What information do we hold?
How and why do we use your personal information?
Who do we share your information with?
Where is your information stored?
Contacting us and making a complaint
We are Tribe, part of the ThirdWay Group Limited, of Morelands, 5-23 Old Street, London, EC1V 9HL. The ThirdWay Group’s appointed GDPR representative and data protection officer is the Chief Operations Officer.
The information we hold on you and how we use it will vary depending on the nature of your relationship with us.
We will collect, process and store personal information about you which will be stored within our secure internal systems. This personal information may include your
* name, address, contact details;
* job tile & name of your employer;
* IP address, browser types, device being used;
* details of our interactions and correspondence with you (specifically our emails with you and the notes we make in relation to our telephone conversations, meetings or other interactions with you);
Most of the information described above comes directly from you but we do obtain some from publicly available information.
We only use this information for the purpose of legitimate business interests being pursued by us in relation to the services or products that we provide. For example, we will use your information:to contact you to discuss our services and products (and any changes to them); to respond to any questions or concerns you have raised; to deal with administrative matters such as invoicing and renewal; and to otherwise carry out our obligations arising under a contract and to enforce the same.
In particular, we use your information:
* Where we have obtained your consent (and before any withdrawal of your consent – see below). Including to:
* Where it is necessary for the performance of a contract with you.
* In line with our legitimate business interests to:
o prevent fraud;
We will not use your information for any other purposes unless we are required to do so by law, in connection with any legal proceedings, or in order to establish, exercise or defend our legal rights.
Where we have relied on our legitimate business interests to process your personal data, you may contact us to obtain more information, including in relation to our assessment of the impact on you.
Your information will be shared internally amongst our staff but they will only use it to carry out their duties in line with the purposes set out above. We will need to share your personal information with others from time to time, including:
* our professional advisers, such as our accounting, legal advisers where they require that information in order to provide advice to us;
* other regulatory authorities in accordance with our legal obligations;
* our group companies for the purposes of legitimate business interest;
* if another entity acquires us or our assets, your information may be disclosed to that entity as part of the due diligence process and, if the acquisition goes ahead, your information will be transferred to that entity;
We will also disclose your personal information if we are required to do so by law or to a law enforcement agency.
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
You have the following rights regarding your information:
Rights What does this mean?
1. Right to be informed
3. Right to rectification You are entitled to have your information corrected if it is inaccurate or incomplete.
4. Right to erasure This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
5. Right to restrict processing You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
6. Right to data portability You have the right to obtain and reuse your personal data in a structured, commonly used and machine readable format in certain circumstances. In addition, where certain conditions apply, you have the right to have such information transferred directly to a third party.
7. Right to withdraw consent If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful).
If you are not satisfied with our response or you believe our use of your information does not comply with data protection law, you can make a complaint to the UK regulator in relation to data privacy, being the Information Commissioner. See www.ico.org.uk for more information.