Privacy Policy
We take care to protect the privacy of our clients and their customers.
This privacy notice is a public declaration of how Total Solutions Management Ltd applies the Data Protection Principles and Rights afforded to individuals by the General Data Protection Regulation (GDPR), to the personal data that we process. Total Solutions Management Ltd is committed to complying with the principles relating to the processing of personal data under GDPR.
4 HOW WE USE YOUR PERSONAL INFORMATION
4.1 Where you have provided CONSENT
We may use and process your personal information where you have consented for us to do so for the following purposes:
• to share your personal information with our employees to provide a service or where you have requested a call back;
• to supply service, proposals, brochures and other material you have specifically requested from us;
• to contact you via email, text message, post or telephone with marketing information about our services (see Marketing section below for further details);
• to share your personal information with sub-contractors and our recommended third party partners for them to contact you with proposals and/or marketing information about their products and services. Please see the Marketing section below in this policy to find out more about these third parties; and
4.2 You may withdraw your consent for us to use your information in any of these ways at anytime. Please see Withdrawing your consent in Section 8.4 for further details.
4.3 Where required to perform a CONTRACT with you
We may use and process your personal information where it is necessary for the performance of a contract with you or in order to take steps at your request before entering into a contract with you.
4.4 Where required to comply with our LEGAL OBLIGATIONS
We will use your personal information to comply with our legal obligations including: (i) to assist HMRC, the Police, or any other public authority or criminal investigation body; (ii) to identify you when you contact us; and (iii) to verify the accuracy of data that we hold about you.
4.5 Where there is a LEGITIMATE INTEREST
We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business for the following purposes:
• for analysis, and profiling to inform our marketing strategy, and to enhance and personalise your customer or visitor experience;
• for market research in order to continually improve our services that we deliver to you;
• to administer our websites and for internal operations, including troubleshooting, testing, statistical purposes;
• for marketing activities (other than where we rely on your consent) e.g. to tailor marketing communications or send targeted marketing messages via social media and other third party platforms;
• for the prevention of fraud and other criminal activities;
• to correspond and communicate with you;
• to create a better understanding of you as a customer or visitor;
• for network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;
• to comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
• for the purposes of corporate restructure or reorganisation or sale of our business or assets;
• for efficiency, accuracy or other improvements of our databases and systems e.g. by combining systems or consolidating records we or our group companies hold about you;
• to enforce or protect our contractual or other legal rights or to bring or defend legal proceedings; and
• for general administration including managing your queries, complaints, or claims, and to send messages to you.
5 OTHERS WHO MAY RECEIVE OR HAVE ACCESS TO YOUR PERSONAL INFORMATION
5.1 Company employees
They may use your personal information in the ways set out in ‘How we use your personal information’ in Section 4, in connection with products and services, for example technical support.
5.2 Our suppliers and service providers
We may disclose your information to our third party service providers, subcontractors and other organisations for the purposes of providing services to us or directly to you on our behalf. Such third parties may include cloud services providers (such as hosting and email management) or advertising agencies, administrative services or other third parties who provide services to us. When we use third party service providers, we only disclose to them any personal information that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.
5.3 Other ways we may share your personal information
We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation. We may also transfer your personal information if we’re under a duty to disclose or share it in order to comply with any legal obligation (e.g. by sharing your personal information with the Police), to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our customers.
However, we will always take steps with the aim of ensuring that your privacy rights continue to be protected.
6 WHERE WE STORE YOUR PERSONAL INFORMATION INSIDE THE EEA
6.1 We store data in a number of secure locations inside the EEA.
7 HOW LONG WE KEEP YOUR PERSONAL INFORMATION FOR
7.1 If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws.
7.2 We do not retain personal information in an identifiable format for longer than is necessary.
7.3 We may need your personal information to establish, bring or defend legal claims, in which case we will retain your personal information for 7 years after the last occasion on which we have used your personal information in one of the ways specified in ‘How we use your personal information’ in Section 4.
7.4 The only exceptions to this are where:
• the law requires us to hold your personal information for a longer period, or delete it sooner;
• you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted in this section 7, or because we are required under the law (see further Erasing your personal information or restricting its processing in Section 8.6);
• and in limited cases, the law permits us to keep your personal information indefinitely provided we put certain protections in place.
8 YOUR RIGHTS
8.1 Your ‘data subject’ rights:
You have a number of rights in relation to your personal information under data protection law. In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us to search for your personal information. Except in rare cases, we will respond to you within 30 days after we have received this information or, where no such information is required, after we have received your request.
8.2 Accessing your personal information
You have the right to ask for a copy of the information that we hold about you by emailing or writing to us at the address at the end of this policy. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
8.3 Correcting and updating your personal information
The accuracy of your information is important to us and we are working on ways to make it easier for you to review and correct the information that we hold about you.
In the meantime, if you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date, please let us know by contacting us in any of the details described at the end of this policy.
8.4 Withdrawing your consent
Where we rely on your consent as the legal basis for processing your personal information, as set out under How we use your personal information in Section 4, you may withdraw your consent at any time by contacting us using the details at the end of this policy. If you would like to withdraw your consent to receiving any direct marketing to which you previously opted-in, you can also do so using our unsubscribe tool. If you withdraw your consent, our use of your personal information before you withdraw is still lawful.
8.5 Objecting to our use of your personal information and automated decisions made about you.
Where we rely on our legitimate business interests as the legal basis for processing your personal information for any purpose(s), as out under How we use your personal information in Section 4, you may object to us using your personal information for these purposes by emailing or writing to us at the address at the end of this policy. Except for the purposes for which we are sure we can continue to process your personal information, we will temporarily stop processing your personal information in line with your objection until we have investigated the matter. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data.
You may object to us using your personal information for direct marketing purposes and we will automatically comply with your request. If you would like to do so, please use our unsubscribe tool.
You may also contest a decision made about you based on automated processing by contacting the data protection department.
8.6 Erasing your personal information or restricting its processing
In certain circumstances, you may ask for your personal information to be removed from our systems by emailing or writing to us at the address at the end of this policy. Unless there is a reason that the law allows us to use your personal information for longer, we will make reasonable efforts to comply with your request.
You may also ask us to restrict processing your personal information in the following situations:
• where you believe it is unlawful for us to do so,
• you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings.
In these situations, we may only process your personal information whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.
8.7 Transferring your personal information in a structured data file
Where we rely on your consent as the legal basis for processing your personal information or need to process it in connection with your contract, as set out under Section 4 How we use your personal information, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file.
You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
8.8 Complaining to the UK data protection regulator
You have the right to complain to the Information Commissioners Office (ICO) if you are concerned about the way we have processed your personal information.
Please visit the ICO’s website for further details.
9 SECURITY / LINKS
9.1 Security measures we put in place to protect your personal information
Total Solutions Management Ltd use technical and organisational security measures to protect the personal information supplied by you and managed by us against manipulation, loss, destruction, and access by third parties. Our security measures are continually improved in line with technological developments.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information whilst in transit to our website and any transmission is at your own risk.
9.2 Links to other websites
Our website may contain links to other websites run by other organisations which we do not control. This policy does not apply to those other websites and Apps‚ so we encourage you to read their privacy statements. We are not responsible for the privacy policies and practices of other websites and Apps (even if you access them using links that we provide) and we provide links to those websites solely for your information and convenience. We specifically disclaim responsibility for their content, privacy practices and terms of use, and we make no endorsements, representations or promises about their accuracy, content or thoroughness. Your disclosure of personal information to third party websites is at your own risk.
In addition, if you linked to our website from a third-party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that third party website.
10 MARKETING
10.1 We may collect your preferences to send you marketing information directly from us by email (where applicable) including:
• if you have signed up on our website
• if you are one of our clients
• If you request information on our services
We will only do so if you have consented to contact or receiving such marketing information directly from us.
10.2 If you opt-in to receiving marketing from our recommended third parties, you will receive marketing from the third parties via your preferred communication methods indicated by you.
10.3 From time to time, we may ask you to refresh your marketing preferences by asking you to confirm that you consent to continue receiving marketing information from us.
10.4 You have the right to opt-out of our use of your personal information to provide marketing to you in any of the ways mentioned above. Please see Withdrawing your Consent in Section 8.4 and Objecting to our use of your personal information and automated decisions made about you in Section 8.5 above for further details on how you can do this.
11 CHANGES TO THIS POLICY
We may review this policy from time to time without notice. We recommend you regularly check for changes and review this policy when you visit our website. If you do not agree with any aspect of the updated policy, you must promptly notify us and cease using our services.
12 YOUR RIGHT TO COMPLAIN
If you wish to discuss your personal data or lodge a concern about the way in which it is handled, please use the following details:
Data Controller
Total Solutions Management Ltd
82a High Street,
Ware, Hertfordshire
SG12 9AT
Tel: + 44 (0) 845 625 6251
Email: enquiries@totalsolutionsmanagement.com
13 YOUR RIGHT TO COMPLAIN TO THE SUPERVISORY AUTHORITY
If you are unhappy with our response, you have the right to complain to the Supervisory Authority, the details of which are below:
Supervisory Authority: Information Commissioner’s Office (ICO) Website: https://ico.org.uk/concerns/