This privacy statement is made on behalf of Tiny and Judy Consulting Limited (T/A Tribe of Traders)
All references to “TJC”, “we”, “us” or “our” in this policy are references to Tiny and Judy Consulting Limited (T/A Tribe of Traders)
TJC is committed to protecting your privacy and personal information provided to us by you in accordance with the laws of England and Wales and GDPR. If you have any questions relating to this privacy statement or your privacy rights please contact us on firstname.lastname@example.org
Should your details change at any time, like you move house or get married please do send us an e-mail to the above address and notify us.
We will periodically e-mail you to check the the information we hold on you is accurate and up to date.
We collect certain information or data about you when you use –
FIRST SOME LEGAL INFO…. AND AT THE BOTTOM OF THE PAGE IN LAY PERSON TERMS IS WHAT WE DO…
- “Applicable Law” means any laws or regulations, regulatory policies, guidelines or industry codes (whether national or international) which apply to Company (or any of its Sub-Processors) and/or the provision of or the subject matter of the Services in each case as in force from time to time;
- “Company” means The Freedom Collective Ltd
- “Customer Group Member” means a Customer or any entity that owns or controls, is owned or controlled by or is or under common control or ownership with Customer where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise;
- “Customer Personal Data” means any Personal Data Processed by Company on behalf of a Customer Group Member pursuant to or in connection with the Principal Agreement;
- “Data Protection Laws” means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
- “EEA” means the European Economic Area;
- “EU Data Protection Laws” means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;
- “GDPR” means EU General Data Protection Regulation 2016/679;
- “Personal Data” means any data that relates to an identified or identifiable natural person and where such data is protected under applicable Data Protection Laws;
- “Principal Agreement” means the agreement or agreements between Company and the Customer Group Member for the Services Company is providing them.
- “Service/s” means the services and other activities to be supplied to or carried out by or on behalf of Company for Customer Group Members pursuant to the Principal Agreement;
- “Sub-processor/s” means any person (including any third party and any Company Affiliate) appointed by or on behalf of Company or any Company Affiliate and that Processes Customer Personal Data on behalf of any Customer Group Member; and
- “Company Affiliate/s” means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with Company, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or
- The terms, “Commission“, “Controller“, “Processor“, “Data Subject/s“, “Member State“, “Personal Data Breach“, “Processing” and “Supervisory Authority” shall have the same meaning as in the GDPR, and their cognate terms shall be construed
3. Processing of Customer Personal Data
- Compliance with Laws. Company, in Processing the Customer Personal Data in accordance with Clause 3.2 above, shall comply with all applicable Data Protection Laws. Company shall not be responsible for complying with Data Protection Laws applicable to Customer Group Member or its industry that are not otherwise consistent with the provision of the Services or if, and to the extent that, the relevant provision of Data Protection Law would not also apply to Company provision of services equivalent to the Services to other Customer shall comply with all Data Protection Laws applicable to Customer as Controller.
4. Company Personnel
- Personnel Reliability. Company shall take reasonable steps to (i) require background screening and to ensure the reliability of any personnel who may have access to the Customer Personal Data or the Customer environments in which the Personal Data is processed, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Customer Personal Data, as strictly necessary for the purposes of the Principal Agreement; and (ii) ensuring that any personnel are informed of the confidential nature of Personal Data, have received training, and are subject to confidentiality obligations or professional or statutory obligations of
- Sub-processor Objection This section 5.3 shall apply only where and to the extent that Customer is established within the EEA or where otherwise required by Data Protection Laws applicable to the Customer. In such an event, If Customer notifies Company in writing of any objections (on reasonable grounds) to a Sub-processor added to the Sub-processor List within fourteen (14) days after the date of the applicable Sub-processor Notice:
- Company shall work with Customer in good faith to make available a commercially reasonable change in the provision of the Services which avoids the use of that Proposed Sub-processor; and
- where such a change cannot be made and Company choose to retain the Sub-processor, Company shall notify Customer at least fourteen (14) days prior to the authorisation of the Sub-processor to Process Personal Data and the Customer may discontinue using the relevant services and terminate the relevant portion of the Services which require the use of the Proposed Sub-processor immediately upon written notice to Company, such notice to be given by Customer within thirty (30) days of having been so notified by Company.
