We are Trident Assurance Services (TAS), consultants offering the complete assurance package. We are committed to being transparent about how we collect and use data and to meeting our data protection obligations. This policy sets out how we use and protect any personal information we hold and process about you.
Data protection principles All personal data obtained and held by us must be processed according to a set of core principles. In accordance with these principles, we will ensure that:
• processing is fair, lawful and transparent;
• data is collected for specific, explicit, and legitimate purposes;
• data collected is adequate, relevant and limited to what is necessary for the purposes of processing;
• data is kept accurate and up-to-date. Data which is found to be inaccurate will be rectified or erased without delay;
• data is not kept for longer than is necessary for its given purpose;
• data is processed in a manner that ensures appropriate security of personal data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organisation measures;
• we comply with the relevant data protection legislation procedures for international transferring of personal data.
Personal data In providing you with our services, we may process your personal data. Personal data is information about you from which you can be identified, such as your name, date of birth and contact details.
The confidentiality of your personal data is of paramount concern to TAS and we comply with UK data protection legislation.
How do we protect and safeguard your data? We take the security of your data seriously. Our internal policies and controls are designed by default to ensure that your personal data is not accidentally destroyed, misused, disclosed or lost and is not accessed except by our employees in the performance of their job role duties.
Where we engage third parties to process personal data on our behalf, they do so underwritten instructions, a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.
How long do we keep your data? We only keep your data for as long as is necessary and in accordance with UK legislation and industry guidelines.
Your rights and how to exercise them As a data subject, you have a number of rights and freedoms. You can:
• obtain confirmation as to whether your personal data is being processed and where that is the case, gain access to the personal data;
• require TAS to rectify incorrect or incomplete data;
• require TAS to erase or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
• object to the processing of your data where TAS is relying on its legitimate interests as the legal ground for processing.
• move, copy or transfer your personal data from one IT environment to another, securely and without affecting its usability.
If you would like to exercise any of these rights, please contact our Data Protection Officer (DPO) at: firstname.lastname@example.org. We will ask you to provide documentation to confirm your identity or, if you are acting on behalf of another individual, we will ask you for proof of their consent or your legal right to receive their personal information.
If you believe that TAS has not complied with your rights and freedoms you can make a complaint. Please see the contact details in this document.
Changes to our processing arrangements
Should we need to change the way we collect, store or process your data we will contact you to let you know.
Law relating to this document General Data Protection Regulation (2016/679 EU) Data Protection Bill Privacy and Electronic Communications Regulations (PECR)
Contact information Should you need to, you can contact us via the following routes:
In person or by post: Trident Assurance Services 3B Olympus House Calleva Park Aldermaston RG7 8SA
By telephone: 0118 324 9444
By email: email@example.com
Our Data Protection Officer can be contacted via the following routes:
By post: Trident Assurance Services 3B Olympus House Calleva Park Aldermaston RG7 8SA
By telephone: 0118 324 9444
By email: firstname.lastname@example.org
Trident Assurance Services is a company registered in England and Wales with 09357729.
The TAS registered office is Aquis House, 49-51 Blagrave Street, Reading, Berkshire RG1 1PL.
Trident Assurance Services is registered with the Information Commissioners Office, registration number Z4946055.
Complaints If you think we have not complied with our data protection obligations and you wish to complain to the Information Commissioner, you can use the contact details below:
Information Commissioner’s Office Helpline: 0303 123 1113 www.ico.org.uk/concerns
What personal data do we collect? When you use our website we may collect the following personal data:
• your name, company, email address and telephone number;
• the internet protocol (IP) address of the device you are using, the browser software you use, your operating system, the date and time of access and information on how you use our website;
• details of contact we have had with you including records of telephone conversations and emails;
• information you give us when responding to online surveys for research purposes.
We also collect technical data via Google Analytics, however these reports do not contain any personal data.
How do we collect your data? We may collect this information in a variety of ways. For example, we might collect data when:
• you complete our ‘contact us’ form;
• you fill in your details to book an event or webinar;
• you subscribe to email notifications and/or newsletters;
• you complete an online survey.
Why do we process your personal data? We may process your personal data for any of the following reasons:
• to enable us to contact you in response to a query or request for information;
• to register you for email notifications and/or newsletters that you have subscribed to;
• to book you onto an event and/or webinar;
• to collect your opinions as part of any research we may carry out.
What is the lawful basis for processing? We may process your data on the grounds of contractual or legitimate interests – if we need to respond to your enquiry or enter into a ‘contract’ of services with you, or book onto an event we are hosting. If you have subscribed to our email notifications or newsletter we are relying on your consent to process your personal data. You can withdraw this consent at any time.
Who do we share your data with? Your data may be shared internally within TAS whose employees may view your data as part of their job role.
If you subscribe to our email notifications and/or newsletter your name, company and email address may be stored on the email platform Mailchimp. Mailchimp’s server is in the USA so your name and email address may be stored outside of the EEA.
We do not share your personal information with anyone outside of TAS or its partner organisations to use for their own purposes, except:
• when we have your permission;
• to comply with a legal obligation or to perform a public task;
• to protect the rights, property, or safety of TAS, our customers, or others;
• in order to detect, prevent and help with the prosecution of financial crime;
• if there are other exceptional circumstances, and we are unable, or it is not appropriate to seek your permission;
• to archive for statistical or research purposes or in the public interest;
• in the reason of public interest.
Third party websites Our website includes hyperlinks to, and details of, third party websites. We have no control over, and are not responsible for, the privacy policies and practices of third parties.
We cannot ensure the security of your data when it is being transmitted to our website or other digital sites from other pages. All transmission of personal information and other data is done at your own risk.