- Our Services
Lightwater TPC Privacy Notice
This privacy notice sets out how we, Lightwater TPC (“Lightwater”), collect, store and use information about you when you use and interact with our website (http://lightwatertpc.co.uk/), and/or when engage with our company through other means (such as by telephone, email or in person).
Lightwater TPC is the data controller of the personal information and data that you provide to us.
This privacy notice was last updated on 6th July 2018.
Why do we collect information about you?
We collect your personal information so that we can:
- provide you with any information about our company, its products and services that you request,
- provide you with any marketing information that you have requested to receive,
- understand more about how our visitors use our websites and the information about our company, its products and services, and our wider industry, that we provide on our websites, and
- service any contracts and/or written agreements that we have with you or the business you work for, in relation to the ongoing supply of our products and/or paid support services.
We will not collect any personal information from you that we do not need in order to provide these services to you.
What information do we collect about you?
When you contact us, we restrict the information we collect about you to include: your name, email address, contact telephone number(s), the name of the company you work for, your job title, and the address of your place of work or if relevant your home address.
You do not have to provide all of this personal information to us. However, if you choose not to provide some of this information to us, we may not be able to fully provide you with the services that you have requested from us or fully service any contract or agreement made with you or the business you work for.
When you visit our website, other personal information about you may be collected through your internet browser. This includes collection by us directly as well as by any plug-ins we use on our website to make it work better. We have included details on these types of information and how we use your information below.
Our policy on Sensitive Personal information
Your personal information is considered ‘sensitive’ when it reveals your: racial or ethnic origin, details of your sexual life or sexual orientation, religious, political or similar beliefs or opinions, trade union activities, genetic, health or medical information, biometric information (e.g. fingerprints), or criminal history.
We do not knowingly request or collect any sensitive personal information about you. If you do – intentionally or accidentally – give us any sensitive personal information about you, it is our policy not to store or collect it.
How will we use information about you?
How we use your information will depend on the purposes for which we have collected it. You can read how we use your information based on our purposes for collecting it below.
We will not share your personal information with any other third parties for any other reason than fulfilling the express purposes for which we have collected your personal information.
When you visit our website
Types of information gathered: Your IP address and details about your visit to our websites (e.g. which pages you visited, the links you accessed, information about your web browser and device’s operating system and how you accessed our website).
How we collect that information: We use Google Analytics to collect this standard log information about how you use our websites. No personally identifying information is captured using this service.
What we do with it: We use this information to monitor and report how visitors interact with our websites so that we can make our website more helpful to them.
When you contact us
Types of information gathered: Your name, email address, contact telephone number(s), the name of the company you work for. We may also collect your job title, and the address of your place of work or if relevant your home address.
How we collect that information: Via telephone, your email signature (if you email us), or your other relevant contact details you provide at the point of your contact (e.g. if you contact us through an online directory website, or social media).
What we do with it: We use your information to respond to any requests for information you make to us. We also store your information in our customer relationship management (CRM) database for reporting on requests made to our company. Our CRM servers are located in the UK.
When you join our email mailing list
Types of information gathered: Your name and email address, as well as any subscription preferences you choose at the point of signing up to our email mailing list.
How we collect that information: Through the ‘join our newsletter’ plug-in on our website, as supplied by our third-party provider, Mailchimp.
What we do with it: We use your details to send you newsletters and information via email according to your preferences. We also gather statistics as to opening and clicks of our email campaigns to improve our electronic communications. Your data is stored on Mailchimp’s servers in the USA.
When you or your business have an ongoing contract with us
Types of information gathered: Your name, email address, contact telephone number(s), the name of the company you work for, your job title, and the address of your place of work or if relevant your home address. We may also collect personal information of other relevant people you work with on the basis that you have their consent to share their personal information.
How we collect that information: At the point of your order (via telephone or email), when you log a request for support with us, or when you attend one of our training courses.
What we do with it: We store your information in our customer relationship management (CRM) database for ongoing management of the contract or agreement we have for the supply our products and/or paid services to your company, and so that we may verify and report on users of our system in accordance with our products’ licence terms. Our CRM servers are located in the UK.
Additional uses of your information
Types of information gathered: Your name, email address, contact telephone number(s), the name of the company you work for, your job title, the address of your place of work or if relevant your home address, details of your operating system and IP address, and how you have used our services.
How we collect that information: When you contact us via email, telephone, the contact forms on any of our websites, or join our mailing list; using Google Analytics when you visit our websites; when you order from us or raise a support request through an existing agreement between us and the business that you work for.