6. Support in Complying with Data Subject Rights
- Requests from Data Subjects. Customer acknowledges, as part of the Services, it is responsible for responding to any Data Subjects’ request under any Data Protection Law to exercise the Data Subject’s right of access, right of rectification, restriction of Processing, right to be forgotten, data portability, object to processing, or its right not to be subjected to an automated decision-making process (“Data Subject Request”). Company shall:
- to the extent permitted by Applicable Law, promptly notify Customer if it receives a Data Subject Request from a Data Subject; and
- taking into account the nature of the Processing, reasonably assist Customer to access Customer Personal Data to the extent that Customer Personal Data is not accessible to Customer (as part of the Services) to fulfil the Customer’s obligations, as reasonably understood by Customer, to respond to Data Subject Requests and to comply with Data Protection
- Government and Law Enforcement Authority Requests. Unless prohibited by Applicable Law or a legally-binding request of law enforcement, Company shall promptly notify Customer of any request by government agency or law enforcement authority for access to or seizure of Personal
7. Breach Incident Notification.
- Breach notice. Company shall notify Customer within 24 hours upon Company becoming aware of a confirmed Personal Data Breach affecting Customer Personal Data. To the extent able within the scope of the Services, Company will provide Customer with sufficient information to allow it to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection
- Investigatory Cooperation. Company shall co-operate with Customer and take such reasonable commercial steps as are directed by Customer to assist in the investigation, mitigation and remediation of each such Personal Data
- Technical and organisational measures. Company shall implement and maintain appropriate technical and organisational measures designed to protect the security, confidentiality and integrity of Customer Personal Data, including to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, such Personal Data as set forth in Schedule A. Company regularly monitors compliance with these Company reserves the right to update its technical and organisational measures and will not materially decrease the overall security of the Services pursuant to the Principal Agreement
- Return and Deletion of Personal Data. Upon termination of the Services, Company shall at Customer’s option, return and/or delete any Personal Data retained on the Services in accordance with the terms of the Principal Agreement and not retain any copies unless Company is required to do so by Applicable
9. Location and Storage of Personal Data
Personal Data may be stored at various data centre premises as part of the Services (the “Designated Data Centre Location”).
10. General Terms
- Without prejudice to any Mediation and Jurisdiction and Governing Law of any other agreement between the parties, or the applicability of any Data Protection Laws:
- the obligations of Company and Company Affiliates arising hereunder are subject to and governed by the laws of the country or territory expressly set forth in the Principal
In addition to the terms set out in Part A above, the terms set out in this Part B shall apply to the Processing of Personal Data by Company on behalf of a Customer established in the European Union or otherwise subject to the requirements of the GDPR.
11. Additional European Terms.
- General Data Protection Regulation. With effect from 25 May 2018, Company will Process any Personal Data in accordance with the requirements of GDPR as directly applicable to Company provision of the
- Subject Matter, Nature, Purpose and Duration of Data Processing. Company will Process Customer Personal Data to provide the Services. The duration of the Processing of Personal Data shall be for the term of the Principal
- Types of Personal Data and Categories of Data Subjects. The types of Personal Data and categories of Personal Data shall be those determined by the Customer being the Customer Personal Data which, along with the categories of Data Subjects, may be more particularly described in the Principal Agreement.
- Data Protection Impact Assessment and Prior Consultation. The Customer for itself and on behalf of each Customer Group Member (where applicable) agrees that Company then-current standard policies & documented information about the Services, will be used to carry out Customer’s data protection impact assessments and prior consultations, and Company shall make such information available to the Customer where requested. Company and each Company Affiliate shall provide reasonable assistance to each Customer Group Member with any data protection impact assessments, and prior consultations with Supervisory Authorities or other competent data privacy authorities, which Customer reasonably considers to be required of any Customer Group Member by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of the Customer Personal Data by, and taking into account the nature of the Processing and information available to, Company. The Customer shall ensure, to the extent that such data protection impact assessments and, where necessary, prior consultations with Supervisory Authorities, are required by Data Protection Laws, that Customer and relevant Customer Group Members take such steps as are required to implement such assessments and If, following the implementation of a data protection impact assessment or a consultation, the Customer reasonably determines that it would be a breach of Data Protection Laws to continue with the Services, Customer shall notify Company and the parties shall attempt to reach a solution. If the parties fail to agree a solution within thirty (30) days of commencing discussions, the Customer shall be entitled to terminate the Services, subject to the payment of an early termination fee determined in accordance with the Principal Agreement.
- Access to Personal Data. Unless otherwise agreed and notwithstanding Section 9 above, in order to provide the Services Company and its Sub-processors will only access Personal Data from (i) countries in the EEA, (ii) countries or territories formally recognized by the European Commission as providing an adequate level of data protection (“Adequate Countries”) and (iii) the United States provided, in this case, that Company makes available to the Customer a Valid Transfer Mechanism in accordance with Section 11.6 below. When Company or its Sub-processors access Personal Data from outside the Designated Data Center Location for the purposes of providing the Services, the Customer agrees that such Personal Data may be transferred accordingly.
