We understand that we have a morale and legal responsibility in respecting your privacy and taking care of any personal data we may hold about you. If you would like to contact us regarding your personal data, you can do this by phone, email or writing to us. Our contact details are at the bottom of this policy and on the Company / Contact Page of our website and any enquires regarding your personal data should be addressed for the attention of our Data Protection Officer.

The following policy explains how we collect, store and use personal data when you visit the (CM2000 / RosterPlus / Ezitracker) or other HAS Technology Ltd websites, when you enter into dialogue or a transaction with us and when we are processing personal data in accordance with the services we provide.It also describes the types of data we collect, how we use this data to ensure we provide relevant and timely services to you, and your rights to control our use of that data.This policy lays out our specific commitments, in compliance with and beyond the General Data Protection Regulation(commonly known as the GDPR) and the associated Data Protection Act.

This policy only covers your personal identifiable information on this and other HAS Technology Ltd websites and personal data that we process. There are many links on our website to third party sites beyond our control, and we suggest that you always check the privacy policies of these sites before using them. Also, this policy does not cover the personal data processing activities of anyone for whom we process personal data as a data processor, i.e. in accordance with their instructions.

By visiting this or our other websites, and in providing any personal data about yourself to us, you are confirming that you have read, understood and accept our policies and practices. If you are at all uncertain about any aspect of our policies and practices, please contact us and refrain from using this website and our other websites.

Your personal information

Collecting very specific, relevant personal data is a necessary part of us being able to provide you with any services you may request from us or in providing services to our customers.

We will only use your personal data for the legitimate purpose for which it was collected, and we will do this in a fair and in a secure and transparent manner. We will never use your personal data for any other purpose unless you have clearly agreed to it, or it is necessary for legitimate interests. When we hold or use your personal data as a data controller we provide to you a privacy notice which sets out in detail how your personal data may be used and the reasons for these uses, together with details of your rights. Where we collect personal data from you directly, we will provide this privacy notice at the time we collect the personal data from you. Where we receive your personal data indirectly, we will provide this privacy notice when we first contact you or within a month, whichever is earlier.

We will only provide this privacy notice to you once, generally at the start of our relationship with you as a data controller. However, if the applicable privacy notice is updated, then we will provide you with details of the updated version. Copies of our current privacy notices for customers and suppliers can be found at www.cm2000.co.uk/privacy-policy or further copies are available on request.

Data Controllers/Data Processors

Please note that where we are processing your data on behalf of a third party in many cases we will only process your data as a data processor, i.e. someone only processing data in accordance with the instructions of another person. This is usually as a data processor of one of our customers. In these cases, we will not process your personal data as a data controller, i.e. someone is able to control and decide how personal data is used.

This distinction is important. You have certain rights in relation to your personal data, for example the right to be provided with the personal data held about you and details of its use and the right to have certain of your personal data either erased or anonymised, commonly referred to as the right to be forgotten. These rights can generally only be exercised against a data controller of your data. In some cases, this means that you cannot exercise these rights against us directly (i.e. where we only act as a data processor), but you can do so against the data controller (i.e. the person who controls how we process the personal data). In these cases we will endeavour to inform you who is the data controller of your personal data so that you can direct any such requests to them.

Also it is only a data controller that will provide you with a privacy notice about your personal data, so where we process your personal data as a data processor for a third party, that third party should provide you with a privacy notice which will set out details regarding the processing of your personal data, which should also include the processing to be carried out by us on their behalf.


HAS Technology Ltd respects your privacy and safeguards your personal data. We always aim to treat personal data with respect, and to treat it as we would wish our own personal data to be treated and to keep it secure. We do not sell personal data to third parties.

What personal data do we collect?

You will be asked for personal data such as your name, address and email address when you register, make an enquiry or order products and services from us.

How do we use your personal data?

Where appropriate, we use your personal data to:

  • enter into, or perform, a contract or arrangement;
  • comply with a legal duty;
  • remember your preferences e.g. if you ask not to receive marketing material, we will keep a record of this;
  • remember your preferences for our own legitimate interests (such as marketing, internal record keeping, market research or to improve our products or services), provided your rights don’t override these. This may include:
  • providing you with industry related news / research reports
  • letting you know about our new products and services in which you may be interested
  • informing you about changes and improvements to our products and services and to this website
  • for profiling and internal research purposes.

More details will be included in the privacy notice provided to you about the processing of your personal data.

If you register to receive email communications from us alerting you to news and offers, you can opt-in or out of receiving these at any time. You can do this by completing the contact us form on the Website or by sending an email to: marketing@cm2000.co.uk

Transfer of data

If we transfer personal data about you outside the European Economic Area (EEA), we will ensure that all reasonable security measures are taken and that any third party processers will be required to process the data in accordance with data protection laws and we will notify you in your privacy notice if we are the data controller. However, we only currently store personal data within the European Economic Area (EEA). If one of our subcontractors (such as a payment processor) needs to transfer it outside of the EEA, then we will take steps to make sure there are adequate levels of privacy protection and to notify you if this is the case in your privacy notice.

Who we will disclose your personal data to

HAS Technology Ltd. does not sell, trade or rent your personal information to others. Where we collect your personal data directly, your details will be added to our database to process your request, and so that you can be kept up to date with relevant details relating to our products and services. From time-to-time, HAS Technology Ltd. holds joint events with selected partners. If you book to attend one of these events, your details will be made available to the partner. You will be advised of this at the time of booking. You can opt-out of receiving any marketing communications from HAS Technology Ltd. or our event partner at any time.

