Privacy Policy

General Data Protection Regulation: Compliance Statement

  1. AwarenessTMS recognises its responsibilities within the framework of GDRP.  All staff handling data and information have been briefed on our policy and procedures to ensure compliance with our obligations.
  1. Information we holdThe information we hold relates to our customers and our employees.  We hold a range of data relating to employees including names, addresses, national insurance, pension and tax information. The information relating to customer is limited: names, email addresses, business telephone numbers and business addresses.
  1. Communicating privacy informationThe personal data that we hold and process is done so in a fair and legal manner. Our privacy notice set out below is contained in all electronic communication with our employees and customers.“TMS Insight [Global] Ltd holds and processes personal data in a legal and fair manner. The legal basis for the processing of personal data is the contract we have with the individual and business and because we have to take specific steps before entering into a contract to supply. Kevin McElduff Chief Executive has responsibility as Data Controller for UK and EU operations. Personal data is only held and processed for the purposes of delivering goods and services to our customers. This is limited to names, business telephone numbers, business addresses and business emails.  All personal data held is provided by and held with the agreement of our customers for the purposes of meeting their needs. Such data is protected by our system security arrangements. The retention period for such data is five years after which personal data is securely disposed of. Our GDPR Subject Request Policy is available from sales@tmsinsight.co.uk.”
  1. Individual rightsWe recognise the rights that customer and staff have within the GDRP framework
  • the right to be informed;
  • the right of access;
  • the right to rectification;
  • the right to erasure;
  • the right to restrict processing;
  • the right to data portability;
  • the right to object;
  • the right not to be subject to automated decision-making including profiling
  1. Subject access requestsTMS has a Subject Access Request policy and procedure. This is available to staff and customers from sales@tmsinsight.co.uk. Access requests should be made to this email address.
  2. The legal basis for holding dataThe legal basis for the processing of personal data is the contract we have with the individuals and business and because we have to take specific steps before entering into a contract to supply.
  1. ConsentOur arrangements for securing consent are fit for purpose. Customers freely provide the information we hold for the purposes of meeting our contractual obligations. Our staff freely provide the information we hold for the purposes our meeting our contractual obligations.
  1. Data BreachesWe have procedures in place to detect, report and investigate a personal data breach. We have a system security management framework in place to protect data.
  1. Data ProtectionJo Heptinstall Business Manager is responsible for the protection of the data we hold.