Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the business, [Business name & other trading names].
- “you”, “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- PECR means Privacy & Electronic Communications Regulation.
- ICO means Information Commissioner’s Office.
- Cookies mean small files stored on a user’s computer or device.
Processing of your personal data
Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.
- We are registered with the ICO under the Data Protection Register, our registration number is: Z2766577
- Lawful basis: ConsentThe reason we use this basis: By providing your personal information via telephone, website or in person you are requesting to receive other information or to access our services on behalf of yourself or another individual.We process your information in the following ways:Information collected in this way will be used solely for the purpose specified at the time of collection and will not be passed or sold to any third parties i.e. any organisation other than CTTM. The only exceptions to this will be the provision of data to contracted agencies for data/database analysis.CTTM will collect only that information necessary for the purpose for which it is requested, or which will help to provide a more valuable service for the user.Data retention period: We will continue to process your information under this basis until you withdraw consent, or it is determined your consent no longer exists.
Sharing your information: We do not share your information with third parties.
If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.
Your individual rights
Under the GDPR your rights are as follows:
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
Data security and protection
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Transparent Privacy Explanations
We have provided some further explanations about user privacy and the way we use this website to help promote a transparent and honest user privacy methodology.
Resources & further information
- Overview of the GDPR – General Data Protection Regulation
- Data Protection Act 1998
- Privacy and Electronic Communications Regulations 2003
Reviewed and updated 21/05/18 JN