Your personal data may be required to be passed to a third party if they need it to fulfil your order(s) for our products and services, or to execute the communications we send to you.

Where we process your personal data as a data processor for a third party, then your personal data will be accessible to and may be transferred to the third party who is the data controller.

Except as set out above, we shall not disclose your personal data unless obliged to, or allowed to do so by law, or where we need to do so in order to run our business (e.g. where other people process data for us). In such circumstances, we will normally put in place confidentiality or non-disclosure undertakings and other arrangements to protect your personal data.

Marketing messages

You can opt-out of any marketing messages we send you at any time using the ‘unsubscribe’ link in our emails, or by emailing marketing@cm2000.co.uk.


We employ a variety of technical and organisational measures to keep your personal data safe and to prevent unauthorised access to, or use, or disclosure of it. Unfortunately, no data transmission over the Internet is guaranteed 100% secure nor is any storage of data always 100% secure, but we do take all appropriate steps to protect the security of your personal data. As a market leading IT service provider, HAS Technology Ltd takes data and system security very seriously indeed and is certified to both ISO 27001:2013 Information Security and ISO22301 Business Continuity systems.

Rights regarding your personal data

You have a qualified right to access the data we hold about you. If you wish to do this please submit a request to The Data Protection Officer, HAS Technology Ltd, Four Oaks House, 160 Lichfield Road, Sutton Coldfield, West Midlands, B74 2TZ or by email to dataprotectionofficer@hastl.com, We will:

  • tell you whether any of your personal data is being processed by us
  • provide a description of the personal data, the reasons it is being processed, and whether it will be given to any other organisations
  • provide to you a copy of your personal data and, where available, the source of the data.
  • We will do this within the prescribed 1 month period allowed, however, should the request involve complicated data flows across multiple systems, this time period could be extended, but we will always make contact with you at the point a request is raised.

You also have a qualified right to have your personal data either erased or anonymised, which is commonly referred to as the right to be forgotten. Again, if you wish to do this please submit a request to The Data Protection Officer, HAS Technology Ltd, Four Oaks House, 160 Lichfield Road, Sutton Coldfield, West Midlands, B74 2TZ or by email to dataprotectionofficer@hastl.com We will

  • Assess what if any of your personal data is covered by the right to be forgotten
  • Explain to you the reasons for any personal data which is held by us not being subject to the right to be forgotten, for example its retention is required by law

If you wish to invoke any of the other rights that you may have in relation to your personal data, for example rights to rectification, right to restrict processing, right to portability, right to object to processing and the right to object to automated decision making then you can only do so to the data controller. We may not always be the data controller of your personal data, so you may not always be able to invoke these rights against us.

Online advertising we use

We use Google AdWords Remarketing to advertise HAS Technology Ltd. products and services across the Internet. AdWords Remarketing will display relevant ads tailored to you based on what parts of the HAS Technology Ltd website you have viewed by placing a cookie on your Internet browser.The cookie does NOT in any way identify you or give access to your device.Google AdWords Remarketing allows us to tailor our marketing to better suit your needs and only display ads that are relevant to you.

How to opt out of Remarketing and advertising

If you do not wish to participate in our Google AdWords Remarketing, you can opt out by visiting Google's Ads Preferences Manager.

You can also opt out of any third-party vendor's use of cookies by visiting: www.networkadvertising.org/choices/

Inaccuracies and corrections

We endeavour to keep your personal data accurate and up to date. If you become aware of errors or inaccuracies, please email marketing@cm2000.co.uk.

Changes to this policy

This Privacy Policy may change at any time, so you may wish to check it each time you visit our website. This page was last updated in February 2018.


In order to provide you with the best, tailored experience our site will need to place small text files, or 'cookies', on your computer.

Most cookies that we use are 'session' cookies and only exist for the time that you are using our site. They perform functional tasks such as remembering that you are logged in as you move from page-to-page, or to pre-load your personal details into forms to save you time.

We also track cookies anonymously to fuel our site analytics and learn how to improve your experience and hone the relevance of our products and services.

We also use cookies in our emails to track open rates and other performance indicators – again, so that we can continually improve the relevance and experience of our offering to you.

You can set your browser to reject all cookies. Please note that if you do this then certain areas of this website may not be able to function for you. Choose a browser setting that rejects third-party cookies but allows the benign, functional ones that make the good stuff work.

You can find more information about the insectionidual cookies we use and the purposes for which we use them in the table below:

Cookie Name Purpose
.AspNetCore.Cookies This Cookie holds the autheniticated users JWT token which enables single sign on.
mouseFlow Mouseflow is used by HAS Technology to evaluate the user interaction with our web sites. to opt out please visit https://mouseflow.com/opt-out/
Accessability This is stored to maintain accessability options for this site.

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org. We also use technology that uses Internet Protocol (IP) information exchanges during the course of normal web activity, combined with data enhancement technology to get detailed analytics information. This allows us to gauge how well our website is performing.

Contact with HAS Technology

All communications regarding Information Security and Data Protection should be directed to our Data Protection Officer, at dataprotectionofficer@hastl.com or via mail to Data Protection Officer, HAS Technology Ltd, Four Oaks House, 160 Lichfield Road, Sutton Coldfield, West Midlands, B74 2TZ. Subject Access Requests or requests to invoke other rights can also be sent to this address or sent direct to datasubjectsrights@hastl.com