Protecting your Privacy: TEC-ID.co.uk
General Data Protection Regulation (GDPR) is the largest overhaul of data protection legislation in almost 20 years. Due to come into force on 25th May 2018, it aims to bring the many differing data regulations across Europe in line with one another, creating a near-universal protection standard for the whole region.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during the relationship with us.
Types of Data we collect
Personal data or personal information means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data)
We may collect, use, store and transfer different kinds of relevant personal data which have been categorised as follows:
- Identity Data
First name, surname, maiden name, title, username
- Contact Data
Billing address, shipping addresses, email addresses and telephone numbers
- Financial & Billing Data
Bank account, payment history, invoices and sales activity. We currently have contact, financial, transactional data from providers of technical, payment and delivery services such as PayPal and Worldpay.
- Transactional Data
Details about payments to and from you and what products and services you have purchased from us
- Technical Data
Includes IP address, login details, browser type and version, time zone setting and location, browser plug in types and versions, operating system, platform and devices you use to access our website.
Technical data for the purposes of supporting the products we sell is also gathered in order to provide after sales support
- Profile Data
Username, password, purchases and orders made by you, your preferences, interests and responses.
- Usage Data
Information on how you use our website
- Marketing & Communications Data
Your preferences in receiving marketing from us and our third parties
- Aggregated Data
Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not reveal your identity. For example we may use aggregated data to calculate product popularity or special promotions. We currently receive aggregated data about you and your website history from analytics providers such as Google Analytics
We do not collect any other categories of data about you that include ethnicity, sex, religious, sexual orientation, political opinions or any information about criminal convictions or offences.
How is your information collected?
We collect your data in the following ways:
- If you contact us with an enquiry and directly provide us with your personal information.
- You create an account with QR TEC Limited or online at www.tec-id.co.uk
- You subscribe to our newsletter.
- You request information from us.
- Any personal details you knowingly provide us through online forms, email or phone such as name, address, telephone number, email address, company address.
- Your IP address and relevant marketing information is gathered by Google and presented via Google Analytics
- As an opt in / out to marketing emails etc.
- If you make an enquiry through one of our approved manufacturers that we distribute on behalf of
- If you attend one of our conferences or training days
- If you provide your business card to one of our staff members
- If you provide your details to one of our sales representatives on one of our exhibition stands or any direct interaction
- Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies.
How do we use your personal data?
We will respect your data and your privacy is important to us. We will only use your personal data when the law allows us to.
Most commonly, we will use your personal data in the following circumstances:
a) Where we need to perform the contract we are about to enter into or have entered into with you.
b) Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
c) Where we need to comply with a legal or regulatory obligation.
We do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
See below a summary of how we may use your personal data:
Registering you as a new customer
Name, address, email, contact details and required products and services will be taken when applying as a new customer
Applying for a credit limit
We use Coface to provide us with credit insurance and will need to share your information with them to apply for a credit limit
Updating you on the progress of an order and shipping the order to you. If you provide us with your customers details in the event of a ‘direct shipment’ we will never share/store or copy this information and will use the address information solely for the relevant purpose. For the purpose of sending orders we use your personal data with third party courier companies to enable orders to go to the right place and be tracked effectively.
Collecting Payments, Managing Fees and Charges
We will use your information for collecting payments due to us
Support & Service
We will use your information to provide support and aftersales care when repairing or troubleshooting a device or software service that we have supplied to you
Marketing & Sales
Your account manager may use your historical transactional data to make suggestions and recommendations to you about goods or services that may be of interest to you
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
We will get your express consent before we share your personal data with any company outside of our company for marketing, sales or technical purposes.
We may need to pass the information we collect to other companies for administrative purposes, technical or after sales service. We may use third parties to carry out certain activities, such as processing and sorting data, shipping services and monitoring how customers use the Website and issuing our emails for us. Third parties will not be allowed to use your personal information for their own purposes.
How do we keep your data Safe?
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We store data on servers either on our premises or at a third-party cloud storage provider. Access to the data is controlled by QR TEC Limited only and protected by firewall, VPN and encryption technologies and protocols.
How long will we use your data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see your legal rights below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Your Legal Rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data. You have the legal right to:
- Request access to your personal data.
- Request correction of your personal data.
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data.
- Withdraw consent.
If you wish to exercise any of the rights set out above, please Contact us at firstname.lastname@example.org or 0844 870 7873
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Payment by phone
We prefer to send a secure payment link by email to our customers so they can securely input their own credit/debit card details onto the secure WorldPay weblink. This means we never see the card details of our customers.
Should our customers not have access to the web and request for us to process telephone orders, we use Worldpay Telephone card processing. We login to their secure portal where card details are directly input into their secure card payment site. Card details are never written down, emailed or stored in any way at QR TEC Ltd. All staff are aware and have been trained on these processes.
Third Party Links
Our website may include links to third party websites, plug ins or applications. Clinking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third party websites and are not responsible for their privacy statements. When you leave our website we would encourage you to read the privacy policies of the websites you visit.
We may share your personal data with the following third parties:
- Professional advisors acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in the UK who provide consultancy, banking, legal, insurance and accounting services.
- HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers based in the UK who require reporting of processing activities in certain circumstances.
- Credit agencies such as Coface acting as processors or joint controllers based in the UK who require personal data to assess you for credit.
QR TEC Limited manages and owns www.tec-id.co.uk and is the controller and responsible for your personal data. We have appointed a data privacy manager and all data privacy policies and training are overseen by the company Directors.
Cookies & Similar Technologies
We may also use the cookies to gather information about your general internet use to further assist us in developing or website. Where used, these cookies are downloaded to your computer automatically. This cookie file is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive and then stored there and transferred to us where appropriate to help us to improve our website and the service that we provide to you.
We use Google Analytics Remarketing features as well as Google Analytics Demographics and Interest Reporting. Meaning, Google provides us with information such as the age and gender of some of our visitors. This information is never used to identify an individual, it is only used as a statistic to help us better identify the demographics of our visitors allowing us to better target content to our visitors. The Remarketing also makes it possible to display ads to you that we think you may be interested in via Google and select other third party sites. You can opt out of this through Google under the “ads” heading in their settings.
All computers have the ability to decline cookies. You can easily decline or remove cookies from your computer using the settings within the Internet Options section in your computer control panel.
Any other websites which may be linked to by our website are subject to their own policy, which may differ from ours.
Notification of data breaches
We will notify the data protection authority within 72 hours of discovery of a data breach, and our customers without undue delay where there exists a high risk to their rights and freedoms.
The right to be forgotten
GDPR enhances an individual’s rights to access any personal information an organisation may have about them, request amendments to inaccuracies, or to have information deleted altogether.
At QR TEC Limited we regularly cleanse our data and it is the job of all technical, sales, accounts, administration and Directors to update our systems with the appropriate contact details and delete old contacts that are no longer relevant. We will not copy, share or store any customer information unless it is relevant
The right to be forgotten entitles you as a customer to have the data controller erase personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. The conditions for erasure, include the data no longer being relevant to original purposes for processing, or a data subject withdrawing consent.