Trimline Limited (Trimline) are committed to protecting your privacy. We will only use the information that we collect from you lawfully, in accordance with the European Union’s General Data Protection Regulations 2018 (GDPR) as well as with this policy. This Privacy Notice explains how personal data is collected, stored, used and disclosed by Trimline. The notice is applicable to data provided in the course of Trimline’s service delivery to its customers including all relevant interaction with our supply chain, it applies to information obtained from our Website and Subcontractor Travel Portal. By accessing or using our sites, products and services you signify that you have read, understood and agree to our collection, storage, use and disclosure of your information as described in this Privacy Notice.
This Privacy Notice may be revised on an adhoc basis to reflect changes in our business requirements and to reflect any changes to data protection laws and regulations.
2. Who we are?
The data Controller referred to in this Notice is Trimline Limited (Company registered in England and Wales No. 837766). This means that Trimline is responsible for determining the purpose and means for processing of your personal data.
3. What personal data do we collect?
‘Personal data’ means information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Trimline may collect, use, store and transfer personal data about you as follows:
- Identity data – Name, marital status, title, date of birth, gender, passport details, driving licence details, physical attributes, qualifications, data contained in photographs, videos or CCTV images. The above may relate to you personally, a family member or next of kin.
- Contact data – Postal address, telephone number, email address, IP address.
- Financial and transactional data – bank account details, details of payments to and from you, details of products and services purchased from or by Trimline.
- Profile data – Your interests, preferences, references, memberships of professional bodies, feedback and enquiries.
- Marketing and communication data – Your preferences in receiving marketing material from us and your communication preference.
4. How do we use personal information?
Trimline uses the personal data that it collects for the purpose of undertaking its legitimate business interests and for the purpose indicated at the time of collection. Such uses may include:
- Entering into and fulfilling contractual agreements with you, including the provision of products and services.
- To set up vendor and subcontractor accounts, place orders and make payment in respect of services and products received as part of our supply chain.
- Responding to queries and enquiries received via our website and other means.
- To market our services.
We may use your personal information to communicate with you. You can choose how you would like to receive information from us, options may include mail, email or telephone. With your permission, we may contact you from time to time with communications that we feel will be of interest to you such as information about our services, news and updates.
We operate closed circuit television (CCTV) cameras on our premises. These CCTV cameras record continually and images of you may appear in these recordings (“CCTV images”).
5. What legal basis do we have for processing your personal data?
Trimline rely on several lawful basis of processing for the collection and use of personal data in the operation of our business, these include:
- Contract – in order to perform contractual obligations, we may have with an individual or to take steps to enter into a contract with an individual.
- Consent – where an individual has freely given consent at the time their personal data was provided to us.
- Legitimate interests – the legitimate interests can be ours, our clients or other third parties (e.g. to provide our services, to develop or protect our business, or to keep people informed about relevant products and services) and we always balance the rights of individuals with ours’ and others’ legitimate interests.
Where we process personal data based on consent, you have a right to withdraw consent at any time, in order to withdraw your consent please contact us.
6. When do we share personal data?
Trimline will ensure your personal data is treated confidentially and lawfully at all times. We may share your data where this is necessary for the purpose that the data was collected or for compliance with relevant legal and regulatory requirements. We may share your data with the following:
- Professional advisors, auditors or insurers, where we are required by law or regulation or where reasonably required in the management of our business;
- Third party service providers such as IT software and cloud-based storage providers, archiving storage providers, payment service providers;
- Our Customers and their Agents;
- Our travel partners
7. Where do we store and process personal data?
Personal data is stored by Trimline on servers within the European Economic Area (EEA). We may however, from time to time, transfer data to third parties as set out above. These third parties may be located outside the EEA. All our third-party service providers are required to take appropriate security measures in line with our policies. Contractual arrangements are in place to ensure all personal data is protected in accordance with EEA standards. We do not allow third party service providers to use personal data for their own purposes. We only allow them to process your personal data in accordance with our instructions for the purpose specified.
8. How do we secure personal data?
Security of your personal data is of primary importance to us and we take all reasonable steps to ensure this is protected including:
- The adoption of detailed policies and procedures;
- Training of our staff in relation to data protection, confidentiality and information security;
- Restricted of access to personal data to only those who are necessary for the processing of the data;
- Implementation and maintenance of IT security solutions and disaster recovery plans to minimise risk of data loss and unauthorised access;
- Use of contractual agreements, due diligence and audits to ensure third party providers comply with Trimline’s data protection policies;
9. How long do we keep your personal data for?
We will only retain your personal data for as long as necessary to fulfil the requirement that it was collected for. In determining and appropriate retention period we will consider:
- The purpose for which we are processing the data;
- Any legal, regulatory or contractual requirements;
- The amount, nature and sensitivity of the data.
10. Your rights in relation to personal data
The GDRP contains certain rights for individuals over their personal data as summarised below:
- Access to personal information – You can request a copy of all of your personal data held by Trimline;
- Correction – Should you become aware of any inaccuracies in your personal data please contact us and we will update accordingly.
- Deletion – You can request that your personal data be deleted when it is no longer required for the purpose that it was collected. Data required to be retained for legal or regulatory purposes would be excluded and retained on record.
- Withdrawal of consent (if processing data on condition of consent) – You have a right to withdraw consent at any time. In order to do so please contact us.
- Data portability – You can request that your data is sent to yourself or another organisation
- Restriction of processing and objection – You can ask to restrict the use of your personal data
- Lodging a complaint with the Information Commissioner’s Office
Trimline will aim to respond to any data access request in a timely manner and in accordance with the requirements of the GDPR. Should you wish to contact us please use the contact details below.
11. How to contact us?
Should you have any questions or concerns about this Privacy Notice or the handling of your personal data, or should you wish to exercise any of your rights as outlined above, please contact our Data Protection Officer:
Data Protection Officer
You also have the right to report concerns or make complaints to the Information Commissioner’s Office (ICO). For more information on your rights and how to contact the ICO, please refer to their website.