Cloud Direct

How we help

Technical consultancy

Assurance and Security

Innovation

Getting AI Ready

Adopting AI can seem complex, but it doesn’t have to be. The secret to successfully implementing AI is putting the right foundations in place.

Find out how

What we do

Microsoft Azure

Data & AI

Microsoft Modern Work

Security

Getting AI Ready

Adopting AI can seem complex, but it doesn’t have to be. The secret to successfully implementing AI is putting the right foundations in place.

Find out how

Explore

Resources

Company

Industries

Bulb Icon

The Learning Hub

All your questions answered

Browse learning hub
Legal

Privacy policy

At Cloud Direct, we are committed to protecting and respecting your privacy.

Cloud Direct is the trading name of On Direct Business Services Limited. This Privacy Policy explains how we use personal information belonging to our customers, visitors to our website and offices, and other interested parties.

Cloud Direct strive to ensure our full compliance with all relevant data privacy laws, this is underpinned by our cross-organisation management system which leads our ISO and Microsoft certifications, and our legal compliance.

Any questions regarding this Policy and our Data Protection Procedures should be directed to the IMS Team by:

  • Emailing ims@clouddirect.net, or
  • Writing to us at: Data Protection Team, Cloud Direct, The Vaults, 1 Bartlett Street, Bath, BA1 2QZ

What type of information is collected from you?

The personal information we collect may includes:

  • Personal contact information and email address
  • Employment details including job title, function and employer
  • Identification numbers, unique IDs and IP addresses
  • Images/video (CCTV) of you entering/exiting our offices reception areas, or in close proximity to the entrances to our offices

The personal information collected will be appropriate to the processing required and the above data is not applicable to every processing scenario.

How do we collect information from you?

We collect information about you from various sources, typically:

  • When you visit and use our website
  • When you enquire about our products and services (online, in-person, virtually such as phone or email)
  • When you visit/approach our offices (CCTV, visitor records)
  • When you sign a contract of employment or product/service supply
  • From trusted third parties, with whom you have agreed to data sharing

We may also record calls and meetings for training and service quality monitoring purposes, and where AI based transcription is used.

How is your information used?

We may use your information to:

  • Process an order you have submitted
  • Carry out our obligations arising from any contracts entered into by you and us
  • Seek your views or comments about the product or service we provide you with
  • Notify you of changes to our products or services
  • Send you communications and information which you have requested or that may be of interest
  • Have appropriate security in place for our offices
  • Deter and prevent Crime and Anti-Social Behaviour around our office locations, and for reporting to legal bodies and other relevant third parties

We review our data retention periods regularly and are required to keep certain data to fulfil our statutory and legal obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.

CCTV recordings are retained for 14 days upon which time they are securely destroyed. The exception to this is where recordings are required to be preserved as evidence in legal or other proceedings.

These periods are governed by our formal retention policy (further details available on request).

Use of Artificial Intelligence (AI) and Personal Data

At Cloud Direct, we are committed to protecting the privacy and rights of individuals whose personal data we process. This commitment extends to the responsible and transparent use of Artificial Intelligence (AI) technologies across our operations.

Cloud Direct uses AI tools to enhance operational efficiency, support customer engagement, and improve services we deliver into the technology marketplace. Our AI systems are designed and deployed with a strong emphasis on ethical use, transparency, and compliance.

Key principles guiding our use of AI include:

  • Transparency: We do not use AI for automated decision-making involving personal data. Where AI tools are used, we ensure individuals are informed and aware of its role in data processing
  • Lawfulness: All AI-related data processing is documented and aligned with this Privacy Policy, Terms and Conditions, IMS Policy and related governance policies. We conduct Data Protection and AI Impact Assessments for AI implementations
  • Fairness and Accuracy: We assess the statistical accuracy and fairness of AI outputs, particularly where personal data is involved. AI tools are subject to regular review to ensure they do not introduce bias or discrimination.
  • Security and Minimisation: Personal data used in AI systems is minimised, anonymised where possible, and protected through robust security measures.
  • Individual Rights: We uphold the rights of individuals in all AI-related processing, ensuring that data subjects can exercise their rights without obstruction.

Our AI governance framework is informed by guidance from the Information Commissioners Office (ICO), National Cyber Security Centre (NCSC), Microsoft and relevant legislation.

Lawful basis for processing

Cloud Direct will utilise a lawful basis for processing in line with Data Privacy Laws. This will typically be one or more of the following:

  • Consent
  • Contract
  • Legal obligation
  • Legitimate interests

It is noted that the following Lawful basis also exist. Whilst these are not typically utilised, Cloud Direct reserve the right to utilise these should the need arise.

  • Vital interests
  • Public task

Who has access to your information?

Cloud Direct staff have appropriate access to your information, in line with their job role and the tasks they undertake. We share your personal data with your consent or as necessary to complete any transaction or provide any product you have requested or authorised. We may also share data with Cloud Direct-controlled affiliates; with vendors and suppliers working on our behalf; when required to by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of Cloud Direct and its products; and to protect the rights or property of Cloud Direct.

Cloud Direct will not share your information for marketing purposes with third parties other than those working on behalf of Cloud Direct. A list of third parties that have access to your information is available on request.

Your choices

We like to send information about products and services of ours which may be of interest to you. You have a right at any time to stop us from contacting you for marketing purposes. If you no longer wish to be contacted for marketing purposes, please email marketing@clouddirect.net.

You have rights under the Data Protection Act (2018) which Cloud Direct are fully compliant with.

  • Right to be informed
  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Rights related to automated decision-making including profiling

If you wish to exercise any of your rights, please:

  • Email ims@clouddirect.net or
  • Write to us at: Data Protection Team, Cloud Direct, The Vaults, 1 Bartlett Street, Bath. BA1 2QZ

Use of cookies

Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.

Our Cookie Policy is available here.

Notice to end users

Our products and services are intended for use by organisations and are normally administered to you by your organisation. Your use of these products or services are subject to your organisation’s policies, where they exist. If your organisation is administering your use of our products, please direct your privacy enquiries to your administrator.

Other important privacy information

Additional information on Cloud Direct’s approach to customer privacy can be found in the General Terms and Conditions.

Review of this Policy

We keep our Privacy Policy under regular review and we will place any updates on this webpage. This Privacy Policy was last reviewed in September 2025.