Todd Research Ltd is committed to safeguarding the privacy of the data of its employees and business partners whilst providing the highest possible quality of information and service. To comply with the EU regulation 2016/679 it should be explained how any personal information and/or private data which is obtained from you will be treated.
Under the aforementioned regulation, processing of your personal data is based on the principles of accuracy, legal certainty and transparency, as well as protection of your confidentiality and your rights.
Under article 13 of the current legislation, we provide you with the following information:
Who we are
What information we collect and how
1. The information we collect via the Website may include.
a. Any personal details you knowingly provide us with via email, such as name, address, telephone number etc.
b. Notify you about enhancement to our services, such as changes to the website, new services and special offers that may be of interest. We may contact you by mail, telephone or email with offers.
c. Your preferences and use of email updates recorded by emails we send you in the form of HTML’s.
d. Monitor traffic patterns and site usage to help us develop and improve the design and layout of our website.
e. Your IP Address, this is a string of numbers unique to your computer that is recorded by our web server when you request to view any page or product on our Website. This information is used to monitor your usage of the Website.
2. The information that we collect relating to employees may include:
a. Personal details such as name, address, telephone numbers, email addresses to maintain accurate contact data
b. Tax codes, national insurance numbers and bank details to allow salary processing and expenses payments
c. Career history as a part of a recruitment process and on-going personal development
3. The information collected from trading partners may include:
a. Contact information
b. Bank details to facilitate payments
c. Credit referencing to facilitate trading
Purpose and methods of data processing
a. To insert personal information in the company computer databases to meet payroll obligations and keep appropriate employment contract related information
b. To keep accounts
c. To manage receipts and payments
d. To fulfil the requirements of civil and fiscal legislation and of EU standards and regulations
e. To participate in tenders, in the event that providing reference lists is necessary.
f. To assist in managing smooth interaction for our partners with the website
Personal data will be processed on paper and by computer, by the data controller, the data processor and by their agents while observing every precaution to guarantee security and confidentiality.
Nature of collection and consequences of failure to provide data
Provision of your personal data is compulsory in order to fulfil the requirements resulting from the contract and, in general, legal obligations.
Failure to provide data could make it impossible for us to fulfil these contractual requirements or complete the activities required by current legislation.
Communication and disclosure of data
For the purposes of fulfilling the contract and for the purposes stated above, your personal data could be communicated:
– to all legal entities and individuals (legal consultants, administrative and fiscal offices, auditing firms, couriers and forwarders, data processing centres etc.) in the event that communication is necessary for the purposes explained above; – to banks for handling receipts and payments; – to factoring or debt collection companies; – to our collaborators and staff who are responsible for data within the scope of their specific duties; – other legal entities and individuals that need to be involved to fulfil the purposes mentioned above.
For the same purposes, if necessary, the data can be transferred abroad.
The data collected may be disclosed, via publication on our website www.toddresearch.co.uk and other online channels and applications for our specific products, paired with a specific customer/supplier. In these cases, publication will be carried out with the express consent of the data subject.
Rights of the data subject
At any time you can exercise your rights with the data controller under art.7 of the Code on Data Protection and art. 12 of New European Regulation 2016/679 are shown below for your convenience.
1. The controller shall:
take appropriate measures to provide any information referred to in Articles 13 and 14 and any communication under Articles 15 to 22 and 34 relating to processing to the data subject in a concise, transparent, intelligible and easily accessible form, using clear and plain language, in particular for any information addressed specifically to a child. The information shall be provided in writing, or by other means, including, where appropriate, by electronic means. When requested by the data subject, the information may be provided orally, provided that the identity of the data subject is proven by other means.
2. The data subject has the right to obtain indications on:
a) the source of their personal data;
b) the purposes and methods of processing;
c) the logic applied in the event of processing via electronic means;
d) the identity of the controller, the processors and the designated agents under article 5, comma 2;
e) the subjects or the categories of subjects to which the personal data may be communicated or who may become aware of them as designated representatives within this country, as managers or agents.
3. The data subject has the right to obtain:
a) updating, rectification or, when necessary, integration of data;
b) erasure, transformation into anonymous form or blocking of data processed in violation of the law, including those that are not required to be kept in relation to the purposes for which the data were collected or subsequently processed;
c) confirmation that the operations mentioned in points a) and b) have been brought to the attention, including with regard to their content, of those to whom the data were communicated or disclosed, except where this proves impossible or implies the use of means that are clearly disproportionate to the right being protected.
4. The data subject has the right to oppose, in whole or in part:
a) for legitimate reasons, the processing of personal data relating to them, even if pertinent to the purpose for which they were collected;
b) the processing of personal data relating to them for the purposes of sending advertising or direct sales material or to carry out market research or commercial communications.
The rights mentioned in article 12 are exercised via a request addressed without formalities to the data controller or data processor, including via an agent, who will be provided with a reply without delay.
If any employee identifies or suspects that a breach of data security has taken place, the matter must be reported immediately to the data protection officer. The data protection officer is the Finance Director.
Any request made to the data controller or data processor, may be sent by registered letter.
Data Controller and Processor
The data controller is Todd Research Limited