping your personal data secure

We have appropriate security measures to prevent personal data from being lost accidentally, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need, and those processing it do so only in an authorised manner and are subject to a duty of confidentiality.

We continually review our security arrangements and hold certifications including ISO 27001, ISO 9001 and Cyber Essentials Plus. We also have procedures to deal with any suspected personal data security breach, and we will notify you and any applicable regulator of a breach where we are legally required to do so.

How to complain

If something has gone wrong, we need you to tell us. You have the right to make a complaint to us — please email, call or write to us (see “How to contact us”) and provide enough information about your complaint so that we can investigate it.

We will investigate your complaint, which will usually involve reviewing it, locating and reviewing any records we hold about you, and establishing the relevant facts. We may need to ask you for further information. We will update you on progress at appropriate times and inform you of the outcome without undue delay.

If we are unable to resolve your complaint, you also have the right to lodge a complaint with the Information Commissioner (the UK data protection regulator), at ico.org.uk/make-a-complaint or by telephone on 0303 123 1113.

Changes to this privacy policy

This privacy policy was last updated on 24 June 2026. We may change this privacy policy from time to time. When we do, we will inform you via our website.

Updating your personal data

We take reasonable steps to ensure your personal data remains accurate and up to date. To help us with this, please let us know if any of the personal data you have provided to us has changed.

How to contact us

You can contact us by post, email or telephone if you have any questions about this privacy policy or the information we hold about you, to exercise a right under data protection law or to make a complaint. Our contact details are:

One2Call Limited

Unit 5-8 Jessops Riverside, 800 Brightside Lane, Sheffield, S9 2RX

privacy@one2call.net

0114 230 0080

Do you need extra help?

If you would like this notice in another format, please contact us.

Contact Us

View Google Maps

Monday 7am-7pm
Tuesday 7am-7pm
Wednesday 7am-7pm
Thursday 7am-7pm
Friday 7am-7pm

hello@one2call.net

(UK) 0114 230 0080

More ways to contact us