TIMPANI GROUP LIMITED:
PRIVACY POLICY
Here at Timpani Group Limited (“Timpani”, “us”, “we”, “our”) we are committed to respecting your privacy and to complying with applicable data protection and privacy laws.
This Policy, together with our Terms of Service, sets out the basis on which any personal data we collect from you or that you provide to us, will be processed. In this policy, references to “you” or “your” means the customer who enters into a contract with us for goods and services. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
1. COLLECTION OF INFORMATION
A. Personal Information Collection
i. When you sign up for our services, we will collect personal information which may include your name, email address, postal address, fax, telephone or other
contact number. You can be assured that this information will only be used for the intended purposes stated at the time at which it was collected.
ii. We may also collect this information if you request a quote from us, or if you provide us with a quotation for services, or enter into a contract with us as a
supplier.
iii. If you contact us for technical or account support on the phone, post or via email, we may keep a record of this correspondence.
B. Non-personal Identifying Information Collection
i. We record the IP address of any device used to log into your online portal, which gives you access to your invoices, support tickets and related services.
ii. We do not record any long-term association between that recorded IP address and your Timpani username. This is only maintained for the length of your
session.
iii. Once you are logged in, our website uses cookies to distinguish you from other users. This will let us know if you are already a customer. These cookies are
ephemeral, and are not retained in any long-term tracking database once you have logged out.
2. USE OF INFORMATION
We may use your information in a number of ways in order to fulfil our contractual obligations. This is one of the categories permitted under the GDPR, and with us, includes: processing orders, managing your account, delivering the service, responding to any complaints or enquiries and to verify your identity when required.
A. Information you give to us will be used:-
i. To carry out our obligations set out in our Agreement with you in order properly to provide your service. We will use your contact details to contact you in
relation to your account with regard to ongoing payment, maintenance and security.
ii. To warn you of any Maintenance Periods or interruptions to service.
iii. To notify you of any changes to the service
B. Information we collect about you will be used:-
i To keep our online systems running safely and securely.
3. DISCLOSURE OF INFORMATION
Timpani Group does not sell or pass your information to any third parties. In the event that we undergo reorganisation you agree that the information we hold about you will
be transferred to that reorganised entity for the purposes set out in this Privacy Policy. We may be obliged to disclose your personal information to meet any legal
requirements.
A. Payment Information
i. When taking a payment by credit or debit card, or similar payment mechanism which requires some personally identificatory information, we will share your payment card or related mechanism’s details and pertinent contact information with our payment processing partners; they, in turn, will share this information with your payment provider or bank in accordance with secure industry norms in validating and processing those payments.
4. STORING OF INFORMATION
A. Where we store customer data
i. We store your information on our administrative servers within our secure datacentres in the UK.
ii. Any payment transactions are encrypted using SSL/TLS technology.
iii. You are responsible for keeping any passwords associated with accessing your
services or data secure.
5. SOCIAL MEDIA
Any social media posts or comment you send to us will be shared under the terms of the relevant social media platform on which they are written and could be made public.
Other people, not us, control these platforms. We are not responsible for how your posts or comments would thereafter be used, and so recommend you review the terms and
conditions and privacy policies of the social media platforms you use. Any comments you make on these services must comply with relevant policy on acceptable use of those
services.
6. RETENTION OF INFORMATION
To make sure we meet our legal data protection and privacy obligations, we only hold onto your information for the purposes we acquired it for in the first place, or where we need to retain it for longer in accordance with any specific retention legislation. This usually means we will keep your information for as long as you continue to use our services and for a reasonable period afterwards to deal with end of contract decommissioning, but there may be cases where normal ongoing operations require retention of such information for longer periods.
7. ACCESS TO YOUR INFORMATION
You can write to us at any time to obtain details of the personal information we may hold about you. Please contact us using the details listed below (under the “Contact”
heading). Please quote your name and address and provide details of the information you wish to have access to. Please be informed that we will take any steps necessary to
verify your identity before providing you with this information.
8. CHANGES TO OUR PRIVACY POLICY
We reserve the right to modify this Privacy Policy at any time. If we decide to change our Privacy Policy, we will post those changes. Any material changes to this Privacy
Policy will be reflected immediately in the Privacy Policy on our company website, and, where appropriate, via email to relevant stakeholders and clients.
9. YOUR DATA RIGHTS
A. The Right of Access, and The Right to be Informed
i. Please write to us using the information given under the “Contact” heading below to access the information we hold about you. Please include the specific data you require as well as you name and address. We will verify your identity prior to providing you with this information.
B. The Right to Rectification, and to Object, and to Request a Restriction of Processing
i. You can update your personal information, or object to any information, or request we restrict processing of any data we hold on you, through your online portal by submitting a secure change request form there.
C. The Right to Erasure
i. You have the right to erase the data we hold about you, the request will be honoured if the information is no longer required for the services purchased.
Financial records will be retained for up to seven (7) years, in accordance with relevant legislation, even after your other information has been erased.
D. The Right to Data Portability
i. You can request the data we hold on you to be provided in human-readable
format, which we shall provide. You may make such a request via the online
portal and submitting a secure change request form there.
E. Rights in Relation to Automated Decision Making and Profiling
i. We do not run any substantive automated-decision-making nor profiling systems or operations. There are occasions where an attempt to log in to your customer portal too many times with the wrong password from your IP address will cause the system to block your continued attempted access to the service for several minutes, or for longer periods of time if this continues. Please contact us, via the contact information below, if you believe that this “brute force” detection is inaccurate, or a “false positive”, and we will ensure your IP address is removed from the ban list, or whitelisted.
ii. There are situations where our unsolicited-mail detection systems (spam) will misidentify your mails from us as “junk”. In such cases, they will either be marked as such, or our employees will not receive them at all. In such cases, please contact us as per the details below via telephone or an alternate email address, and we will whitelist your “false positive” primary email address.
10. CONTACT
Questions and requests should be sent to us using the details below.
A. Post: Data Protection Officer, United 11, 26 Charing Cross Road, London, WC2H 0DG
B. Email: dpo@timpani.co.uk
C. Telephone: 0800 862 0001