At TransDev, we respect your privacy and are committed to protecting the confidentiality of your personal information. Our aim is to be as clear and open as possible about what we do and why.
Background to GDPR
GDPR: On 25th May 2018, the European data protection law known as the General Data Protection Regulation (GDPR) takes effect. The GDPR gives individuals in the EU more control over how their data is used and places certain obligations on businesses that process information of those individuals.
Article 5 of the GDPR requires that personal data shall be:
a) processed lawfully, fairly and in a transparent manner in relation to individuals;
b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.”
Who are we?
This data privacy information applies to data processing controlled and undertaken by:
Transmission Developments Co (GB) Ltd (hereafter known as ‘TransDev’)
Company Reg No. 1888295
Dawkins Road, Hamworthy, Poole, Dorset BH15 4HF
Tel: +44 (0)1202 675 555
Your views on privacy are important to us. If you have comments or questions email firstname.lastname@example.org.
GDPR and children
The GDPR defines a child as anyone under the age of 16 years old, although this may be lowered to 13 by Member State law. The processing of personal data of a child is only lawful if parental or custodian consent has been obtained. To contact TransDev you must be 16 years old or above.
We use a number of different categories of data about you, as part of our normal business processes, the categories include;
Where we store and process your personal data
The Data is processed at TransDev’s operating offices and in any other places where the parties involved in the processing are located.
Depending on the User’s location, data transfers may involve transferring the User’s Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.
Your personal data is stored in digital format and only printed in hard copy when absolutely necessary to perform a processing task. All personal data is stored on password protected secure servers, either at TransDev or with third parties whose services TransDev employ.
TransDev takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to TransDev, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by TransDev. The updated list of these parties may be requested from TransDev at any time.
Information about you will be kept safe and secure and it will not be supplied to a third party, unless we are obliged or permitted by law to disclose it, or it is to facilitate a data processing activity via a third party but managed by TransDev e.g. email marketing. TransDev do not sell, rent or trade any personal information supplied by you to any third party.
All data personally transmitted by you, including your payment details, is transferred using the generally accepted and secure standard SSL (Secure Socket Layer). SSL is a secure and tested standard that is also used for online banking, for example. Ways of identifying a secure SSL connection include the s following http (i.e.: https://…) in the address bar of your browser and the padlock symbol in the bottom section of your browser.
TransDev execute a stringent security and access policy for employees that safeguards data and protects the integrity of data. The Company also ensure this doesn’t impact business function and data subject or data subject experiences. TransDev permit the portability of data on mobile devices like mobiles or laptops, as well as advocating home working, under restriction and/or limitations. This is also for the benefit of data subjects. Access to this data can be terminated or limited as and when necessary to prevent data breaches or leaks. Every reasonable step is taken to ensure that TransDev data accessed outside the network is secure. These policies aim to mitigate any instance of data breach or leaks and employees are trained in maintaining data security.
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.
TransDev may be allowed to retain Personal Data for a longer period whenever you have given consent to such processing, as long as such consent is not withdrawn. Furthermore, we may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
You may have previously consented to receive marketing information from TransDev. We may also process your personal data for our legitimate interests as a business, but only if necessary for the purpose we collected it for. We may process your data for;
We will only store your data, for as long as we reasonably need it to undertake any of the processes listed above.
Recital 47 of the GDPR allows for the processing of personal information for our legitimate business interests in terms of direct marketing. “Legitimate Interests” means the interests of our company in conducting and managing our business to enable us to offer you the best services and products, and the best and most secure experience.
For example, we have an interest in making sure our marketing is relevant for you, so we may process your information to send you marketing that is tailored to your interests in your business. We believe this processing is in your interests as well.
When we process your personal information based on legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override your interests. We will not use your Personal Data for activities where our interests are overridden by the impact on you.
When it is in our legitimate interest, we may use electronic marketing (emails, SMS, social media) to communicate items that we feel may be of interest to you and your business, including industry and company information, updates and offers.
If you do not wish to receive these communications, you will be given the opportunity to unsubscribe, by clicking on the unsubscribe link at the bottom of each email.
To ensure our prospects and clients receive the most relevant communications from TransDev, we use some automated processes to undertake this. These processes (such as lead scoring and marketing based on behaviour), might indicate what the contents of a marketing email may be, or indicate to us when the best time to contact you might be.
You have certain rights given to you by law, which means you have an amount of control over your personal data that we process.
This right allows you to confirm that your personal data is being processed and to allow you to check if the processing is lawful.
The right of rectification allows you to instruct an organisation that is processing your personal data, to rectify any mistakes. This can be achieved by contacting TransDev on email@example.com or by amending your personal data via profile management tools e.g. website membership and email subscription.
The right to instruct an organisation to erase your personal data.
The right to stop the processing of your personal data
This right entitles you to learn about the legal basis of Data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by us to safeguard your personal data.
If any such transfer takes place, you can find out more by checking the relevant sections of this document or inquire using the information provided in the contact section.
The right to data portability means that under certain circumstances you will be able to ask for your personal data to be transferred from one organisation to another.
You have the right to object to the processing of your personal data for the purposes of direct marketing, including email and direct mail. You can opt out by contacting firstname.lastname@example.org.
Under certain circumstances, you are able to object to profiling or automated decision making.
If you are not happy with an aspect of how TransDev are processing your data, you can lodge a complaint to the supervisory authority, which is the ICO. (www.ico.org.uk)
Please contact us at email@example.com if you wish to exercise any of your rights or if you have any questions about the processing of your personal data by TransDev.
Last updated May 2018.