The Tipping Point Ltd is registered as a data controller under the Data Protection Act 1998 (the DPA).
This means we are an organisation that controls how we collect, store, and use personal data. The register of data controllers is held by the Information Commissioner’s Office. Under the DPA, ‘personal data’ is information about an identifiable living person. The person the personal data refers to is called a ‘data subject’. The DPA says that any organisation collecting personal data must make sure that it is:
Processed fairly and lawfully
Processed for specific and lawful purposes
Used in a way that is adequate, relevant and not excessive
Accurate and, where necessary, kept up to date
Not kept for longer than is necessary
Processed in accordance with data subjects’ legal rights
Not transferred outside the UK without adequate protection.
Information about you
We may collect and process the following data about you:
If you contact us, we may keep a record of that correspondence for our records and administrative purposes.
We may also ask you to complete surveys that we use for research and user satisfaction purposes, although you do not have to respond to them.
Details of transactions you carry out through our site and of the fulfilment of your orders.
Details of your visits to the site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.
We may also obtain sensitive personal data about you if you volunteer it during the completion of an online form or in other correspondence between us and you. If you volunteer such information, you will be consenting to our processing it for the purpose of providing you with the services which you receive through the Site or otherwise from us and administering the smooth service for your benefit.
We may also monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention and compliance.
Information about other individuals
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
Give consent on his/her behalf to the processing of his or her personal or sensitive personal data; and
Receive on his/her behalf any data protection notices.
You shall indemnify us, keep us indemnified and hold us harmless against any losses, damages, claims, costs or expenses suffered by us as a result of the processing of the personal data of any third party whose data you have disclosed to us in breach of this Policy.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
Where we store your personal data
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). Any transfer of your data outside of the EEA will be subject to a European Commission approved contract which will safeguard your privacy rights and give you remedies in the unlikely event of a security breach. Your data may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure thatyour data is treated securely and in accordance with this Policy.
All information you provide to us is stored on securely. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although We will do Our best to protect your personal data, We cannot guarantee the security of your data transmitted to the Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Uses made of the information
We use information held about you in the following ways and for the following purposes:
To ensure that content from the Site is presented in the most effective manner for you and for your computer and to assist in customising the Site and its content to your particular preferences.
To provide you with information, products or services that you request from us or which We feel may interest you, where you have consented to be contacted for such purposes.
To carry out our obligations arising from any contracts entered into between you and Us.
To allow you to participate in interactive features of our service, when you choose to do so.
To notify you about changes to the Site or to our services which may affect you.
To help us to identify you and any accounts you hold with us and for billing and order fulfilment or such other customer profiling purposes.
To undertake surveys and other research as required.
Improving our services.
Marketing and opting out
We may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you and we or they may contact you about these by post, email or telephone.
Where we permit selected third parties to use your data, We (or they) will contact you by electronic means only if you have consented to this.
If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please contact us by emailing us via firstname.lastname@example.org
Disclosure of your information
We may disclose your personal information to:
Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006;
Our agents and service providers;
Law enforcement agencies in connection with any investigation to help prevent unlawful activity; and
Our business partners in accordance with the section headed ‘Marketing and Opting Out’ above.
We may disclose your personal information to third parties:
In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
If we or substantially all of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets;
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply the terms of this Policy and/or other agreements between you and us; or
To protect our rights, property, or safety and that of our customers, or others with whom we deal.
This includes exchanging information with other companies and organisations for the purposes of fraud
protection and credit risk reduction.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data or by otherwise informing us at the time at which we collect your data. You can also exercise the right at any time by contacting us by emailing us at email@example.com
The site may contain links to and from the websites of our partner networks, advertisers and affiliates or other third parties.
If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Access to information
The Data Protection Act 1998 (‘the DPA’) gives you the right to access information held about you. Your right of access can be exercised in accordance with the DPA. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you. If you wish to exercise this right you should:
Put your request in writing;
Include proof of your identity and address (e.g. a copy of your driving licence or passport, and a recent utility or credit card bill);
Attach cash or a cheque in the amount of £10 made payable to The Tipping Point Limited; and
Specify the personal data you want access to, including any account or reference numbers where applicable.
You have the right to require us to correct any inaccuracies in your data free of charge. If you wish to exercise this right you should:
Put your request in writing;
Provide Us with enough information to identify you (e.g. account number, username and registration details); and
Specify the information that is incorrect and what it should be replaced with.
You can find out more about the Data Protection Act and its principles from the Information Commissioner’s Office.