Privacy Policy
We take your privacy seriously. This policy explains what data we collect, why we collect it, how we use it, and your rights over it.
Overview
HelpDesk Expert ("we", "us", "our") is committed to protecting your personal information. This Privacy Policy applies to all services offered at www.helpdeskexpert.com and explains how we handle data in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable laws.
By accessing or using our website, services, or live chat, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described here, please do not use our services.
The data controller responsible for your personal information is:
HelpDesk Expert Ltd.
www.helpdeskexpert.com
hello@helpdeskexpert.com
+1 (800) 555-0199
Data We Collect
We collect personal data in several ways depending on how you interact with us:
Information you provide directly
| Data Type | Examples | Purpose |
|---|---|---|
| Identity data | First name, last name, job title | Account creation, communication |
| Contact data | Email address, phone number, company | Service delivery, invoicing |
| Account data | Username, password (hashed) | Authentication and security |
| Transaction data | Invoice details, payment amounts | Billing and financial records |
| Communication data | Live chat messages, support emails | Customer support, quality assurance |
| Preference data | Support channel, service tier | Service personalisation |
Information collected automatically
- IP address and approximate geographic location
- Browser type, version, and device information
- Pages visited, time on page, and navigation paths
- Referring URLs and search terms
- Session identifiers and authentication tokens (stored in httpOnly cookies)
Information from third parties
We may receive information about you from referral partners, analytics providers, and publicly available sources (such as LinkedIn for business development purposes).
How We Use Your Data
We process your personal data under the following legal bases:
Contract performance
- Delivering and managing your outsourced support agent services
- Creating and sending invoices and billing records
- Managing your account, login, and access credentials
- Providing live chat and customer support
Legitimate interests
- Improving and optimising our website and service quality
- Preventing fraud, abuse, and security threats
- Conducting internal analytics and performance reporting
- Sending service-related updates and notifications
Consent (where required)
- Sending marketing emails and promotional content
- Placing non-essential cookies on your device
- Using your testimonial or case study in our marketing materials
Legal obligation
- Complying with applicable laws and regulations
- Responding to lawful requests from authorities
- Retaining financial records for tax and audit purposes
Data Sharing
We do not sell, rent, or trade your personal information to third parties for marketing purposes. We may share your data only in the following circumstances:
Service providers (processors)
We share data with trusted third-party providers who process it on our behalf under strict data processing agreements:
- Infrastructure: Cloud hosting (servers, databases, backups)
- Communication: Email delivery services (transactional emails only)
- Analytics: Anonymised website analytics providers
- Payments: Payment processors (we do not store full card numbers)
Business transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website before any such transfer.
Legal requirements
We may disclose your data if required by law, court order, or governmental authority, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
Cookies
We use cookies and similar tracking technologies on our website. For full details of every cookie we use, please read our Cookie Policy.
In summary, we use:
- Essential cookies: Required for login sessions and security — cannot be disabled
- Analytics cookies: Help us understand how visitors use our site — disabled by default
- Marketing cookies: Used for retargeting and ad measurement — disabled by default, require consent
You can manage your cookie preferences at any time through the cookie consent banner or your browser settings.
Data Retention
We retain your personal data only for as long as necessary for the purposes described in this policy, unless a longer retention period is required by law.
| Data Category | Retention Period | Reason |
|---|---|---|
| Account data | Duration of contract + 2 years | Account management |
| Invoice & billing records | 7 years | Legal / tax compliance |
| Chat transcripts | 1 year | Quality assurance |
| Marketing data | Until consent withdrawn | Consent-based |
| Website analytics | 26 months | Anonymised, aggregated |
| Security & access logs | 90 days | Fraud prevention |
When data is no longer required, it is securely deleted or anonymised so it can no longer be linked to you.
Security
We implement industry-standard technical and organisational security measures to protect your personal data against unauthorised access, loss, destruction, or alteration:
- All passwords are hashed using bcrypt with 12+ rounds — we never store plaintext passwords
- Authentication tokens are stored in httpOnly, Secure, SameSite cookies
- All data is transmitted over TLS/HTTPS encryption
- Access to production systems is restricted to authorised personnel only
- We conduct regular security audits and vulnerability assessments
- Data backups are encrypted at rest
Despite these measures, no method of transmission over the internet or electronic storage is 100% secure. If you become aware of any security issue, please contact us immediately at security@helpdeskexpert.com.
Your Rights
Depending on your location, you may have the following rights regarding your personal data:
For EU/UK residents (GDPR)
- Right of access — request a copy of the personal data we hold about you
- Right to rectification — request correction of inaccurate or incomplete data
- Right to erasure("right to be forgotten") — request deletion of your data where there is no compelling reason for us to continue processing it
- Right to restrict processing — request that we limit how we use your data
- Right to data portability — receive your data in a structured, machine-readable format
- Right to object — object to processing based on legitimate interests or for direct marketing
- Rights related to automated decision-making — we do not make solely automated decisions that significantly affect you
For California residents (CCPA)
- Right to know what personal information we collect and how it is used
- Right to delete personal information we have collected
- Right to opt out of the sale of personal information (we do not sell data)
- Right to non-discrimination for exercising your privacy rights
To exercise any of these rights, please email us at privacy@helpdeskexpert.com. We will respond within 30 days (or within the timeframe required by applicable law).
Children's Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will delete it promptly.
International Data Transfers
HelpDesk Expert operates globally. Your personal data may be transferred to and processed in countries other than your own. When we transfer personal data outside the European Economic Area (EEA) or UK, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions for countries with equivalent data protection standards
- Data Processing Agreements with all sub-processors
Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes, we will:
- Update the "Last updated" date at the top of this page
- Send an email notification to registered account holders
- Display a banner on our website for 30 days after the update
We encourage you to review this page periodically. Your continued use of our services after any changes constitutes acceptance of the updated policy.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please reach out to us:
HelpDesk Expert — Privacy Team
You also have the right to lodge a complaint with your local data protection authority. For EU residents, this is your national supervisory authority. For UK residents, this is the Information Commissioner's Office (ICO) at ico.org.uk.