Skip to content

Privacy Statement

TICKL is committed to respecting and protecting your privacy

This privacy statement explains how we collect, store and use your personal data in compliance with applicable data protection law including, where relevant (as amended from time to time) the General Data Protection Regulation (EU) 2016/679 (“EU GDPR“), the EU GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 No. 419 (“UK GDPR“) and the UK Data Protection Act 2018.

Who we are

TICKL is a data consultancy based in the United Kingdom. TICKL Ltd (a company registered in England and Wales with company number 12691726 and registered address at Harpenden Hall, Southdown Road, AL5 1TE) controls the collection and processing of any personal data that you provide to us in relation to this website.

Terms used in this privacy statement have the meanings given to them in the EU GDPR unless otherwise stated. Any reference to “we”, “us” or “our” should be understood as a reference to to TICKL Ltd and any reference to “you” or “your” should be understood as a reference to a data subject whose personal data we process for the purposes described in this privacy statement.

For the avoidance of doubt, this privacy statement is not a contract and does not itself create any legal rights or obligations.

If you have any questions about us processing your personal data, please contact data@tickl.org.

How we collect personal data

We may collect personal data:

  • directly from you when you engage with us.
  • indirectly from third-party sources including your organisation, your representatives, publicly available sources and our service providers.
  • from our clients, when we handle personal data for the purposes of providing our services.
  • from regulatory bodies.
  • from other companies providing services to us.

When we collect personal data directly from you it is your decision whether to provide data. If you do not provide data, it may hinder your use of, or make it not possible to use, our services or products, not allow you to remain in contact with us, to enter into contracts / agreements with us, or to exercise your rights. If you provide information to us about another person, you must ensure that you comply with any legal obligations that may apply to your provision of the information to us, and allow us, where necessary, to share that information with our service providers.

How we use your personal data

How we use your personal data depends on the nature of your relationship with us. How we use your personal data and our legal basis for doing so, including where applicable our legitimate interest is explained below.

We will only use your personal data when applicable law allows us to. Depending on the nature and purposes of processing being carried out, our basis for processing may include:

  • pursuing our legitimate interest or those of a third party. Under the EU GDPR and the UK GDPR, the lawful basis of such processing is Article 6(1)(f) of the EU GDPR (or equivalent provisions in the UK GDPR); i.e. the processing is necessary for the purposes of our legitimate interests or those of a third party, except where such interests are overridden by your interests, fundamental rights and freedoms which require protection of personal data.
  • complying with legal obligations. Under the EU GDPR and the UK GDPR, the lawful basis of such processing is Article 6(1)(c) of the EU GDPR (or equivalent provisions in the UK GDPR); i.e. the processing is necessary to discharge a relevant legal or regulatory obligation to which we are subject.
  • performance of a contract. Under the EU GDPR and the UK GDPR, the lawful basis of such processing is Article 6(1)(b) of the EU GDPR (or equivalent provisions in the UK GDPR); i.e. the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract.

Generally, we do not rely on consent as a legal basis for processing your personal data, although we will obtain your consent before sending third party direct marketing communications to you, or where your consent is otherwise required under applicable law. You have the right to withdraw your consent at any time by contacting us using the details set out under “Contacting Us” below.

We do not sell your personal information. We do not envisage your personal data will undergo any automated decision making.

Visitors to our website

When you visit our website, we automatically collect, store and use technical information about your equipment and your interaction with our website. This information is sent from your computer to us using cookies. You can read more about our use of cookies in our cookies notice.

This privacy statement does not apply to any links within this site that link to other websites. We encourage you to read the privacy statements / notices on the other websites you visit.

Former TICKL staff

If you have previously been employed by us, we may continue to process personal data that was collected before and during your working relationship with us. This data includes contact and biographical information, financial information, compensation and benefits information, employment/personnel records (including job title, contract information, training records, renumeration, performance information), photographs, webinars and podcasts.

We may process this data because we have a legitimate interest in maintaining records, to provide you with references, to publicise our activities, and to conduct data analytics studies to review and better understand our workforce. We may also use this information to establish, exercise or defend legal claims and to comply with our regulatory and legal obligations (including in relation to applicable tax and employment law).

We may continue to process special category data, including race, ethnicity and health-related information, where necessary and permitted by applicable law, to fulfil our legal obligations or exercise rights in connection with employment, social security or social protection law; to establish, exercise or defend legal claims or where it is in the public interest to do so.

