With Digital Transformation
Who we are:
TieTek is a digital consultancy company established by Grant Ripley and Craig Malcolm.
This Privacy Notice sets out how we process personal data (information) that we may collect during our work with you or when you contact us, how we will use it responsibly and how we keep it safe and secure. It also demonstrates our commitment to complying with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA).
What type of information we collect:
We currently collect and process, or create, the following information depending upon the type of contact we have with you or the work that we are undertaking for you:
Name, address, telephone number, email address and job title.
Personal financial information (where necessary).
Electronic identifiers, such as your IP address.
How we retrieve this information and reasoning as to why we hold it:
Most of the information we process is provided to us directly by you for one of the following reasons:
You have asked or agreed (consented) to join our mailing list where we may provide you with updates on our services.
You are a client that we are working with and we need to collect this information to enable us to work with you.
We are monitoring contracts and performance of these.
You are joining a training course with us.
We may also receive information indirectly, from the following sources in the following scenarios:
Your employer if they are our client.
Case studies that our client provides to us.
We may also use your information for the preparation of finances and invoices.
Our legal bases:
We have a number of legal bases for processing your information in line with GDPR. These will vary depending on the work or support we are providing to you.
Where we have agreed to work with you, or to provide you with training, our legal basis will be a contractual obligation.
Where you have joined our mailing list, the legal basis will be consent. You are able to withdraw or remove your consent at any time by contacting us at email@example.com.
To enable us to operate and administer our business, and to ensure that we can business plan effectively, we have a legitimate interest in processing some personal information. This helps us to remain accountable to our clients and those we may contract with.
What we do with the information we have:
We use the information that you have given us in order to provide our digital consultancy services.
We may share this information with other organisations if required to do so, but this will be with your knowledge and consent. We may also share your information with your employer or charity where this is necessary, you have attended training with us, or it is required in accordance with the requirements of any relevant legislation.
Except for the purposes described above, we do not allow third parties to have access to your personal information unless we are required to share your data with them by law or we are ordered to do so by a Court.
How we store your personal data:
Keeping personal data safe and secure is important to us and we have policies and procedures to do this. We use Google Drive, through the premium version of G-Suite to store your personal data. Where possible we will store your data in the UK, however, a service provider may use storage facilities within the EU / EEA. We also use FreeAgent accounting software which is a UK based company. We will ensure that we have contracts in place for any external service providers or contractors.
We have a retention schedule which gives detail on how long we keep data for, but in general we will keep it for a period that is required by law, for example financial records or HMRC records will be kept for 6 years. Contracts will be kept for 6 years after the end date of the contract. We may keep personal data for longer where you have consented to us keeping it.
If you have consented to your personal information being used for marketing purposes, it will be kept until you inform us that you no longer wish to receive this marketing.
When we no longer need to keep your personal data, we will then dispose of this by secure shredding (paper records) or by secure and permanent deletion (electronic records).
Your data protection rights:
You have a number of rights relating to the processing of your personal data. You can ask to see the personal data that we hold about you (known as a Subject Access Request), or even ask us to correct it or have it deleted.
Where you have provided personal data with consent, you can withdraw this consent at any time. Please send an email to firstname.lastname@example.org with the subject “Withdraw Consent” if you wish to do this.
You are not required to pay any fee for exercising your rights. If you do make a request, we have one month to respond to you. Please contact us at TieTek, email@example.com if you wish to make a request.
More information on your rights can be found on the Information Commissioner’s website at www.ico.org.uk.
How to complain:
If you wish to raise a complaint on how we have handled your personal data/information, you can contact us in the first instance, and we will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, Telephone 0303 123 1113 (local rate) or by email to firstname.lastname@example.org.