24 May 2018
Data Privacy Notice
We are very pleased to welcome you to our website and would like to thank you for the interest you have shown in our company, our products and our website.
This privacy notice is designed to explain how TouchPoint, Inc. and its subsidiaries (hereafter referred to as the “Company”) are committed to ensuring that your personal data is protected when you access any of the websites belonging to any of the companies within the Company group.
You should therefore take note of the following information:
- Protecting your data is important to us
- Personal data
- Specific use
- Data Transfer
- Data Retention
- Data that is collected automatically
- Tracking services
- General information on external links
- Changes to the data protection regulations
- Your rights regarding your personal data
- Contact Information
1. Protecting your data is important to us
We want you to know that the security of your personal data is important to us and for you to feel secure about how your data is being protected while browsing our internet sites.
The security of your personal data is important to us and as part of our commitment to the protection of any such data held the Company has established a Privacy Programme Governance Team (PPGT), the purpose of which is to provide structure and on-going guidance for compliance consistently across the group.
We want you to be fully informed about the personal data we are collecting and when, and how we use it and to assure you that we have taken technical and organisational measures to ensure that data protection provisions are upheld by both us and also any of our external service providers.
We intend to follow the European Union’s General Data Protection Regulation (“GDPR”). While the GDPR is a data privacy law implemented across all EU member states, which we will fully comply with where applicable, the Company has taken the decision to apply many of the principles of the regulation across the whole global business as a standard of best practice. In addition, we will follow all applicable local laws and regulations.
2. Personal Data
Generally user information is collected in two ways; information given to us by a user in order to permit the use of services offered by our Sites, and information collected through the use of services offered through our Sites.
Under GDPR, personal data includes the information relating to your identity. You do not have to disclose personal data in order to use all of our internet sites. However, in certain circumstances we will need your name and address, as well as other details, in order to be able to provide you with the services you require.
Details required to provide services may occur, for example when a user wants to access or benefit from the services offered through a Site. Use of services, such as CAD downloads, product configuration, or sample requests requires registration by the user which requires personally-identifying information to complete the registration. Users who do not log on to the Site or choose not to register will be identified by their IP address.
Details required to provide services may occur, for example if you want us to send you information and goods you have ordered, or in order to answer individual queries. Where this is necessary, we will draw your attention to this accordingly. In addition, we only store and process data that you have voluntarily or automatically made available to us and it will be used only for specific purposes which we will inform you of.
In as far as you request services from us, as a rule we will only collect data such as is needed to supply the service. Any information provided by you is done voluntarily. Processing of personal data will only be carried out for the purpose of providing the service you have asked for, and for the maintenance of our own legitimate business interests.
3. Specific use
Both our own employees and the service providers working on our behalf are bound by a duty of confidentiality and to comply with the provisions of the GDPR where applicable. We will not share or sell personal data to any service provider for their use; however, third parties who provide us with services, may use the information in marketing, product development or other business purposes solely for the benefit of us. Additionally, product inquiries may be passed on to third parties with whom we have contractual relationships in order to best respond to a user's product or service inquiry.
In order to access certain areas of some of our websites, and/or request materials, we may ask you to register by providing such information. When you register, you will select a USERNAME and PASSWORD, which we recommend you keep private to ensure that no one can use them in your place. Upon occasion, we may contact you to inquire about your satisfaction with our products and services.
4. Data transfer
Personal data may be stored and processed in other countries within the EU and outside of the EU (including the United States) for specific business purposes.
If you are located in the European Economic Area (EEA): Some non-EEA countries are recognised by the European Commission as providing an adequate level of data protection according to EEA standards.
We implement technical and organisational measures in order to protect any unlawful access or use of your data for any data transfers from the EEA to countries not considered adequate by the European Commission. This also applies to any vendor with whom we share personal data in order to fulfil your request for data and/or services.
5. Data Retention
We will retain Personal Data for as long as needed or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include: (i) the length of time we have an on-going relationship with our customer and provide the Services; (ii) whether there is a legal obligation to which we are subject; or (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
6. Data that is collected automatically
The following data will be collected for organisational and technical reasons when you use our internet sites: the names of the pages called up, of the browser being used and of the operating system, date and time of access, the search engines used, the names of downloaded files and your IP address.
We analyse this technical data anonymously and only for statistical purposes, in order to continually optimise our internet presence and to make our online services even more attractive. We will not use any automatically collected information for identification purposes.
Cookies are small text files which are sent to your browser by a web server and are saved on your computer’s hard disk. This information means you will be automatically recognised next time you visit our website, so you will find our site easier to navigate. Cookies allow us, for example, to adapt a web site to your interests. Some cookies serve essential functions required for the proper function of the website and others collect aggregate and non-personal information, unrelated to a single, personally identifiable user. Information collected in this way is used by the Company in order to understand the number of users accessing our Site and what information about our services and products is of interest to Site visitors. Information provided by users will be used solely to permit the Company to assess use of its Site, to provide service and user support and otherwise enhance customer service.
8. Tracking services
We may also use other tracking services, such as (but not limited to) Marketo and GeoLocator. These work in a similar way to Google Analytics. If you have any concerns then further information about these can be obtained by e-mailing FOI@touchpointinc.com.
We implement technical and organisational measures in order to protect any unlawful access or use of your data.
All our employees and all third parties involved with data processing are bound by an undertaking to handle personal data confidentially.
In the event of personal data being collected and processed, the information shall be transferred in encrypted form, to prevent misuse of the data by third parties. Our security measures are being continually revised in line with technological developments.
All third party contracts in which personal data is shared are properly reviewed to ensure safeguarding of data.
10. General information on external links
Where appropriate, you will find links on our websites to third party internet sites for your information. We have no influence on the content or the design of external pages that are operated by third parties. The content of this privacy statement will not be effective for third party pages. We will only work with third parties that can guarantee GDPR standards. For this reason, please contact the relevant provider for information about their provided data privacy statement.
11. Changes to the data protection regulations
We reserve the right to change these security and data protection measures. In this case, we will also adjust our data privacy notice accordingly. The date at the top of this document indicates when this privacy notice was last revised. Any changes will become effective when we post the revised privacy notice on the Services. Use of the Services following these changes signifies acceptance of the revised privacy notice. If our notice changes we will notify you the next time you visit our website or via email.
12. Your rights regarding your personal data
Depending on your citizenship and/or any local laws, you may have the right to request access to the personal data held on you.
We recognise the rights granted to EU data subjects under GDPR. Those rights include:
- The right to be informed about the collection and use of your personal data;
- The right to access your personal data and if technically possible to have this transferred to another controller;
- The right to have inaccurate personal data rectified, or completed if it is incomplete;
- The right to restrict, or object to processing
- The right to request erasure of your personal data (in certain circumstances);
- The right to lodge a complaint with any supervisory authority.
If you wish to request access/exercise your right of access you will be required to complete a “subject access request form” which can be downloaded by clicking here or if you prefer requested by emailing FOI@touchpointinc.com.
Furthermore, if you are an existing recipient of any marketing information, you can revoke your consent to the collection and storage of your personal data by us at any time by clicking here.
13. Contact Information
If you have any further questions about this policy, your rights or about the processing of your personal details, you can contact our data privacy specialists directly at FOI@touchpointinc.com.
For your protection, we request that all inquiries or complaints be submitted via email to the address listed above. Where necessary, we may ask for additional information to verify your identity before carrying out a request.