At TrustID, we recognise and respect the importance of protecting individuals’ privacy. Data privacy laws, specifically the UK Data Protection Act 2018, protect the security of personally identifiable information (personal data/Personal Information) captured and/or processed by TrustID staff or software applications. Further details are recorded on TrustID’s entry on the Data Protection Register (ref Z3040994) maintained by the Information Commissioner’s Office (ICO).
Additionally, all data is protected in accordance with Trust ID’s Information Security Management System, which is certified to ISO 27001.
This Privacy Notice applies to the personal data of people who visit our websites (Websites), including https://www.trustid.co.uk and http://content.trustid.co.uk. This Privacy Notice also governs our personal data collection, processing and usage practices for marketing purposes. It also describes your choices regarding use, access and correction of your Personal Information. Under data protection law, TrustID (see our address below) is the controller of such personal data. The contact details of our data protection officer are: URM Consulting Limited, Blake House, Manor Park, Manor Farm Road, Reading RG2 0JH.
1. Important Information
1.1. Changes to this Privacy notice
This is Version 2 of this Privacy Notice and is dated 27 May 2022. We may update this Privacy Notice from time to time by posting a new version online. You should check this page occasionally to review any changes. This helps you to always be aware of what information we collect, how we use it and under what circumstances, if any, it is disclosed. Your continued use of the Websites will be subject to the terms of the then-current Privacy Notice.
1.2. Contact Us
If you have any questions about this Privacy Notice or our treatment of the information you provide us, please write to us by email at dpo@trustid.co.uk or by post to TrustID, The Blade, Abbey Street, Reading, RG1 3BA.
2. Information We Collect
2.1. When You Visit our Websites
You are free to explore the Websites without providing any Personal Information about yourself. However, when you visit certain pages of our Websites, we request that you provide Personal Information about yourself, and we collect Navigational Information.
2.1.2. “Personal Information”
This refers to any information that you voluntarily submit to us and that identifies you personally, including contact information, such as your name, e-mail address, company name, address, phone number, and other information about yourself or your business.
2.1.3. “Navigational Information”
This refers to information about your computer and your visits to our Websites such as your IP address, geographical location, browser type, referral source, length of visit and pages viewed. Please see the “3.2.1.1 Use of Navigational Information” and “4. Navigational Information” sections below. Our company uses a third-party system to provide information about visitors to our Websites. When you visit our Websites, we will record your IP address. This address will be matched against public and proprietary IP address databases to provide us with information about your visit. This information may identify the organisation to whom the IP address is registered but not individuals. In some limited cases, i.e. single person companies, it may be possible to identify personal data from publicly available Internet Corporation for Assigned Names and Numbers (ICANN) data.
2.1.4. Information About Children
TrustID Websites are not intended for or targeted at children and we do not knowingly or intentionally collect information about children. If you believe that we have collected information about a child, please contact us at dpo@trustid.co.uk, so that we may delete the information.
2.2. Customer (and Potential Customer) Onboarding
For the above purpose we collect the following Personal Information about leads and contacts at potential customers and customers: full name; business postal address; email address (usually, but not always, work); job title; notes about customer; and telephone number(s) (usually work).
2.3. Our Customer Relationship Management (CRM) System
2.3.1. CRM Details Collected Directly from Individuals
For the above purpose we collect the following Personal Information about existing, potential and former customers of Trust ID: full name; business postal address; email address (usually, but not always, work); job title; notes about customer; signature; and telephone number(s) (usually work).
2.3.2. CRM Details Collected from Purchased Third Party Lists
Occasionally, like many businesses, we purchase potential customer contact details from third party list brokers. For this purpose we collect the following Personal Information about the individuals named on purchased lists: full name; business postal address; email address (usually, but not always, work); job title; and telephone number(s) (usually work).
2.4. Live Chat Facility
For the above purpose we collect the following Personal Information about visitors to our Websites who engage with Live Chat: full name and email address.
2.5. Webinars we Organise
For the above purpose we collect the following Personal Information about people we invite to our webinars, those who respond to such invitations and those who attend the webinars: full name; email address (mostly work, but some home); and faces and backgrounds on attendees’ computer web cameras (if attendees choose to switch these on).
3. How We Use Information We Collect
3.1. Compliance with Our Privacy Policy
We use the information we collect only in compliance with this Privacy Notice and we will never sell your Personal Information to any third party.
3.2. Use of Personal Information
3.2.1. Websites
In addition to the uses identified elsewhere in this Privacy Notice, we may use your Personal Information to: (a) improve your browsing experience by personalising the Websites; (b) send information to you which we think may be relevant and of interest to you by post, email, or other means.
3.2.1.1. Use of Navigational Information
We use Navigational Information to operate and improve our Websites. We may also use Navigational Information alone or in combination with Personal Information to provide you with personalised information about TrustID services.
3.2.1.2. Customer Testimonials and Comments
We post customer testimonials and comments on our Websites, which may contain Personal Information. We obtain each customer’s consent via email prior to posting the customer’s name and testimonial.
