Privacy Policy
TPP (“We”) are committed to protecting and respecting your privacy.
This privacy notice (together with the terms and conditions for using our website) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. It applies to all products and services, and instances where we collect your personal data (however, please note that some of our products or services, such as Airmid, Brigid and Airmid Cares, will have their own privacy policies that will apply in place of this policy). ‘Processing’ for the purposes of this notice covers a very broad range of activities, including using, transferring, storing and even deleting. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
By using the website, our services and/or contacting us you are accepting and consenting to the practices described in this policy including the collection, use and transfer of the relevant data described below.
Information we may collect from you
We may collect and process the following data about you:
Information you give us:
- Any information you provide to us via the website, our services, a telephone call, email or any other messaging facility.
- This may include personal information such as name, address, contact details and the specific detail contained within your enquiry or feedback, which may contain further sensitive personal information where medical or demographic information (including racial or ethnic origin) is provided to us.
- It could also include information provided when creating a user account within our clinical systems (including, usernames and password information).
Information we collect about you:
- We may automatically collect the following information where the website or our services are used:
- technical information, including browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
- Information we receive from other sources. We may receive information about you if you use any of the other services we provide.
Uses made of the information
We use information held about you in the following ways (dependent on the particular enquiry raised with us):
- Information you give to us. We may use this information:
- to improve our services and ensure that content from services is presented in the most effective manner for you;
- to monitor usage and collect usage statistics;
- to assist you in your use and understanding of our services;
- to respond to your comments and queries;
- to perform any contracts entered into between you and us;
- for security and safety purposes; and/or
- to inform you of changes/updates to our services.
- Information we collect about you. In addition to the above we will use this information:
- for internal operations, including troubleshooting, data analysis, testing, research, statistical purposes;
- to improve our service to ensure that content is presented in the most effective manner for you;
- to allow you to participate in interactive features of our service, when you choose to do so; and/or
- as part of our efforts to keep the service safe and secure.
- Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason that is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that this website and our products and services are not designed for or intended for use by children under the age of 16.
Disclosure of your information
We may disclose or share your personal data if we are under a duty to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of TPP, our customers, or others. We remain responsible for those third parties and it is our responsibility to ensure that they use any of your personal data that we make available to them correctly and in accordance with our instructions and the law.
We do not use or disclose your information to anyone except as described in this Privacy Policy.
How we store your personal data and how we keep it secure
We make it a priority to provide strong security and give you confidence that your information is safe and accessible when you need it. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. We use strict procedures and security features in accordance with best industry practice and standards. We store all of your information on secure servers and our security measures are to the standards set by the UK National Cyber Security Centre.
We restrict access to personal information to TPP employees, contractors, and agents who need that information in order to process it. Anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
Unfortunately, if you are accessing the website from a mobile device, the transmission of information via your device is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to us; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Our legal basis for processing data
We collect, use and share data that we have in the ways described above:
- As necessary to fulfil our services which may include sharing your personal data with service providers in order to effectively deliver our services;
- Consistent with your consent, which you may revoke at any time;
- As necessary to comply with our legal obligations which may be expressed in written contractual agreements;
- To protect your interests, or those of others;
- As necessary in the public interest; and
- As necessary for our (or others’) legitimate interests unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of personal data. Legitimate interests may include;
- providing an innovative, personalised, safe and profitable service to our users and partners;
- carrying out and/or testing our services, processes and policies;
- following guidance of government and regulatory bodies;
- audit purposes to ensure (amongst other things) we are responding where necessary and providing an effective business model;
- market research and statistics.
How can you exercise your rights provided under the GDPR?
Under the General Data Protection Regulation, you have the right to access, rectify, port and delete your data.
You also have the right to object to and restrict certain processing of your data. This includes:
- the right to object to our processing of your data for direct marketing;
- the right to object to our processing of your data where we are performing a task in the public interest or pursuing our legitimate interests or those of a third party.
- the right to have your data amended if it is inaccurate. You can find more information about your rights on the Information Commissioner’s Office website – please see https://ico.org.uk/for-the-public/
Please be aware that information recorded by another party remains their responsibility (as they are the data controller) and so depending on your request we may need to direct you elsewhere.
Data Retention and deletion
We retain personal information until it is no longer necessary for the provision of our services unless you request for its deletion (whichever comes first).
Personal information that has been deleted may persist in our backup systems, but will not be readily accessible. Our services also use encrypted backup storage as another layer of protection to help recover from potential disasters. Data can remain on these systems for up to 6 months. When TPP delete data, we follow a deletion policy to make sure that your data is safely and completely removed from our servers.
Contact
If you have any concerns please contact our Data Protection Officer (DPO) and data protection team:
- By post – TPP House, 129 Low Lane, Horsforth, Leeds, LS18 5PX
- By email – dpo@tpp-uk.com
TPP is registered with the Information Commissioner’s Office (ICO), which regulates data protection in the UK, and our registration number is Z1927388.
You can raise a complaint with the Regulator here: https://ico.org.uk/make-a-complaint/
We will investigate and attempt to resolve any data privacy objections and complaints relation your details provided in accordance with the above and make reasonable effort to allow you to exercise your rights as quickly as possible and within the timescales provided by data protection laws.
Changes to our privacy policy
Our privacy policy may change from time to time. We will post any privacy policy changes on the website. Please check the website frequently to see any updates or changes to our privacy policy.