Privacy

Cookies enable us to identify your device, or you when you have logged in. We use cookies that are entirely necessary to enable you to move around the site or to provide certain basic features. We use cookies to improve the usability of our website by storing your preferences. We also use cookies to help us to improve the performance and functionality of our website to provide you with a better user experience.

We don’t sell the information collected by cookies, nor do we disclose the information to third parties, except where required by law.

Google Analytics Cookies

We may collect information about your computer, including your IP address, operating system and browser type, for system administration and in order to create reports. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.

The only cookies in use on our site are for Google Analytics. Google Analytics is a web analytics tool that helps website owners understand how visitors engage with their website. Google Analytics customers can view a variety of reports about how visitors interact with their website so that they can improve it.

Like many services, Google Analytics uses first-party cookies to track visitor interactions as in our case, where they are used to collect information about how visitors use our site. We then use the information to compile reports and to help us improve our site.

Cookies contain information that is transferred to your computer’s hard drive. These cookies are used to store information, such as the time that the current visit occurred, whether the visitor has been to the site before and what site referred the visitor to the web page.

Google Analytics collects information anonymously. It reports website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our site – for more information on opting out of being tracked by Google Analytics across all websites you use, visit this Google page.

Privacy Policy

Our commitment

Tradeforce Small Works is strongly committed to protecting the privacy of our users and clients. This Privacy Policy is intended to inform you how we gather, define and utilise your information.

 

This policy applies to all information collected by us, or provided by you, on the Tradeforce Small Works website or in any other way (such by telephone or by email).

 

Information we collect

When you visit our website or contact us by email or telephone you may choose to provide us with personal information, for example your name, company name, email address and phone number ("Information"). You may provide us with Information in a number of ways:

  • by supplying us with the Information as listed above, on an individual basis by completing a form on our website, 
  • by corresponding with us by email, in which case we may retain the content of your email messages together with your email address and our responses.

 

Our website also collects non-personally identifiable information about your IP address, your operating system, your browser ID, your browsing activity, and other information about how you interacted with our website.

 

Cookies

Like many other websites, Tradeforce Small Works website uses cookies and similar technologies such as tags and pixels (which we will refer to collectively as “Cookies”). Please see our Cookie Policy for further details of the Cookies used on the site and how you can block such Cookies.

 

How we use your personal information

When you provide personal information to us, we will use it for the purposes for which it was provided to us as stated at the point of collection (or as is obvious from the context of collection). Examples of the types of use are given in the ‘information we collect’ section above. The lawful basis for processing your data is based on our legitimate interest to do so in accordance with the context in which it was provided, to meet our contractual or legal obligations, or based on your consent. 

 

Data controller

Tradeforce Small Works is the data controller of any personal information collected through the Tradeforce Small Works website. If you have questions on privacy issues, please contact us using the details below.

 

Security

We take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. Our website uses secure, password- and firewall-protected servers, and uses SSL encryption. Data processed by external processors, for example, service providers, Cloud services including storage, web sites etc. are compliant with this policy and the relevant legislation. 

 

Our staff are made aware of this policy and are required to respect the personal data and privacy of others and must ensure that appropriate protection and security measures are taken against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to all personal data. 

 

Disclosure of your information

We may disclose your personal information to our third party service providers who process information on our behalf, or to government bodies and law enforcement agencies, where this is necessary to meet the purpose for which you submitted the information, or where we are required to do so by law.

 

As a result, your personal information may be transferred to countries outside the European Economic Area (EEA) and countries that do not have laws that provide specific protection for personal information. By submitting personal information to Tradeforce Small Works website, the visitor is providing explicit consent to the transfer of such information for the fulfilment of their voluntary requests as per the relevant privacy notice.

 

Sensitive personal information

We ask that you not send us or disclose any sensitive personal information (for example, social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through our websites or via other means.

 

Your consent

By using our website you consent to our collection and use of the Information as described in this Privacy Policy and in our Cookie Policy. If you do not consent to these terms, you should not use this website. If we change our privacy policies and procedures, we will post those changes on our website or otherwise notify you to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it.

