TyreSafe takes its duty to process your personal data very seriously. This policy explains how we collect, manage, use and protect your personal data. We do occasionally update this Policy, latterly for the implementation of GDPR in May 2018, so please do return and review this Policy from time to time. Refer to the sections below for more details on how and why we use your personal information:
- Who are we?
- The personal data we collect and how we use it
- What are your rights?
- Legitimate interests
- Retaining your information
Who are we? In this policy references to ‘we’ or ‘us’ are to TyreSafe, Peershaws, Berewyk Hall Court, White Colne, Essex, CO6 2QB, United Kingdom. Registered Charity Number 1168354 (England & Wales). What personal data we collect and how we use it What we need TyreSafe is what’s known as the ‘controller’ of the personal data you provide to us. We will usually collect basic personal data about you like your name, postal address, telephone number, email address and your bank details for subscription fees and ad hoc payments such as events. We will be very clear with you if we wish to collect further information, such as date of birth, and include our reason for collecting such information. TyreSafe members’ data is held on secure servers for the purpose of conducting membership business only. TyreSafe engages an agency (CJ Association Management Ltd) to provide its administrative secretariat support. If you do not want us to use your data then you have the option to object to such use. Why we need it We collect your personal data for specific activities, such as project updates, newsletters, registration or membership requests, surveys and events. These are summarised as:
- To provide you with information that we feel may be of interest to you (for example, to notify you about a forthcoming event).
- To meet our contractual obligations to you.
- To notify you about any changes to our website, including improvements, and service or product changes that may affect our website.
- When you provide it to us directly
- When you provide permission to other organisations to share it with us (including Facebook or Twitter)
- When we collect it as you use our websites or apps (see website policy below)
- When you have given it to a third party and you have provided permission to pass your information on to us
- From publicly available sources
We combine the information from these sources with the information you provide to us directly. Membership applications When submitting a membership or supporter application, personal data will be required. Should an application be successful, all the policies and procedures outlined in this document will apply with regard to personal data retention. For those whose applications are unsuccessful, we only hold the information for a limited period after refusal and any personally identifiable details are removed. Children If you are under 18 years of age please ensure you obtain your parent/guardian’s consent before sending any personal information to TyreSafe. Please note we will not knowingly communicate to persons under 18 years without that written consent. Geographic location of data storage All the personal data we process is processed by our staff in the UK or the EU, including our website hosting. What are your rights? GDPR, implemented on 25th May 2018, gives all individuals a number of rights relating to their personal data held by companies, organisations and other third parties. These are right …
- Of access: Giving transparency over the information held about you, which will be provided to you within one month
- To be informed: Giving transparency over how your personal information is used
- Of rectification: The right to have your information updated or amended if it is wrong
- To restrict processing: You may ask to stop third parties using your information
- To be ‘forgotten’: Ask us to remove your personal information from our records
- To object: Object to the processing of your information for marketing purposes
- Of data portability: To obtain and reuse your personal data for your own purposes
- To withdraw from automated decision making and profiling: Not be subject to a decision when it is based on automated processing
If you would like to know more about your rights under the data protection law see the Information Commissioner’s Office website. If you would like to change the way you hear from us or no longer wish to receive direct marketing communications from us then use the contact form on our ‘Contact Us’ page or go to our online Permission Portal. Legitimate interests There are a number of lawful reasons that mean we can use (or ‘process’) your personal information, including ‘legitimate interests’. Broadly speaking ’legitimate interests’ means we can process your personal information if:
- We have a genuine and legitimate reason to do so
- We are not harming any of your rights and interests.
Sharing your information We will never sell your personal information to other organisations. We only disclose information to third parties or individuals when obliged to by law, for purposes of national security, taxation and criminal investigations, and the following:
- If you have agreed we may do so.
- When we use other companies to provide services on our behalf, e.g. processing, mailing or delivering orders, answering questions, sending mail and emails or processing credit/debit card payments.
- If we receive a complaint about any content you have posted or transmitted to or from one of our sites, to enforce or apply our Terms & Conditions or if we believe that we need to do so to protect and defend the rights, property or personal safety of TyreSafe, our websites or our visitors and for other lawful purposes.
- If we merge with another organisation to form a new entity, information may be transferred to the new entity.
- We may disclose aggregate statistics about our site visitors, to describe our services and operations to prospective partners, advertisers and other reputable third parties and for other lawful purposes, but these statistics won’t include any personally identifying information.