Privacy Notice


At Bibstone Broadband we are committed to protecting the privacy and security of the personal information you trust us with. This information includes the data we control about you as an individual, but also the data we process on your behalf that refers to other people for which you have responsibility, such as your staff and your family.

This privacy statement describes how we collect and use personal information during and after your working relationship with us, in accordance with the General Data Protection Regulations (GDPR), as updated from time to time.

For clarity, Bibstone Broadband may be both data controller and data processor for your personal data under certain circumstances.

Our promise to you

We will comply with GDPR, which requires that the information we hold about individuals must be:

  • Fairly and lawfully collected and processed;
  • Processed for specific purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
  • Relevant to the purposes we have told you about and limited only to those purposes;
  • Accurate and kept up-to-date;
  • Only kept for as long as it is necessary to achieve the purposes described and to meet any relevant regulations associated with those purposes;
  • Processed in line with your rights to control how the information is processed and used;
  • Kept, transferred and processed securely.

What personal data will we collect from you?

We may collect personal data when you provide it to us with your consent by filling in forms or corresponding with us by email, or where it is provided to us in the course of our legitimate interests in order to provide services to you. The purpose of our processing will always be made clear to you at the time of collection, and where appropriate you will be given the opportunity to specify how personal data is to be gathered, used and destroyed.

What information is automatically collected?

We may also collect personal information as a result of the cookies we use on our website; which are intended to enhance the experience that you get from seeking information online.

Further information regarding the use of cookies can be found toward the end of this privacy statement.

How will we use your personal data

Where you provide personal data to us, such data will be used only for the purposes you have approved, for the legitimate services we provide or in meeting legal obligations in association with those services. These include:

  • To help us identify you and any accounts you hold with us;
  • To provide you with products and services;
  • To provide you with information about other services and opportunities that are similar to those that you have already received or enquired about;
  • When you register your interest in the CFP, we will pass on the information you give us to Openreach.  Please read their own Privacy Policy for further information on how they will use and store your personal data.

We don’t use automated decision-making when we process personal data. Where possible and suitable we will anonymise the data for situations where personally identifiable information is not required for the purpose intended.

Sharing of Personal Data

We will not share your personal data with any other organisation without your permission except where we are under an obligation to do so. We do not sell, rent or lease personal data under any circumstances.

How do we store your data?

We are committed to securing personal data. We will take appropriate steps to ensure that personal data is not lost, stolen or modified, and that it is used only for the purposes for which it was collected.

We will do our best to protect your data when being transmitted, although we cannot guarantee security due to the inherent risks associated with the internet and the lack of control that we have on third party email systems. Our website uses SSL to ensure all website communications are encrypted and secure.

If you suspect any unauthorised access, misuse or loss of your data please contact us immediately using our contact details and we will respond to the incident in accordance with our obligations to the Information Commissioners Officer (ICO). If we are made aware of any incident or breach that may potentially affect the data we hold on your behalf then we will inform you of any implications as communicated to us.

Retention periods

We shall retain your data only for as long as necessary in accordance with applicable laws.

Transfer of data outside of the EU

Your data will not be transferred intentionally except where we are required to do so as a result of user activities, for example where we use third-party cloud-based services, or when asked to do so by you. When personal data is transferred, we ensure that appropriate legal and technical safeguards are in place.

Your rights with regard to access to your information

Subject to other legal obligations related to the services we provide, your rights under GDPR are to:

  • Be informed of the data we hold and the processing being undertaken involving your data;
  • Get access to your personal data. You can exercise this right by submitting a ‘data subject access request’, which enables you to receive a description and/or a copy of the personal data we hold about you;
  • Request correction of the personal data that we hold about you;
  • Request erasure of your personal information;
  • Restrict (or expand on) the use of your personal data, including making changes to the uses that you agreed to at an earlier point in time;
  • Be able to transfer your data to another party under your rights for data portability;
  • Object to use or processing of your data for specific purposes, particularly where it is part of a broader data processing activity, or for such purposes as direct marketing.

If you wish to exercise any of your rights please contact us at the details given at the end of this privacy statement.

Keeping your information accurate and up-to-date

It is important that the personal data we hold about you or on your behalf is accurate and current. Please keep us informed if your information changes during your working relationship with us.

Data Breaches

In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.


Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.

For further information visit or

You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. Please note that in some cases, this may restrict the full functionality of our website and some features may not function as a result.

Our website hosting partner will set a single cookie for load balancing, this cookie does not contain any personally identifiable information.

3rd party services that we use on our site that may set cookies include the following. Please click the links below for our partner’s individual privacy policies & notices.

Contacting us about your data privacy

If you have a request, concern or complaint about our processing of personal data, please contact us at

If you are not satisfied with our processing of personal data, how we have responded to your complaint about the processing of personal data, or you believe our processing of personal data is not in accordance with the law, you have the right to complain to the Information Commissioner’s Office (ICO) by calling +44 (0)303 123 1113, or visiting

Revisions to this policy

In the event that this notice is changed at any time, the date and nature of the change will be clearly indicated. In the event that the change has a material impact on the handling of your personal data, we will notify you.

Policy first published 30/05/18. Last updated 30/05/18.