TCC collects your personal data, including information provided in various ways. Some of this data is obtained directly from you, including:

• In emails, during telephone calls and conversations, from business cards, when registering for services, as part of providing our services, when participating in surveys and webinars, and when using TCC’s websites.

Some personal data may also be obtained indirectly, such as:

• From other organisations and public sources (for example LinkedIn). Learn more here.
• From your use of, and interaction with, our website and the devices you use to access them, using technology such as cookies.

The data that we collect will depend upon our interactions with you and the privacy settings and features that you choose. The personal data we collect normally includes names, job title, company, IP addresses, cookie strings and contact details such as phone numbers and email addresses. Find out more.

TCC will only process your data where we have a legal basis for doing so. TCC uses the data collected to communicate with you, carry out our services and to conduct direct marketing of our services and services related to our sister company Record Sure Limited which offers technology systems and services that are complimentary to the services provided by TCC. We will also use your data to improve or maintain the services we offer to you and our website. We will never share your data with any other third party, other than those stated in this policy, nor use your data for any other purpose, unless we firstly obtain your explicit consent to do so.

We may use your data for profiling. This means we may use all the personal data we hold on you from a variety of sources to build up a picture of your interests, behaviours and preferences. This profile may combine personal data such as job title, sector, company with your interactions with our website and marketing communications obtained through cookies. We may also enrich this information with other intelligence derived from social media, conversations we have with you or inferred insights from people similar to you. We use these profiles to segment you into certain audience types to target our direct marketing and this enables us to provide you with information and promotions that are likely to be relevant to you. These profiles are not solely automated (we use both human analysis and technology to form these profiles).

We may also use data such as your name and job title to personalise communications you receive from TCC and our website.

We collect and keep a limited record of visitors who come onto our premises for the purpose of contact tracing. We may use your data to support NHS Test and Trace (which is part of the Department for Health and Social Care) in England, DHSC has provided guidance which we have chosen to follow. The following information will be collected:

• the names of all visitors
• a contact phone number for each visitor
• date of visit

You have the right to access, rectify, erase, object and restrict the processing of your personal data. You also have the right to object to our profiling and enrichment activities and can opt-out of receiving our marketing communications at any time.

Our legal basis for processing your personal data may rely upon our Legitimate Interest or Legal Obligation. Further information can be found here.

TCC shares your data with the following third-party service providers. The data storage and processing systems are protected by access controls, to minimise any risk to the integrity or security of your personal data, and the data is stored in servers in the UK, EU and USA. Where the data is stored in the USA, the company (Salesforce) is certified by the EU-US Privacy Shield.

• Salesforce / Pardot – customer relationship management and marketing automation software that is necessary to process your data securely.
• Typeform – survey software necessary to gather responses to questionnaires used as part of marketing activities or feedback.
• Demio – webinar software necessary to host webinars and manage attendance.
• Zapier – workflow automation apps necessary to transfer data from software we use, such as from Typeform to Salesforce.
• Microsoft Sharepoint – intranet and file storage and management for TCC projects. This is necessary to store some of your data securely, particularly as part of the services we are providing.
• Access Dimensions – financial management platform. Your data may be stored here relating to any invoicing activity undertaken.
• NHS Test and Trace – to help to identify people who may have been exposed to coronavirus.

TCC will ensure that any third-party processor has adequate data protection measures in place that align with the requirements of the GDPR by conducting periodic due diligence. TCC will not share your data with any third-party processor outside of the UK, EU or USA.

TCC does not sell your personal data or other information to any third-party.

TCC stores personal information on a secure database which is shared with our sister company Record Sure Ltd (Recordsure). Although data is stored centrally, communication is segmented between the separate companies. You can manage your TCC email preferences here. To unsubscribe from Recordsure emails use the unsubscribe link within the email.

Where possible we will tailor the content we send subscribers to keep it relevant, for example, if you work in compliance we will share compliance specific material with you.

Once TCC has received your information we are committed to ensuring we have all necessary technical and organisational controls in place to keep your information secure. In order to prevent unauthorised access or disclosure TCC has put in place suitable physical, electronic and managerial procedures to safeguard and secure the information TCC collects.

TCC will only keep your personal data for as long as necessary for the purposes for which it was obtained. Personal data will be retained for the purposes of direct marketing, relationship management and business development, or where we have another legal basis for processing (such as your consent or where we have a contract to provide our services to you). TCC will review the personal data we hold on you every 12 months to check for accuracy and relevancy and to ensure that we continue to have a legal basis for processing. If the personal data is no longer necessary, or where we no longer have the legal basis for processing, we will delete or fully anonymise the data we hold on you, in line with our GDPR Policy. If your data becomes inaccurate, we will update it accordingly.

The exception is information collected from surveys, feedback and questionnaires, which are held only for the duration of its usefulness i.e. the duration of a campaign. The data is then anonymised and retained for internal evidential purposes, or deleted.

TCC will be more than happy to help you should you have any complaints about the processing of your personal data. Find out how to contact TCC to exercise your rights.

Under the GDPR, you have the right to lodge a complaint with the Supervisory Authority, the Information Commissioner’s Office (ICO), who are the national authority responsible for the protection of personal data. A complaint can be made to the ICO via their website: ico.org.uk or through their helpline: 0303 123 1113.