3.2.1.3. Security of your Personal Information
Data collected in the UK is held in accordance with the Data Protection Act. All reasonable precautions are taken to prevent unauthorised access to this information. This safeguard may require you to provide additional forms of identity should you wish to obtain information about your account details.
If you have any questions about the security of your Personal Information, you can contact us at dpo@trustid.co.uk
3.2.1.4. External Websites
Our Websites may provide links to other websites. We do not control, and are not responsible for, the content or practices of these other websites. Our provision of such links does not constitute our endorsement of these other websites, their content, their owners, or their practices. This Privacy Notice does not apply to these other websites, which are subject to any privacy and other policies they may have.
3.2.1.5. Retention of Personal Information
We retain Personal Information that you provide us as long as we consider it potentially useful in contacting you about our services, or as needed to comply with our legal obligations, resolve disputes and enforce our agreements, and then we securely delete the information. We will delete this information from the servers at an earlier date if you so request, as described in “Opting Out and Unsubscribing” below.
3.2.1.6. Changes in Our Corporate Status
If we (or our assets) are acquired by another company, whether by merger, acquisition, bankruptcy or otherwise, that company would receive all information gathered by TrustID on our Websites. In this event, you will be notified via email and/or a prominent notice on our Websites, of any change in ownership, uses of your Personal Information, and choices you may have regarding your Personal Information.
3.2.1.7. Compelled Disclosure
We reserve the right to use or disclose your Personal Information if required by law or if we reasonably believe that use or disclosure is necessary and proportionate to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.
3.3. Customer (and Potential Customer) Onboarding
We record incoming enquires (via website, email, HubSpot, contact lists from exhibitions and events) and create entries on our CRM system, provided by our processor Salesforce, as a lead, then contact and associated customer account. Salesforce share the Personal Information we collect for this purpose (see 2.2 above) with their group subsidiaries (as sub-processors) around the world, including in countries outside the United Kingdom that do not benefit from an adequacy decision from the UK Government. The appropriate safeguards which protect such Personal Information while it is being processed in these countries are either Salesforce’s Binding Corporate Rules (BCRs), or the EU Standard Contractual Clauses issued in June 2021 (and the UK Addendum, where applicable). You may obtain a copy of these appropriate safeguards by writing to us at the email address shown below. Our lawful basis for processing Personal Information for this purpose is that it is necessary for our legitimate interests as controller.
3.4. Our CRM System
3.4.1. CRM Details Collected Directly from Individuals
We track and record the sale lifecycle, and manage existing and potential and former customers; and run business reporting (financial and marketing). Salesforce share the Personal Information we collect for this purpose (see 2.3.1 above) with their group subsidiaries around the world, including in countries outside the United Kingdom that do not benefit from an adequacy decision from the UK Government. The appropriate safeguards which protect such Personal Information while it is being processed in these countries are either Salesforce’s Binding Corporate Rules (BCRs), or the EU Standard Contractual Clauses issued in June 2021 (and the UK Addendum, where applicable). You may obtain a copy of these appropriate safeguards by writing to us at the email address shown below. Our lawful basis for processing Personal Information for this purpose is that it is necessary for our legitimate interests as controller.
3.4.2. CRM Details Collected from Purchased Third Party Lists
We add to Salesforce or HubSpot leads from lists purchased from external list brokers. Salesforce share the Personal Information we collect for this purpose (see 2.3.2 above) with their group subsidiaries around the world, including in countries outside the United Kingdom that do not benefit from an adequacy decision from the UK Government. The appropriate safeguards which protect such Personal Information while it is being processed in these countries are either Salesforce’s Binding Corporate Rules (BCRs), or the EU Standard Contractual Clauses issued in June 2021 (and the UK Addendum, where applicable). HubSpot share such Personal Information with their affiliates around the world, including in countries outside the United Kingdom that do not benefit from an adequacy decision from the UK Government. The appropriate safeguards which protect such Personal Information while it is being processed in these countries are the EU Standard Contractual Clauses issued in June 2021 (and the UK Addendum, where applicable). You may obtain a copy of these appropriate safeguards by writing to us at the email address shown below. Our lawful basis for processing Personal Information for this purpose is that it is necessary for our legitimate interests as controller.
3.5. Live Chat Facility
Live Chat is the window that appears when someone visits our Websites, which asks if they have a question and offers them the opportunity to seek further information. It is provided by our processor, Live Chat Inc. Live Chat Inc processes the Personal Information which visitors provide to Live Chat (see 2.4 above) in various countries around the world including ones outside the United Kingdom that do not benefit from an adequacy decision from the UK Government. The appropriate safeguards which protect such Personal Information while it is being processed in these countries are either the International Data Transfer Agreement (IDTA) clauses issued by the ICO in March 2022, or the EU Standard Contractual Clauses issued in June 2021 (and the UK Addendum, where applicable). You may obtain a copy of these appropriate safeguards by writing to us at the email address shown below. Our lawful basis for processing Personal Information for this purpose is that it is necessary for our legitimate interests as controller.