We do not share personal data with third parties following your employment or contractual relationship with us except as necessary to fulfil ongoing legal or contractual obligations.

Clients and those whose personal data we process in connection with our professional services

When our clients engage us to provide our services, we may collect personal data, including name, contact information, financial information and other information relevant to the services we provide. This information may be collected directly from you, supplied by your organisation or provided by another source. We use this information for the purposes of:

  • conducting due diligence, including on-boarding processes and compliance checks.
  • managing our client relationships and providing our services.
  • operating and giving you access to our products / tools.
  • managing billing, payments and financial records.
  • responding to requests from regulators.

We use information about our clients (and their representatives) to fulfil our contractual, legal and regulatory obligations or because we have a legitimate interest in processing the information to provide our services and manage our business relationships.

We only process special category data where processing is necessary in order to provide our clients with our services, where we are subject to a legal obligation to do so or where it is necessary to do so to establish, exercise or defend legal claims.

Job applicants

When you apply for a job with us, we will ask you for information relevant to your application. We ask all applicants to apply through our formal recruitment process where a specific privacy statement is available. We do not accept applications submitted by other means.

Visitors to our premises

If you visit our premises, we may collect information that we need to identify you, to create a record of your visit and to complete security checks. We use this information to maintain physical security and manage access to our premises. If you use our guest Wi-Fi, we will collect relevant information to maintain the security of the Wi-Fi service. We process information about visitors to our premises to comply with legal obligations and because we have a legitimate interest in maintaining the security of our network and buildings.

People who contact us

We collect contact and related information when you contact us via our website, by email or by telephone. We process this information because we have a legitimate interest in responding to enquiries.

Suppliers and other third parties

If you provide goods or services to us, we maintain contact information, information regarding the goods or services you provide to us and billing and financial information (including billing address, bank account and payment information). We use this information to manage our supplier relationships and to comply with our contractual and legal obligations. We may also use this information to establish, exercise or defend legal claims.

Sharing and transferring your personal data

We treat your personal data with respect and do not share it with third parties except as follows:

  • we may share personal data with our suppliers and service providers who process personal data on our behalf to provide or support the services described in this privacy statement.
  • we may share personal data, where necessary, with courts, law enforcement regulatory authorities and government officials, as permitted by applicable law or as required under applicable law (in which case we will notify you, unless we are prohibited from doing so or it is not possible or reasonable to do so).
  • we may also share your personal data where you have consented to us doing so.

Any such transfers will comply with our obligations under applicable data protection laws. Some of these parties may process your personal data in accordance with our instructions and others will themselves be responsible for their use of your personal data.

Protection and retention of your personal data

We are committed to protecting your personal data and have implemented appropriate technical, physical and organisational security measures to protect personal data.

We do not keep your personal data for any longer than is necessary to fulfil the purpose for which we collected it, to comply with any legal, regulatory or reporting obligations or to assert or defend against legal claims.

Your rights in relation to your personal data

To the extent that our processing of your personal data is subject to the EU or UK GDPR or other data protection legislation with data subject rights, you may have rights which are explained below. To exercise these rights, please contact us at data@tickl.org.

  • You have the right to ask us for a copy of your personal data. This right is subject to applicable law and relevant exemptions.
  • You can ask us to correct or complete any inaccurate or incomplete personal data.
  • You can (in certain circumstances) ask us to delete your personal data. We may be unable to delete your data if we are legally obliged to retain it.
  • You can (in certain circumstances) object to our processing of your personal data or ask us to “restrict” our use of it.
  • If you have consented to our processing of your personal data, you can withdraw your consent. 
  • You have the right to ask that personal data which you have provided to us be provided to you in machine readable format if we process that data using automated means, you have consented to its use or so that we can enter into a contract with you. 

We aim to respond to all legitimate rights requests within the relevant statutory time limits; however, where permitted by law, we may take longer if the request is complex.

You can read more information on your rights in relation to your personal data here.

Complaints

We respect your rights and want you to be comfortable with our use of your personal data.  If you have a complaint or concern about how we use your personal data, we would like to work with you to resolve it.  You can report a concern or ask us a question by contacting us at data@tickl.org. You also have the right to make a complaint to your local data protection authority using their website. If you are unsure as to who is your local data protection authority, please contact us.

If you have any queries regarding anything mentioned in this Privacy statement or want to exercise any of the rights mentioned, please contact us at data@tickl.org.