The Policy sets out how TICTAC Communications Limited stores and uses the personal data which it collects from individuals in whatever capacity and by whatever means. For information specifically relating to the operation of the TICTAC website www.tictac.org.uk (the Site) please see the section entitled COOKIES below.
TICTAC is a leading provider of drug identification and drug information to the criminal justice and healthcare sectors. Some of our services require the processing of personal data.
The Policy is intended to help you understand how we deal with any personal information we may obtain from you and how you may access, alter, rectify and / or ask us to remove your information from our records. Under data protection legislation TICTAC is the Data Controller in respect of the personal data which we collect. Our Company Number is 03967136 and our registered address is Harwood House 43 Harwood Road, London, SW6 4QP.
OUR COMMITMENT TO THE PRIVACY OF YOUR DATA
- To keep your information safe and private;
- Only to disclose your data to third parties to enable us to carry out our obligations to you;
- Not to sell or exchange your data for marketing purposes whether in explicit or pseudonymised form.
It is important that the personal data we hold about you is accurate and current. Please advise us if your personal information changes during your relationship with us.
THE PURPOSES FOR WHICH WE MAY USE YOUR PERSONAL DATA
The information we may collect from you includes, but is not necessarily limited to personal contact details such as name, title, address, telephone number and email address.
We will only collect the minimum amount of personal data needed to enable us to carry out any legitimate activities of which you are aware.
We will use your personal data to the extent necessary to enable us to respond to your queries and requests and to deal with any instructions that we accept from you.
We may from time to time use your personal details to contact you with information regarding our business services which we believe may be of interest. We consider that we have a legitimate business interest to do so and we will ensure that the impact of such communications is minimal.
You can opt-out of the receipt of marketing information from us by using the unsubscribe/opt-out in any marketing we send you, in writing to the above address or by email to email@example.com
There are instances where we would have to comply with the law and deal with your personal data for regulatory, legal and compliance purposes. These may include:
- Compliance with specific legal and regulatory requirements;
- Gathering information as part of investigations by regulatory bodies or in connection with legal proceedings or requests; and
- When we are investigating complaints.
THIRD PARTY PROCESSING
We do not currently use third parties to process any personal data which we collect.
You have specific rights in respect of your personal data. These are as follows:
The right to be informed – you have the right to be told about the collection and use of the personal data you provide. This Policy sets out the purposes for which we process your personal data, how long we will keep your data and who if anyone we will share your data with. If you have any questions on how and why we process your data please contact us using the contact details set out at the end of this Policy.
The right of access – you have the right to know whether we are processing your personal data, and to a copy of that data. We will need as much information as possible to enable us to locate your data. We will respond to your request within 28 days of receipt of your request. If you want to exercise this right, please contact us using the contact details set out at the end of this Policy.
The right to rectification – you have the right to have any incorrect personal data corrected or completed if it is incomplete. You can make this request verbally or in writing. We will need as much information as possible to enable us to locate your data. We will look at any request and inform you of our decision within 28 days of receiving the request. If you want to exercise this right, please contact us using the contact details set out at the end of this Policy.
The right to erasure – this right, often referred to as the right to be forgotten, allows you to ask us to erase personal data where there is no valid reason for us to keep it. We will look at any request and inform you of our decision within 28 days of receiving the request. If you want to exercise this right, please contact us using the contact details set out at the end of this Policy.
The right to restrict processing – you have the right to ask us to restrict processing of your data. We will look at any request and inform you of our decision within 28 days of receiving the request. If you want to exercise this right, please contact us using the contact details set out at the end of this Policy.
The right to data portability – you have the right to move, copy or transfer your personal data from one IT environment to another. This right applies to data that you have provided to us and that we are processing on the legal basis of consent or in the performance of a contract and that processing is by automated means. We will respond to your request within 28 days of receipt of your request.
The right to object – you have the right to object to our processing of your personal data where we are doing so based on (i) legitimate interests, or for the performance of a task in the public interests/exercise of official authority (including profiling); (ii) direct marketing (including profiling); and (iii) for purposes of scientific/historical research and statistics.
If you want to exercise this right, please contact us using the contact details set out at the end of this Policy.
AUTOMATED DECISION MAKING
We do not currently use any form of automated decision making when processing personal data.
A “cookie” is a small text file which is created on your computer’s hard disk when you access certain websites. Cookies allow the website to recognise your computer. A cookie can identify the pages that are being viewed and this can assist the website operator to select the pages that the visitor sees. Find out more about cookies on http://www.allaboutcookies.org/
THIRD PARTY WEBSITES
TRANSFERS TO COUNTRIES OUTSIDE THE EU
We do not currently transfer any personal data outside the EU.
HOW LONG DO WE KEEP YOUR INFORMATION?
We will only retain your personal information for as long as necessary for the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements, and for any other uses set out in this Policy. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way or improperly altered or disclosed. In addition, we only authorise access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
If you are unhappy with any aspect of our handling of your data you can make a complaint to the Information Commissioner’s Office – https://ico.org.uk/concerns/
Questions, comments and requests regarding this Policy are welcomed and should be sent to firstname.lastname@example.org or in writing to TICTAC Communications Limited, Harwood House 43 Harwood Road, London, SW6 4QP.