3.6 Webinars we Organise
We invite existing customers and members of the wider public to attend webinars; and keep a record of those who respond to invitations and who attend the webinars. We share the Personal Information provided for this process (see 2.5 above) with our webinar provider Go To (as processor). Go To share this Personal Information with various of their group members (as sub-processors) around the world, including ones outside the United Kingdom that do not benefit from an adequacy decision from the UK Government. The appropriate safeguards which protect such Personal Information while it is being processed in these countries are the EU Standard Contractual Clauses issued in June 2021 (and the UK Addendum, where applicable). You may obtain a copy of these appropriate safeguards by writing to us at the email address shown below. Our lawful basis for processing Personal Information for this purpose is that it is necessary for our legitimate interests as controller. The exception allowing us to process any special category personal data which webinar attendees may choose to provide during webinars (e.g. by switching on their computer’s web camera) is that by doing so the data subject has manifestly made such data public.
4. Navigational Information
4.1. Cookies
Our Websites use cookies. By clicking on the consent box when our ‘Cookies Consent’ banner appears on our Websites, you consent to TrustID’s use of cookies in accordance with the terms of this section of this Privacy Notice. We use cookies to help you personalise your online experience – we use them to analyse trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base as a whole.
A cookie is a text file that is placed on your hard disk by a Web server. Cookies are not used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a Web server in the domain that issued the cookie to you. One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the Web server that you have returned to a specific page. For example, if you personalise pages on our Websites, a cookie helps us to recall your specific information on subsequent visits. When you return to the same Website, the information you previously provided can be retrieved, so you can easily use the customised features.
You can choose to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer (see 4.3 Refusing Cookies). TrustID keeps track of the Websites and pages you visit within HubSpot, in order to determine what portion of the TrustID Websites is the most popular or most used.
Our Websites run using HubSpot and HubSpot’s tracking code sets the following cookies, when you visit our Websites:
__hstc
The main cookie for tracking visitors. It contains: the domain, utk (see below), initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session)
(Expires: 2 years)
hubspotutk
This cookie is used for to keep track of a visitor’s identity. This cookie is passed to HubSpot on form submission and used when deduplicating contacts.
(Expires: 10 years)
__hssc
Cookie for keeping track of sessions. This is used to determine if we should increment the session number and timestamps in the __hstc cookie. It contains: the domain, viewCount (increments each pageView in a session), session start timestamp.
(Expires: 30 min)
__hssrc
Whenever HubSpot changes the session cookie, this cookie is also set. We set it simply to the value “1”, and use it to determine if the user has restarted their browser. If this cookie does not exist when we manage cookies, we assume it is a new session. (Expires: None. Session cookie)
__hs_opt_out
This cookie is used by the opt-in privacy policy to remember not to ask the user to accept cookies again. This cookie is set when you give users the choice to opt out of cookies.
(Expires: 2 years)
__hs_do_not_track
This cookie is set when you give users the choice to opt out of cookies and they choose to do so. It disables tracking and personalisation. (Expires: 2 years)
__hs_testcookie
This cookie used to test whether the visitor has support for cookies enabled. (Expires: Session cookie) hsPagesViewedThisSession This cookie used to keep track of page views in a session. (Expires: Session cookie)
4.2 Google cookies
TrustID uses Google Analytics to analyse the use of our Websites. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users’ computers. The information generated relating to our Websites is used to create reports about the use of the Websites. Google will store and use this information. Google’s privacy policy is available at: http://www.google.com/privacypolicy.html
4.3. Refusing cookies
In Internet Explorer, you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector.
In Firefox, you can adjust your cookies settings by clicking “Tools”, “Options” and “Privacy”.
In Edge, you can block some or all cookies by clicking “Settings”, “Advanced Settings” and choose your preference under Cookies.
Blocking cookies may have a negative impact upon the usability of our Websites.
5. Opting Out and Unsubscribing
5.1. Reviewing, Correcting and Removing Your Personal Information
Upon request, TrustID will provide you with information about whether we hold any of your Personal Information. If you provide us with your Personal Information, you have the following rights with respect to that information:
· To review the user information that you have supplied to us
· To request that we correct any errors, outdated information, or omissions in user information that you have supplied to us
· To request that your user information not be used to contact you
· To request that your user information be deleted from our records
· To request that certain processing be restricted
· To object to certain processing
· To data portability in certain circumstances
· To opt out of receiving marketing communications from TrustID
To exercise any of these rights, please contact us at dpo@trustid.co.uk or by mail to TrustID Ltd, 9 Greyfriars Road, Reading, RG1 1NU. We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken.
5.2. To Unsubscribe from our communications
You may unsubscribe from our marketing communications by clicking on the “unsubscribe” link located on the bottom of our e-mails, or by sending us email us at dpo@trustid.co.uk or by mail to TrustID Ltd, The Blade, Abbey Street, Reading, RG1 3BA. Customers cannot opt out of receiving transactional emails related to their account with us.