Updated on: 23rd May 2018
- Who we are
- How we collect your personal information
- Categories of personal information we process about you
- How we use your personal information
- Others who may receive or have access to your personal information
- Where we store your personal information
- How long we keep your personal information for
- Security and links to other sites
- Automated Decision Making
- Your rights
- Changes to this policy
- Contact us
At Tensator Group we take your privacy seriously and we are committed to protecting it.
This policy explains when and why we collect personal information about individuals, how this information is used, with whom we share that information and the rights they have over it. If you apply for a job vacancy with us, details regarding our use of the personal information you provide to us is set out in our separate Applicant Privacy Notice.
This policy may change from time to time so please check this page occasionally to ensure that you are happy with any changes.
This policy was last updated on the date set out at the start of this page. Please see further the section Changes to this policy below.
WHO WE ARE
Our business operates through numerous individual companies that form part of the Tensator Group (each a “Tensator Company”). For a full list of these companies please visit our Contact Us page. Whenever providing personal information or interacting with one of our offices, the relevant Tensator Company that corresponds to that office, as set out in our Contact Us page, is the ‘controller’ in relation to the processing activities described below. A ‘controller’ is an organisation that decides why and how your personal information is processed and is responsible for such processing.
Where this policy refers to “we”, “our” or “us” below, unless it mentions otherwise, it is referring to the particular Tensator Company that is the controller of your personal information.
If you provide any personal information to our sites located at www.tensator.com and www.tensabarrier.com or interact with it, the controller of your personal information is Tensator Ltd, the Tensator Company which owns and operates that site and which is registered in England and Wales with company registration number 04046724 and its registered office at Unit 7, Danbury Court, Linford Wood, Milton Keynes, MK14 6TS.
HOW WE COLLECT YOUR PERSONAL INFORMATION
We collect personal information from you in the following ways:
Personal information you give to us:
This is information about you that you give to us when:
- submitting information via our websites including our site located at www.tensator.com, www.tensabarrier.com and any microsites (our “Websites”);
- following us and posting on our social media pages including our LinkedIn page;
- corresponding with us by phone, email or in another way,
- interacting with us at events;
- receiving products and services from us as a member of our clients’ personnel; and
- providing products and services to us as a member of our suppliers’ personnel.
This information is provided by you entirely voluntarily and includes personal information you submit on any web forms on our Websites, or that you provide to us in person (e.g. business cards). We may also ask you for information when you report a problem with our Websites. If, at our request, you complete any surveys for research purposes, we will collect your personal information in such circumstances as well. The information you give to us may include your name, address, email address and phone number, enquiry details and other business and contact information, and may include records of any correspondence and responses to any surveys.
If we do not receive this information, you may be unable to use or interact with certain parts of our Websites, communicate with us effectively, comply with the contractual obligations that the organisation for whom you work is under or allow us to comply with our own obligations if you work for an organisation that is our client.
Personal information we collect about you:
We may automatically collect the following information during your visits to our Websites: traffic data, location data, device data, weblogs and other communication data, and details of the resources you access. We also automatically collect technical information, including anonymous data collected by the hosting server for statistical purposes, the Internet protocol (IP) address used to connect your computer or device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. Please see our Cookies Policy for further information. We may also collect any personal information which you allow to be shared on third party social networks.