 

Third party sites

Please remember that when you use a link to go from our website to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including websites which are linked to ours is subject to that site’s own rules and policies.

 

Data retention

The personal information you submit to us will be retained for as long as is necessary for the purposes for which it was collected as outlined in this Privacy Policy, unless a longer retention period is permitted or required by law. When data held in accordance with this policy is destroyed, it will be destroyed securely in accordance with best practice at the time of destruction. 

 

Your rights

We have a legal obligation to ensure that your information is kept accurate and up to date. Please assist us to comply with this obligation by ensuring that you inform us of any changes to your information. You have the right to request details of the information we hold about you and to delete or rectify any inaccurate information about you by sending us a written request to the address below.

 

If you have a serious concern about how we handle your information, or you would like to lodge a complaint, you may do so by contacting The Information Commissioner’s Office.

Data Protection Policy

Our commitment

Tradeforce Small Works is strongly committed to protecting the personal data of our users and clients. All personal data given to, or collected by, Tradeforce Small Works is considered confidential. In order to comply with the General Data Protection Regulations (GDPR), this policy applies to all staff or others who have access to personal data controlled by Tradeforce Small Works.

 

Scope of this policy

This policy applies to all personal data handled by Tradeforce Small Works, both that held in paper files and data held electronically. So long as the processing of the data is carried out for Tradeforce Small Works purposes, it also applies regardless of where data is held, and regardless of who owns the device on which it is stored.

 

‘Processing’ data is widely defined and includes every plausible form of action that could be taken in relation to the data such as obtaining, recording, keeping, or using it in any way; sharing or disclosing it; erasing and destroying it.

 

Definitions

Personal data

Personal data refers to any information about a living individual who can by identified from that data, or from that data and other information which is in the possession of, or is likely to come into the possession of the data controller. Tradeforce Small Works is the data controller. Examples of personal data include the name, email, phone number or address of an individual. 

 

Sensitive personal data

The GDPR refers to sensitive personal data as “special categories of personal data”. The special categories specifically include political opinions, religious beliefs, medical information, genetic data, and biometric data where processed to uniquely identify an individual.

 

Staff

For the purposes of this policy “staff” includes those employed by Tradeforce Small Works.

 

The General Data Protection Regulations (GDPR)

The GDPR applies to anyone who controls or processes personal data. Tradeforce Small Works is required by law to ensure that all data is stored and processed in line with the GDPR. The GDPR replaces existing data protection legislation, such as the Data Protection Act (1998). As a basic overview, Article 5 of the GDPR requires that personal data shall be:

 

  1. processed lawfully, fairly and in a transparent manner in relation to individuals;
  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
  3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  4. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
  5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
  6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

 

Tradeforce Small Works’s responsibilities

Tradeforce Small Works has a responsibility to ensure the confidentiality and security of data controlled, and processed, by the organisation. Tradeforce Small Works will:

  1. Ensure compliance with the GDPR and relevant legislation.
  2. Ensure all staff are made aware of the policy and receive adequate data protection training and support.
  3. Provide staff with appropriate resources (for example: secure email, cloud storage, up-to-date software and hardware), as relevant to their role.
  4. Only provide staff with access to the relevant personal data that is necessary for the fulfilment of their duties.

 

Responsibilities of all staff

Everyone is responsible for ensuring data protection is maintained.

  1. Be mindful of the fact that individuals have the right to see their ‘personal data’ (and this may include for example information received from prospective trainees or staff written in connection with an application to Tradeforce Small Works or any comments written about them in emails). You should not therefore record comments or other data about individuals which you would not be comfortable with the individual seeing, either in emails or elsewhere.
  2. You must report any breaches or suspected breaches as soon as you are aware of them. This includes lost or stolen laptops, memory sticks or other mobile devices, and accidental disclosures of information, for example sending an email to the wrong recipient.
  3. You must hold the contents of any personal data which comes into your possession securely, following the guidelines in this policy and other relevant training.
  4. You should ensure that any personal data you provide to Tradeforce Small Works is accurate, and notify Tradeforce Small Works promptly of any change.
  5. You must keep any log in details (such as email or website accounts) secure. You must never share your password with others.

