At TransDev, we respect your privacy and are committed to protecting the confidentiality of your personal information. Our aim is to be as clear and open as possible about what we do and why.
Background to GDPR
GDPR: On 25th May 2018, the European data protection law known as the General Data Protection Regulation (GDPR) took effect. The GDPR gives individuals in the EU more control over how their data is used and places certain obligations on businesses that process information of those individuals.
Article 5 of the GDPR requires that personal data shall be:
a) processed lawfully, fairly and in a transparent manner in relation to individuals;
b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.”
Who are we?
This data privacy information applies to data processing controlled and undertaken by:
Transmission Developments Co (GB) Ltd (hereafter known as ‘TransDev’)
Company Reg No. 1888295
Dawkins Road, Hamworthy, Poole, Dorset BH15 4HF
Tel: +44 (0)1202 675 555
Tell us what you think!
Your views on privacy are important to us. If you have comments or questions email email@example.com.
How we receive your personal data
- www.transdev.co.uk offers the opportunity for its visitors to submit their details via a form (e.g. to request a quotation, further information or download a resource)
- From social media: If you choose to communicate to us via any of the social media platforms
- Verbal and written communications; When you send us an email, call or write a letter, or if we meet you face to face
- At events, exhibitions or meetings e.g. via business cards, electronic and hard copy forms
- Third parties; We sometimes receive personal data from third parties
- From secondary research of data in the public domain e.g. on social media profiles, directories and industry media
- From primary research conducted in the field, via telephone or email
GDPR and children
The GDPR defines a child as anyone under the age of 16 years old, although this may be lowered to 13 by Member State law. The processing of personal data of a child is only lawful if parental or custodian consent has been obtained. To contact TransDev you must be 16 years old or above.
The data we use
We use a number of different categories of data about you, as part of our normal business processes, the categories include;
- Contact details
- Emails and records of verbal conversations
- TransDev websites and social media activity
- Employment information (job title, responsibilities, position within the organisation etc.)
- Your status relating to our organisation, such as communication preferences and records of marketing activity that has been sent to you
- Information telling us where we obtained your data
Storage and access to data
Where we store and process your personal data
The Data is processed at TransDev’s operating offices and in any other places where the parties involved in the processing are located.
Depending on the User’s location, data transfers may involve transferring the User’s Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.
Your personal data is stored in digital format and only printed in hard copy when absolutely necessary to perform a processing task. All personal data is stored on password protected secure servers, either at TransDev or with third parties whose services TransDev employ.
Who will see your personal data?
TransDev takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In some cases (and for the reasons stated in ‘Why we process your personal data’) the Data may be accessible to others, involved with supporting TransDev (such as suppliers, partners, third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by TransDev. The updated list of these parties may be requested from TransDev at any time.
Confidentiality and security of your data
Information about you will be kept safe and secure and it will not be supplied to a third party, unless we are obliged or permitted by law to disclose it, it is for the purpose it was collected for, or it is to facilitate a data processing activity via a third party but managed by TransDev e.g. email marketing. TransDev do not sell, rent or trade any personal information supplied by you to any third party.
All data personally transmitted by you, including your payment details, is transferred using the generally accepted and secure standard SSL (Secure Socket Layer). SSL is a secure and tested standard that is also used for online banking, for example. Ways of identifying a secure SSL connection include the s following http (i.e.: https://…) in the address bar of your browser and the padlock symbol in the bottom section of your browser.
TransDev execute a stringent security and access policy for employees that safeguards data and protects the integrity of data. The Company also ensure this doesn’t impact business function and data subject or data subject experiences. TransDev permit the portability of data on mobile devices like mobiles or laptops, as well as advocating home working, under restriction and/or limitations. This is also for the benefit of data subjects. Access to this data can be terminated or limited as and when necessary to prevent data breaches or leaks. Every reasonable step is taken to ensure that TransDev data accessed outside the network is secure. These policies aim to mitigate any instance of data breach or leaks and employees are trained in maintaining data security.
How long is your personal data retained?
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.
- Personal Data collected for purposes related to the performance of a contract between TransDev and you shall be retained until such contract has been fully performed.
- Personal Data collected for the purposes of the TransDev’s legitimate interests shall be retained as long as needed to fulfil such purposes. You may find specific information regarding the legitimate interests pursued by TransDev within the relevant sections of this document or by contacting us.
TransDev may be allowed to retain Personal Data for a longer period whenever you have given consent to such processing, as long as such consent is not withdrawn. Furthermore, we may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
Why we process your personal data
You may have previously consented to receive marketing information from TransDev. We may also process your personal data for our legitimate interests as a business, but only if necessary for the purpose we collected it for. We may process your data for;
- Sales and marketing activities such as calls, emails and other types of communications with you
- Understanding how you interact with the website and social media
- Account activity such as, email, written and verbal communications and agreements
- Financial activity, such as billing communications
- To perform obligations under a contract with you or a business you may work for
- In relation to a job application, with you or via an agent or third party service acting on your behalf with your approval
- To manage the supply of goods and services provided by you or a business you may work for
We will only store your data, for as long as we reasonably need it to undertake any of the processes listed above.
Recital 47 of the GDPR allows for the processing of personal information for our legitimate business interests in terms of direct marketing. “Legitimate Interests” means the interests of our company in conducting and managing our business to enable us to offer you the best services and products, and the best and most secure experience.
For example, we have an interest in making sure our marketing is relevant for you, so we may process your information to send you marketing that is tailored to your interests in your business. We believe this processing is in your interests as well.
When we process your personal information based on legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override your interests. We will not use your Personal Data for activities where our interests are overridden by the impact on you.
When it is in our legitimate interest, we may use electronic marketing (emails, SMS, social media) to communicate items that we feel may be of interest to you and your business, including industry and company information, updates and offers.
If you do not wish to receive these communications, you will be given the opportunity to unsubscribe, by clicking on the unsubscribe link at the bottom of each email.
Automated processing for Sales & Direct Marketing
To ensure our prospects and clients receive the most relevant communications from TransDev, we use some automated processes to undertake this. These processes (such as lead scoring and marketing based on behaviour), might indicate what the contents of a marketing email may be, or indicate to us when the best time to contact you might be.
You have certain rights given to you by law, which means you have an amount of control over your personal data that we process.
Access to your personal data
This right allows you to confirm that your personal data is being processed and to allow you to check if the processing is lawful.
Correcting any mistakes
The right of rectification allows you to instruct an organisation that is processing your personal data, to rectify any mistakes. This can be achieved by contacting TransDev on firstname.lastname@example.org or by amending your personal data via profile management tools e.g. website membership and email subscription.
The right to instruct an organisation to erase your personal data.
The right to stop the processing of your personal data
This right entitles you to learn about the legal basis of Data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by us to safeguard your personal data.
If any such transfer takes place, you can find out more by checking the relevant sections of this document or inquire using the information provided in the contact section.
The right to data portability means that under certain circumstances you will be able to ask for your personal data to be transferred from one organisation to another.
Right to object to direct marketing
You have the right to object to the processing of your personal data for the purposes of direct marketing, including email and direct mail. You can opt out by contacting email@example.com.
Object to profiling
Under certain circumstances, you are able to object to profiling or automated decision making.
Right to complain to the Information Commissioners Office (ICO)
If you are not happy with an aspect of how TransDev are processing your data, you can lodge a complaint to the supervisory authority, which is the ICO. (www.ico.org.uk)
Please contact us at firstname.lastname@example.org if you wish to exercise any of your rights or if you have any questions about the processing of your personal data by TransDev.
Last updated May 2018.