What we do with it: Your information may be used to fulfil any of our standard business processes, such as filing information with our accountants, solicitors, cyber security engineers or other business service providers.
How long will we retain information about you?
How long we retain your personal information depends on the purpose for which we have collected it. For ease, please see the table below.
|Method/purpose for collection||Data held by||Retention period|
|Browser and operating system information collected when you visit our website(s)||Google Analytics||At least 25 months, but none of your personally identifying information is made available directly to us. You can opt out of Google Analytics by installing the browser add-on tool here: https://tools.google.com/dlpage/gaoptout|
|Personal information you supplied to us when you contacted us||Lightwater (using third party database hosting providers)||2 years from your last point of contact, unless you ask us to hold your information for longer|
|Name and email address supplied when you sign up to our mailing list||Mailchimp||As long as you remain subscribed to our mailing list, or until we choose to cancel our mailing list (whichever occurs first). You can change your mailing list subscription preferences at any time by clicking the link at the bottom of any mailing list email.|
|Any personal information you supplied when you ordered from us, in relation to your order||Lightwater (using third party database hosting providers)||Minimum 6 years, according to our obligations under UK tax law|
|Personal information you supplied to us when you request information or support in relation to an agreement for our ongoing services with the company for whom you work||Lightwater (using third party database hosting providers)||6 years after we or your company terminate any contract for the supply of our services to your organisation, or we are notified that you are no longer employed by that company (whichever occurs first).|
How do we protect your information?
We regularly review our policies, processes and those of any relevant third-party service providers to ensure they meet the standards set out by UK and EU data protection law and our own standards for the protection of your data.
In addition to our privacy statement here, you can read the privacy statements of the third party feature and plug-ins that we use on our websites:
- Google Analytics (visitor statistics feature): https://support.google.com/analytics/answer/6004245
- Captainform (contact form features): http://www.captainform.com/privacy-policy/
- vMailchimp (mailing list provider): https://mailchimp.com/legal/privacy/
Our processes, policies and infrastructure also externally audited annually against the Cyber Essentials Plus standard for ‘cyber hygiene’ within our organisation. The Cyber Essentials Plus standard is a UK government-backed scheme that is designed to help organisations protect themselves against the most common forms and methods of cyber-attack.
What is our marketing policy?
We will always ask for your consent before using your personal information for marketing purposes. You have control over the methods we use for contacting you for marketing purposes (for example, email, telephone or direct mail), and where we offer it, the types of marketing information you would like to receive from us.
If you give us consent for sending you marketing information or getting in touch with you for marketing purposes, you may withdraw that consent at any time.
If you have registered to receive marketing information through our mailing list, you may update your preferences or unsubscribe from our mailing list at any time by clicking on the link at the bottom of any email you receive from our mailing list. Alternatively, to request your removal from our mailing list by emailing us directly at firstname.lastname@example.org.
We will not share your information for marketing purposes with any third party companies.
What is our cookies policy?
Cookies are widely used by many websites to make those websites work, or work better, for their visitors. Cookies can also be used to provide information to the owners of the website, for example, to help owners better understand how visitors use their websites.
You can read more about cookies at www.allaboutcookies.org.
How can you change your cookie settings?
Most web browsers will allow you some level of control of the cookies it accepts or rejects. You can change your cookie settings through your browser’s options or settings page.
You can also opt out of Google Analytics tracking cookies by using Google’s browser add-on tool, available here: http://tools.google.com/dlpage/gaoptout.
What are your rights?
You have the right to request that we update or correct any of the information we hold about you at any time. You can also request a copy of the information that we hold about you by emailing us at email@example.com.
Under General Data Protection Regulation (GDPR) law, from May 25th 2018, you also have the right ‘to be forgotten’ by us. This means that you have the right to request that we remove all unrequired, personally identifying information that we hold about you. You can make this request by emailing firstname.lastname@example.org.
In both cases, please be aware that we will ask for proof or verification of your identity before releasing any copies of personally identifying information to you.
For all marketing or non-contractual purposes, you have the right to withdraw your consent to us hold your data for these purposes at any time.
If you believe we are not handling your personal information correctly, fairly or with your consent, you also have the right to lodge a complaint with a supervisory authority responsible for overseeing and regulating the GDPR in an EU Member State. In most cases, this will be the supervisory authority of the country where you live.
For the UK, the supervisory authority is the Information Commissioner’s Office, whose website is www.ico.org.uk.
How can you get in touch with us?
For all enquiries relating to our privacy notice, you can get in touch with us using the details below:
Business address: 10 Kilmorey Park Avenue, Chester, CH2 3QU