Personal information we may receive from other sources:
We obtain certain personal information about you from other sources (including those outside of our business) which may include other Tensator Companies, our suppliers and our clients. The sources that may send to us personal information about you are as follows:
|Source of personal information||The categories of personal information (as described in the section below) that we obtain about you from this source|
|Other Tensator Companies||All categories|
|Our suppliers||Behavioural, Biographical, Contact, Correspondence, Identity, Employment, Fraud|
|Our clients||Behavioural, Contact, Correspondence, Identity, Marketing Preferences|
|Social media networks||Behavioural, Biographical, Contact, Correspondence, Employment|
CATEGORIES OF PERSONAL INFORMATION WE PROCESS ABOUT YOU
|Category of personal information||Description|
|Behavioural||Your activities, actions and behaviours|
|Biographical||Your life experiences|
|Contact||Information which can be used to address, send or otherwise communicate a message to you|
|Correspondence||Information contained in our correspondence or other communications with you or your work colleagues|
|Employment||Your previous, current or future employment details|
|Fraud||Information relating to the occurrence, investigation or prevention of fraud|
|Identity||Information contained in a formal identification document or social security or other unique reference relating to you|
|Legal||Information relating to legal claims made by or against you or the organisation for whom you work or the claims process|
|Marketing Preferences||Your preferences in respect of any marketing communications from us from time to time in relation to products or services which we believe may be of interest to you|
|Monitoring||Information relating to the surveillance or monitoring of your activities|
HOW WE USE YOUR PERSONAL INFORMATION
The purposes for which we use your personal information and the legal basis under data protection laws on which we rely to do this are explained below.
Where you have provided consent
We may use and process your personal information where you have consented for us to do so. If you work for an unincorporated business (e.g. sole trader or unincorporated partnership), we will contact you via email with marketing information about our products and services if you subscribe to receive our email marketing communications by ticking the relevant box or when you refresh your marketing preferences when responding to a request from us to do so and agree to continue receiving marketing emails from us.
You may withdraw your consent for us to use your information in any of these ways at any time. Please see Withdrawing your consent for further details.
Where processing is necessary for us to pursue our legitimate interests
We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business, for the following purposes:
We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business, for the following purposes:
- to create a profile of you and analyse this to obtain insight about market or industry trends, client behaviours which inform our marketing strategy, and to enhance and personalise your experience as a visitor (as well as the marketing information we contact you with in the ways described in the paragraph below);
- if you work for a corporate business, to contact you by email, post or by telephone with marketing information about our products and services. We may use your personal information to tailor or personalise the marketing communications you receive to make them relevant to you or the organisation for whom you work;
- if you work for an unincorporated business, to contact you by post or by telephone with marketing information about our products and services. We may use your personal information to tailor or personalise the marketing communications you receive to make them relevant to you or the organisation for whom you work;
Processing necessary for us to support our clients and prospects with sales and other enquiries
- to correspond and communicate with you when supporting you in connection with our products or services or your queries in relation to them;
Processing necessary for us to respond to changing market conditions and our clients’ needs
- for market research in order to improve the products and services that we and other Tensator Companies deliver;
- to notify you about changes to our products and services and our business;
Processing necessary for us to operate the administrative and technical aspects of our business efficiently and effectively
- to administer our Websites and our social media pages and for our internal operations, including troubleshooting, testing and statistical reporting purposes;
- to enable us to make payments to contractors and freelancers who provide products and services to us;
- for the prevention of fraud and other criminal activities;
- to verify the accuracy of information we hold about you and create a better understanding of you as a visitor to our Websites;
- for network and information security purposes in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;
- to comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
- for the purposes of a corporate restructure or reorganisation or sale of our business or assets;
- for efficiency, accuracy or other improvements of our databases and systems e.g. by combining systems or consolidating records we or other Tensator Companies hold about you;
- to enforce or protect our contractual or other legal rights or to bring or defend legal proceedings; and
- for general administration including managing your queries, complaints, or claims, to send service messages and to provide you with important information about our business.
Where required to comply with our legal obligations
We will use your personal information to comply with our legal obligations:
- to assist any public authority or criminal investigatory body, where we are under a legal obligation to do so;
- to identify you when you contact us;
- to verify the accuracy of data we hold about you; and
- to respond to and resolve your complaints in relation to our services.
OTHERS WHO MAY RECEIVE OR HAVE ACCESS TO YOUR PERSONAL INFORMATION
Other Tensator Companies
We may share your information with other Tensator Companies. They may use your personal information in the ways set out in How we use your personal information, in connection with the services they provide, including where they complement our own range of services.
Please see the Contact Us page for the details of the Tensator Companies with whom we may share your personal information, including their locations.