 

Data security

Keeping personal data properly secure is key in complying with the GDPR. All staff and volunteers are therefore responsible for ensuring that if they keep any personal data, it is kept securely and is not disclosed (either orally or in writing or accidentally) to any unauthorised third party. It is important that you do not make unnecessary copies of documents containing personal data; this includes downloading attachments from emails to personal devices or storing personal data in a way that cannot be controlled by Tradeforce Small Works.

 

Data breaches

Tradeforce Small Works is responsible for ensuring appropriate and proportionate security for the personal data that we hold. This includes protecting the data against unauthorised or unlawful processing and against accidental loss, destruction or damage of the data. We make every effort to avoid personal data breaches, however, it is possible that mistakes will occur on occasions. Examples of personal data breaches include:

  • Loss or theft of data or equipment
  • Inappropriate access controls allowing unauthorised use
  • Equipment failure
  • Unauthorised disclosure (e.g. email sent to the incorrect recipient)
  • Human error
  • Hacking attack

 

If a data protection breach occurs, Tradeforce Small Works is required in most circumstances to report this as soon as possible to the Information Commissioner’s Office, and not later than 72 hours after becoming aware of it. Therefore, if you become aware of a data protection breach you must report it immediately.

 

Storing and transferring data

Following these steps will help ensure you keep personal data secure:

  1. Ensure that any personal data recorded in paper form or hard copy documents are kept in locked filing cabinets or locked drawers or in locked offices.
  2. Ensure that the same measures are taken in regards to any discs or memory sticks or similar devices on which personal data is held, for example, they must also be kept in a secure and locked location.
  3. Ensure that if any personal data is held on a Mobile Device that it is properly password protected and where appropriate encrypted.
  4. Ensure special care is taken whenever data is transferred from one place to another to ensure security of the data is paramount. For example, care must be taken to encrypt memory sticks used to transfer data, to avoid losing devices containing personal data in transit, or to avoid sensitive personal data being transferred to a device which is not password protected and encrypted).

 

IT Security

Much of the personal data controlled by Tradeforce Small Works is stored electronically. All staff should abide by the following guidelines:

  1. You should only use your Tradeforce Small Works email account for Tradeforce Small Works related activities, and should never send personal data to or from a personal email account.
  2. Those who use personal devices should access their emails in their browser and take care to ensure that any attachments containing personal data are not downloaded or stored on their system.
  3. Ensure you regularly update your computer’s operating system and software to the latest and most secure versions.
  4. Take care when accessing personal data in public spaces. Think about who could see the data without proper authorisation.
  5. Always use secure passwords and never share them with anyone.
  6. Keep personal data on Tradeforce Small Works owned devices/accounts. Tradeforce Small Works provides staff with access to secure cloud storage for files containing personal data and contact details.

 

Prohibited activities

You must never:

  • use data obtained for one purpose for another purpose (for example, using contact details provided for HR-related purposes for marketing purposes)
  • disclose personal data to a third person outside of Tradeforce Small Works without the consent of the data subject.

 

Rights to access information

Individuals have the right to access any personal data that relates to them which Tradeforce Small Works holds. Any person who wishes to exercise this right should see the Privacy Policy for details of how to do so. You should never share personal data with someone without verifying their identity.

 

Implications of breaching this policy 

All staff are required to comply with this Data Protection Policy, its supporting guidance, training and the requirements specified in the GDPR. Anyone who is found to have made an unauthorised disclosure of personal information or breached the terms of this policy may be subject to disciplinary action. 

 

A serious breach of this policy, or the GDPR (such knowingly or recklessly obtaining and/or disclosing personal information without the consent of Tradeforce Small Works) may also result in Tradeforce Small Works and/or the individual being held liable in law.