Privacy policy

About Us

CoopSys is the trading name of Cooperative Sytstems Limited (Company# 02151276).

We operate as a Managed Service Provider (MSP) providing IT services to charities and other organization in the not-for-profit sector.


Our Commitment

At CoopSys we will always respect your privacy and take the security of your personal data extremely seriously. We will only process your information in a fair, transparent and lawful way and will aim to ensure that all personal data is held securely and is accurate and up-to-date.

When you share your information with us through the website and other channels, we want you to feel confident that your data is kept securely and that it will only be processed in ways about which you have been informed and,where appropriate, have given your consent.

CoopSys adheres to the requirements of the Data Protection Act (2018) and the General Data Protection Regulation 2016/679 (GDPR).

Should you have any questions relating to this notice or our processing of personal data, please email DataProtection@CoopSys.Net or contact us at the address below.

Navigate through our policy:

1. How Do we Collect Your Data?
2. What Personal Information We Collect?
3. How do we Use Your Information?
4. Sharing Data with Third-Parties
5. How do we Keep Your Data Secure?
6. Marketing
7. Your Rights
8. Links
9. Changes to Our Policy
10. Contact Details


1. How do we collect your data?

CoopSys collects and processes information about our users, suppliers, employees and other individuals it deals with in its day to day business.

Most of this information will be provided by you when:

  • You or your company register to use our services
  • You sign up online to receive our newsletter
  • You contact our service desk to obtain support
  • You apply for a job or take up a position with our team
  • You register your information with us as a supplier

We may also obtain information from other sources such as our clients, business partners or information from publicly available websites.


2. What Information do we collect?

The information we collect will depend on the nature of our relationship with you, but may include:

  • Your name & address
  • Contact details (email / telephone)
  • The company for which you work
  • Your use of our services
  • Your job role or title
  • Recording of calls made to our service desk
  • Details of your interest in our services
  • Payment details
  • Your feedback on the performance of our service

For employees we may also collect:

  • National Insurance Number
  • Tax details
  • Work history
  • Payroll information
  • Statutory information regarding sickness and maternity
  • Next-of-kin or emergency contact
  • Performance reviews
  • Bank Details
  • Medical information
  • Absence records


3. How do we use your information?

CoopSys will only use your information in a fair and transparent manner and where we have a legal basis for doing so.  We will never sell your information or disclose it to anyone without informing you.

Information will only be tetained for as long as it is required for the purpose for which it was collected and in accordance with our Data Retention Policy.

Use of Personal Data

Legal Basis

Retention Period

To administer and deliver the IT services agreed with you or your company.

Performance of a contract

Up to six years from end of contract.

To obtain feedback on CoopSys services

Legitimate Interests

One year

To prevent and detect breaches of our network security, the law or our contractual terms.

Legitimate Interests

One year

To send you information about CoopSys products and services which may be of interest to you or to invite you to events.


One year

To manage the payment of accounts, validate bank and payment details.

Performance of a contract

Six years from date of transaction

To administer employee records, payment of salaries, tax, NI and pension contributions.

Performance of a Contract

Six years after end of employment

To complete statutory returns to HMRC and other government agencies

Legal Obligation

Six years after end of employment

To manage the processing of employee disciplinary and grievance procedures

Performance of Contract / Legitimate Interests

Six years after end of employment


4. Sharing Data with Third-Parties

Under certain circumstances, it may be necessary to share your data with third parties.

Where we need to do so, we will only disclose the minimum amount of personal information in order to provide the service required.

We have implemented data processing agreements with each of the third parties and have checked to ensure that your data will be kept safe and your rights observed while the data is in their care.

Third Party

Data Use

IT Service Providers

To support, host and maintain our information systems and networks.

Payroll / Accountants
Ross Brooke (

To pay employee salaries and manage tax information.

Employee Benefits Providers

To manage the delivery of employee benefits to staff

We reserve the right to share your information with other third parties in the context of a possible sale or restructuring of the business or part thereof.


5. How do we keep your data secure?

CoopSys have implemented technical and organisational measures to protect the security, integrity and availability of the data within our control. Our servers and systems are hosted in a secure data centre access to which is restricted to authorised personnel only.

Transfers outside the EU

Our data centre is hosted within the UK, however from time to time we may use service providers where we transfer your personal information outside of the EU. Whereever this is necessary we will ensure that

the country to which we send the personal information is approved by the European Commission

or if the recipient is located in the US, that it is a certified member of the EU-US Privacy Shield scheme.


6. Marketing

With your agreement CoopSys may contact you about those of its services which may interest you and  in some circumstances to invite you to client entertainment and similar events by mail, fax, email and (in certain limited circumstances) by telephone from time to time.

If you do not wish to receive marketing communications, please let us know by completing the opt-out contained in our communication, or contacting us using the details below.


7. Your Rights

The GDPR legislation provides you with a number of rights in relation to your personal data.
You may exercise these rights by contacting or by writing to us at the below address.


Right to Withdraw Consent

Where you have consented to our processing of your data, you have the right to withdraw that consent at any time.


Right to Access

You have a right to obtain copies of the information that we hold about you.

To request access to any data, please write to us explaining which data you require. In the interest of security, you will need to prove your identity before any information can be shared with you.


Right to Rectification

It is important to us that the information we hold is accurate and up-to-date. 
If you believe the data we hold is inaccurate, please tell us in the first instance, or use the update page available on the website.


Right to Erasure or the Restriction of Processing

In certain circumstances you can ask us to remove your data. If there is a legal reason for us to continue holding the data we will let you know, otherwise we will make efforts to comply with your request.
You may ask us to restrict our processing of your data if:

  • We are using the data for marketing
  • You believe that our processing of the data is unlawful
  • You object to us using your data (pending investigation)

In these circumstances, we may continue to store your information, but will otherwise only process it with your consent or where we have a legal reason to do so.


Right to Complain

If you are concerned about the way we have processed your personal information, you have the right to complain to the Information Commissioners Officer (ICO).  To do so please refer to the ICO website.


8. Links

Our website contains links to other websites. We make efforts to ensure that these are suitable, but we do not accept responsibility for the privacy practices of the third party. We strongly recommend that you read the privacy policy of any site you visit.


9. Changes to our Privacy Policy

CoopSys reserves the right to make changes to our privacy policy from time to time.

Any changes to our policy will be published on our website at

If appropriate we will also inform you by email of the change.

10. Contact Details


Suite CC3.40

Kennington Business Park




Data Protection contact: