A separate Data Processing Agreement (DPA) will be drawn up with clients on an individual basis, further specifying the use of any and all T-Pro services, in relation to the processing of their information, for the purposes of their role as data controller.
For the purpose of this policy:
“T-Pro” the entity will refer to Norty Ltd T/A T-Pro with its registered office being at 32 Fitzwilliam Place Dublin 2, in its role as a data controller of user information.
“Client” refers to any organisation with a contractual agreement with T-Pro, in which case they are the controller and determine the data we will process on their behalf.
“User” refers to any individual user of the system.
“Visitor” refers to a visitor to the T-Pro website who may engage with and provide data to the company but is not a registered user.
The terms data controller and data processor are defined in Article 4 of the GDPR;
(7) “controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
(8) “processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
GDPR EU.org 2018
T-Pro is committed to ensuring that your privacy is protected. Should we ask you to provide certain client or user information by which you can be identified when using this website, you can be assured that it will only be used in accordance with this privacy statement.
2. The type of information we gather
We collect a variety of information in order to deliver our services, while also ensuring that we manage your personal data transparently, fairly and securely.
2.1 Technical, Usage and Location Information
T-Pro collects information about devices accessing our services, including type of device, what operating system is used, device settings, application IDs and crash data. We receive information from you, the user, and other third-parties that helps us approximate your location. We may, for example, use a business address submitted by your employer or an IP address received from your browser. T-Pro may also collect location information from devices in accordance with the consent process provided by your device.
2.2 User supplied Information
We collect information about you when you register to use our services and otherwise provide contact information to us via email, mail, webforms and other communications. This information you provide may include your name and job title,username, contact information including email address, mailing address or phone number and other demographic information such as postcode, preferences and interests. The user's contact information will be used to contact the user when necessary.
3. What we do with the information we gather
User data will be used by T-Pro in accordance with the client’s instructions, including any applicable terms in the individual client DPA with T-Pro and client use of services functionality, and as required by applicable law.
We use this information to understand your needs and provide you with a better service, and in particular for the following reasons:
3.1 Internal record keeping
From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customise the website according to your interests.
3.2 To optimise and improve our services
We may use the information to optimise and improve our services or to analyse trends. We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
4. How long the data we gather is retained
As a data controller do not hold personal data any longer than we need to, the duration will depend on your relationship with us. User data is retained for the duration of the contract and 30 days thereafter, unless subsequent provision is made within the scope of an individual client contract.
Visitor data is retained indefinitely for the purposes of mentioned above. Access to data and and requests for amendment and deletion is available in accordance with section 9 of this document.
5. How data is shared
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.
There are certain situations in which we may share access to your personal information without your explicit consent. For example, if required by law, to protect the life of an individual, or to comply with any valid legal process, government request, rule or regulation.
6. Security of data
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
We limit access to personal information about you to employees who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their jobs. All of our employees adhere to strict confidentiality practises and are required to sign non disclosure agreements before commencing work with the company.
In compliance with the GDPR, we carry out regular penetration testing and follow internal policies of best practise and training for staff to ensure ongoing compliance.
In the unlikely event of a material breach of our security we will inform the relevant regulatory body within 72 hours and, if your personal information were to be involved in the breach, we would also inform you. unless the data was anonymised or encrypted.
7. Transferring data outside the EU
8. Company rights
T-Pro reserve the right to make changes to this policy from time to time by updating this page. When we do we will notify you of any significant changes via email but you should also check this page periodically to ensure that you are happy with any such changes or updates.
9. User rights
You may choose to restrict the collection or use of your personal information, even if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at email@example.com
9.1 Amending/Deleting your Data
If you believe that any information we are holding about you to be incorrect or incomplete, please contact us as soon as possible and we will ensure it is amended. Users also have the right to have their information deleted.
9.2 Access Requests
As per the GDPR all users may request details of the personal information which we hold by completing an Access Request Form and emailing it to firstname.lastname@example.org or posting it to T-Pro, 32 Fitzwilliam Place, Dublin 2, D02 Y985. As per the requirements of the GDPR we will provide your data electronically and in a commonly used format. All access requests will be completed no longer than 72 hours after the original request has been received. Please note a small fee of €6.35 will be payable for this service.
Where a request is deemed manifestly unfounded or excessive, T-Pro retains the right for an access request to be refused. Please see our Access Request Policy for more information.