Our suppliers, service providers and other recipients
We may share your information with our third party service providers, agents, subcontractors and other organisations (as listed below) for the purposes of providing services to us or directly to you on our behalf. The ‘EEA’ refers to the European Economic Area.
|Recipient / relationship to us||Industry sector (& sub-sector)||Location|
|Accountancy and auditing services||Professional services (accountancy)||EEA, Dubai, USA|
|Advertising & PR agencies||Media (advertising)||EEA, USA|
|Banks, payment processors and financial services providers||Financial (banking)||EEA, Dubai, USA|
|Cloud storage providers||IT (cloud services)||Global|
|Government tax administration offices||Government (tax)||EEA, Dubai, USA|
|Haulage and delivery service providers||Logistics (haulage/delivery)||EEA, Dubai, USA|
|Insurance services providers||Insurance (brokers/underwriting)||EEA, Dubai, USA|
|Legal advisers||Professional services (legal services)||EEA, Dubai, USA|
|Market research and analytics service providers||Media (research and analytics)||EEA, Dubai, USA|
|Online email marketing, campaign management and customer relationship management platform services||IT (cloud services)||EEA, Dubai, USA|
|On-site security access control services||Security (on-site)||EEA, Dubai, USA|
When we use third party service providers, we only disclose to them any personal information that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.
When we share your personal information to third parties that are controllers of that information, they may disclose or transfer it to other organisations in accordance with their data protection policies. This does not affect any of your data subject rights as detailed below. In particular, where you ask us to rectify, erase or restrict the processing of your information, we take reasonable steps to pass this request on to any such third parties with whom we have shared your personal information.
Other ways we may share your personal information
We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation. We may also transfer your personal information if we are under a duty to disclose or share it in order to comply with any legal obligation, to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors and customers. We will always take steps with the aim of ensuring that your privacy rights continue to be protected.
WHERE WE STORE YOUR PERSONAL INFORMATION
All information you provide to us may be transferred to countries outside the European Economic Area (EEA). By way of example, this may happen where any of the Tensator Companies are located in a country outside of the EEA or if any of our servers or those of our third party service providers are from time to time located in a country outside of the EEA. These countries may not have similar data protection laws to the UK and so may not protect the use of your personal information to the same standard. Please see Others who may receive or have access to your personal information for details regarding the locations to which your personal information is transferred.
If we transfer your information outside of the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy. These steps include:
- ensuring the non-EEA countries to which standards are made have been deemed adequately protective of your personal information for the purposes of data protection law by the relevant bodies;
- imposing contractual obligations on the recipient of your personal information using provisions formally issued by relevant bodies for this purpose. We use these provisions to ensure that your information is protected when transferred to Tensator Companies outside EEA; or
- ensuring that the recipients are subscribed to ‘international frameworks’, such as the EU-US Privacy Shield that aim to ensure adequate protection.
Please contact us using the details at the end of this policy for more information about the protections that we put in place and to obtain a copy of the relevant documents.
If you use our services whilst you are outside the EEA, your information may be transferred outside the EEA in order to receive those services.
HOW LONG WE KEEP YOUR PERSONAL INFORMATION FOR
We do not retain personal information in an identifiable format for longer than is necessary.
If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. We determine the period of retention of your personal information based on the following criteria:
- Retention in case of direct marketing lists. We will store your personal information for as long as you have not opted out from our marketing list or, if you are a subscriber from an unincorporated business, your consent to receive email marketing messages has expired and you have not re-consented, after which we will keep your email address on our suppression list to ensure that we do not send you marketing emails. We will treat any consent you have given to us to receive email marketing messages as expired if you do not open any marketing emails we send to you for more than 2 years and may ask you if you wish to refresh that consent at the time of expiry.
