TTL Privacy Policy

TTL respect your personal data, and in line with the General Data Protection Regulation (GDPR), we wish to be completely transparent with how it is used. We take the privacy of your data very seriously and this policy will help you understand what personal data we collect, why we collect it and what we do with it.

When we say ‘we’, we mean Toolroom Technology Limited. We, the organisation (TTL) is the ‘data controller’ that collects data and decides how it will be used.

Please take a moment to familiarise yourself with our Privacy Policy, should you have any questions or concerns please send an email or call 01844 296650. The GDPR does incorporate terminology and acronym’s which are referenced in our Privacy policy, to assist with clarity please refer to the key terms if you are unfamiliar with any of them.

You have the right to object to your personal data being used for direct marketing purposes. These rights are clearly explained below, so please read through them and notify us of any objections.

What personal data is being collected?

  • Personal data you give us directly
  • Personal data we collect automatically, and
  • Personal data we collect from other sources.

You are not required to provide TTL with the personal data that we request, but if you choose not to do so, we may not be able to provide you with our products or services, or with a high quality of service or respond to any queries you may have.

Ways in which we collect your personal data?

  • Upon signing up for a marketing newsletter
  • Engaging TTL services under contract
  • Receiving a quotation for services required
  • The content you view or engage with on our website, through cookies.

Our intentions with your personal data is to;

  • Develop and improve our products and services
  • Enhance our website functionality and customer experience
  • Improve our communications and targeted advertising
  • Access and handle any complaints
  • Analysis of communications and internet engagement.

GDPR Compliance - the ways we process

1. Consent

Any person engaging with TTL for the first time will be asked for their explicit consent to have direct marketing communicated to them. The consent is verbatim to GDPR Article 4;

‘Any freely given, specific informed and unambiguous indication of the data subjects wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her.’

2. Contract

Processing is necessary for the performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract.

3. Legitimate interest

In some instances of existing customers or persons with an existing relationship we may, after a Legitimate Interests Assessment, contact you with information we believe would be of interest. In every communication, we encourage you to update your preferences and will provide the opportunity to opt-out at any time if you feel the information is no longer relevant.

Who your data will be shared with?

Your data may be shared with third-party providers in order to carry out requests, respond to enquiries and fulfil orders.

They have access to personal data needed to perform their functions but may not use it for other purposes. Further, they must process this personal data in accordance with this Privacy Notice and as permitted by applicable data protection laws and regulations.

International data transfers

TTL shares personal data internally or with third-parties for purposes described in this Privacy Notice.

TTL will only send personal data collected within the European Economic Area (EEA) to foreign countries in circumstances such as:

  • To follow your instructions;
  • To comply with a legal duty; or
  • To work with our suppliers.

If we do transfer personal data outside of the EEA, TTL will make sure that it is protected in the same way as if it was being used in the EEA. We’ll use one of the following safeguards:

  • Transfer to a non-EEA Country whose privacy legislation ensures an adequate level of protection of personal data to the EEA one;
  • Put in place a contract with the foreign third-party that means they must protect personal data to the same standards as the EEA; or
  • Transfer personal data to organisations that are part of specific agreements on cross-border data transfers with the European Union (e.g., Privacy Shield, a framework that sets privacy standards for data sent between the United States and the European countries).

How long do we keep your personal data?

Will we keep your personal data for as long as we need it to perform the specific contract you have entered with TTL. For example, to process orders and deliveries, answer queries or concerns and respond to any complaints.

Your data may be retained to prove record suppression. If a data subject asks to be removed from a mailing list, the record would be suppressed so proof of GDPR compliance can be demonstrated.

We will actively review the personal data we hold and delete it securely, or in some cases anonymise it when there is no longer a legal, business or consumer need for it to be retained.

What are YOUR rights?

The GDPR provides the following rights for each individual;

1. The right to be informed
GDPR stipulates any information provided must be concise, transparent, intelligible, easily accessible, and it must use clear and plain language. This is to be consistent from the Privacy Notice through all communications.

2. The right of access
This is commonly known as, a subject access request (SAR) and gives individuals the right to obtain a copy of their personal data as well as supplementary data.

3. The right to rectification
Individuals once access has been granted, have the right to rectification of any incorrect data held on them.

4. The right to erasure
This is also known as ‘the right to be forgotten’, this right is not absolute and only applies in certain circumstances.

5. The right to restrict processing
When processing is restricted, we are permitted to store the personal data, but not to use it. This is not absolute and only applies in certain circumstances.

6. The right to data portability
The personal data you have provided us with is portable. This means it can be moved, copied or transmitted electronically under certain circumstances

7. The right to object
Under certain circumstances, you have the right to object to certain types of processing, including processing for direct marketing (i.e., receiving emails from us notifying you or being contacted with varying potential opportunities).

8. Rights in relation to automated decision making and profiling
You have the right not to be subject to a decision which is based solely on automated processing and which produces legal or other significant effects on you.

In particular, you have the right:

  • to obtain human intervention;
  • to express your point of view;
  • to obtain an explanation of the decision reached after an assessment; and
  • to challenge such a decision.

9. The right to lodge a complaint with a Supervisory Authority
You have the right to lodge a complaint directly with any local Supervisory Authority about how we process your personal data.

10. The right to withdraw consent
If you have given your consent to anything we do with your personal data (i.e., we rely on consent as a legal basis for processing your personal data), you have the right to withdraw your consent at any time. Although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful. You can withdraw your consent to the processing of your personal data at any time by contacting us with the details provided below.

 

Toolroom Technology Limited.
Registered in England number 2224439.
Registered Office: Units 1A&1B Haddenham Business Park Pegasus Way, Haddenham, Bucks HP17 8LJ UK.