- Retention in case of queries and complaints. We will retain your personal information for as long as is reasonably required to resolve your complaint or query;
- Retention in case of claims. We will retain certain of your personal information for the period in which you or a third party might bring claims against us;
- Retention in accordance with legal and regulatory requirements. We will carefully consider whether we need to retain your personal information after the period described above in case of a legal or regulatory requirement
The exceptions to the above are where:
- you exercise your right to require us to retain your personal information for a period longer than our stated retention period (see further Erasing your personal information or restricting its processing);
- you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law (see further Erasing your personal information or restricting its processing);
- we bring or defend a legal claim or other proceedings during the period we retain your personal information, in which case we will retain your personal information until those proceedings have concluded and no further appeals are possible; or
- in limited cases, existing or future law or a court or regulator requires us to keep your personal information for a longer or shorter period.
SECURITY AND LINKS TO OTHER SITES
We implement appropriate technical and organisational measures to keep your personal information safe and secure.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our Websites and any transmission is at your own risk. Once we have received your personal information, we put in place reasonable and appropriate controls to ensure that it remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access.
Our Websites may contain links to other websites run by other organisations. This policy does not apply to those other websites‚ so we encourage you to read their privacy statements. We cannot be responsible for the privacy policies and practices of other websites even if you access them using links that we provide. In addition, if you linked to our Websites from a third party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that third party website.
AUTOMATED DECISION MAKING
We do not envisage that any decisions that have a legal or significant effect on you will be taken about you using purely automated means, however we will update this policy and inform you if this position changes.</p
You have a number of rights in relation to your personal information under data protection law. In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us to search for your personal information. Except in rare cases, we will respond to you within one month from either the date that we have confirmed your identity or, where we do not need to do this because we already have this information, from the date we received your request.
Accessing your personal information
You have the right to ask for a copy of the information that we hold about you by emailing or writing to us at the address at the end of this policy. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
Correcting and updating your personal information
The accuracy of your information is important to us and we are working on ways to make it easier for you to review and correct the information that we hold about you.
In the meantime, if you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date, please let us know by contacting us in any of the details described at the end of this policy.
Withdrawing your consent
Where we rely on your consent as the legal basis for processing your personal information, as set out under How we use your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this policy. If you would like to withdraw your consent to receiving any direct marketing to which you previously opted-in, you can do so using our unsubscribe tool. If you withdraw your consent, our use of your personal information before you withdraw is still lawful.
Objecting to our use of your personal information
Where we rely on your legitimate business interests as the legal basis for processing your personal information for any purpose(s), as out under How we use your personal information, you may object to us using your personal information for these purposes by emailing or writing to us at the address at the end of this policy. Except for the purposes for which we are sure we can continue to process your personal information, we will temporarily stop processing your personal information in line with your objection until we have investigated the matter. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data.
You may object to us using your personal information for direct marketing purposes and we will automatically comply with your request. If you would like to do so, please use our unsubscribe tool.
Erasing your personal information or restricting its processing
In certain circumstances, you may ask for your personal information to be removed from our systems by emailing or writing to us at the address at the end of this policy. Unless there is a reason that the law allows us to use your personal information for longer, we will make reasonable efforts to comply with your request.
You may also ask us to restrict processing your personal information where you believe it is unlawful for us to continue processing, you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings. In these situations we may only process your personal information whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.
Transferring your personal information in a structured data file (‘data portability’)
Where we rely on your consent as the legal basis for processing your personal information or need to process it in connection with your contract, as set out under How we use your personal information, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file.
You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
Complaining to a data protection regulator
You have the right to lodge a complaint with a data protection regulator in Europe, in particular in a country you work or live or where your legal rights have been infringed. The contact details for the Information Commissioner’s Office (ICO), the data protection regulator in the UK, are available on the ICO website, for you to use where your personal information has or is being used in a way that you believe does not comply with data protection law. However, we encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have.
Please direct any queries about this policy or about the way we process your personal information to our Data Protection Manager using our contact details below.
If you wish to write to us, please write to Tensator Limited, Unit 7 Danbury Court, Linford Wood, Milton Keynes, Buckinghamshire, MK14 6TS, United Kingdom.
Our email address for data protection queries is GDPR@tensator.com, alternatively you can use our Contact Us form online. To opt-out of marketing communications contact firstname.lastname@example.org
If you would prefer to speak to us by phone, please call +44 (0)1908 684600.