- Transfers Required by Applicable Notwithstanding the foregoing, Company shall be entitled to access Personal Data from, or transfer Personal Data to, territories outside the EEA other than in the circumstances specified in clause 11.6 if required to do so by Applicable Law. Unless prohibited by Applicable Law, Company shall not transfer any Personal Data outside of the European Economic Area unless the prior written consent of the Customer has been obtained and the following conditions are fulfilled:
- the Customer or the Provider has provided appropriate safeguards in relation to the transfer;
- the data subject has enforceable rights and effective legal remedies;
- the Provider complies with its obligations under the Data Protection Legislation by providing an adequate level of protection to any Personal Data that is transferred; and
- the Provider complies with reasonable instructions notified to it in advance by the Customer with respect to the processing of the Personal Data;
- assist the Customer, at the Customer’s cost, in responding to any request from a Data Subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
- notify the Customer without undue delay on becoming aware of a Personal Data breach;
- at the written direction of the Customer, delete or return Personal Data and copies thereof to the Customer on termination of the agreement unless required by Applicable Law to store the Personal Data; and
- maintain complete and accurate records and information to demonstrate its compliance with this clause.
Data we collect includes:
Your IP address, and details of which version of web browser you used,
Information on how you use the site, using cookies and page tagging techniques to help us improve the website,
Your Internet service provider’s address,
The number of users who visit the web site,
The date and time of each visit,
The pages accessed and the documents downloaded.
This helps us to:
Improve the site by monitoring how you use it,
Respond to any feedback you send us, if you’ve asked us to provide you with information about local services if you want it compile statistical information for company use
Please note, we cannot personally identify you using this data.
Please note that we will only use the personal information we collect for the main purposes disclosed at the time of collection, to inform you of our services that you are enquiring about. We will collect the information directly from you via your opting into our website.
We collect the following personal information from you;
· First Name
· E-mail Address
· Any other information you provide in order for us to supply you with the goods and services you ordered.
We do not store credit card details nor do we share financial details with any 3rd parties
A cookie is a small text file placed on your computer hard drive by a web page server. Cookies may be accessed later by our web server. Cookies store information about your use of our web site. Cookies also allow us to provide you with more personalised service when using our web site.
Determine whether you have previously used the TJC web site,
Identify the pages you have accessed,
Facilitate administration of the site and for security purposes.
Most web browsers are set to accept cookies but you may configure your browser not to accept cookies. If you set your browser to reject cookies you may not be able to make full use of the TJC web site.
In line with normal business practices we may use Google Analytics and re-marketing services and Google and other third party suppliers provide advertising services online on our behalf. TJC and third-party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize, and serve ads based on someone’s past visits to your website.
RISK OF SUPPLYING INFORMATION OVER THE INTERNET
We have appropriate security measures in place in our physical facilities to protect against the loss, misuse, or alteration of information we may have obtained from you at any time during your visit to our site.
TJC takes all reasonable steps to ensure the personal information held about individuals is accurate, up-to-date and complete.
TJC encourage you to help us by telling us immediately if you change your contact details or if any of your details need to be corrected, updated or removed. All our emails contain an unsubscribe link which gives the user the facility to opt out of any further email communications.
If you have any immediate concerns about how your information is used, you should check our website sporadically to ensure you are up to date with our current policy.
Should you categorically believe that this site is not following the information contained within this policy, you may contact us via any of the following contact details;
18 Tower Bridge Wharf
and any subsequent pages on this domain.
We don’t accept liability for loss or damage incurred by users of the website, whether direct, indirect or consequential, whether caused by tort, breach of contract or otherwise, in connection with our site, its use, the inability to use, or results of the use of our site, any websites linked to it and any materials posted on it. This includes loss of:
income or revenue business
profits or contracts anticipated savings data
wasted management or office time
This tool should be used as a learning aid and does not constitute investment advice. If you decide to invest real money in the use of this tool, these trading decisions are your own and we cannot be held responsible for any losses that may occur as a result.
Past Performance is no guarantee of future market conditions and careful consideration should be given to this before putting your money at risk.
The risk of loss in trading currencies, stocks or commodities can be substantial and you should consider whether such markets are suitable for you, taking into consideration your current financial condition.
VIRUSES, HACKING AND OTHER OFFENCES
You must not misuse our site by knowingly introducing viruses, trojans, worms, logic bombs or other material that is malicious or technologically harmful. You must not attempt to gain unauthorised access to our site, the server on which our site is stored or any server, computer or database connected to our site. You must not attack our site via a denial-of-service attack or a distributed denial-of-service attack.
By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990. We reserve the right to report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them.
Any unsolicited communications to our clients, whether information was legally or illegally distributed to you, falls under the Privacy and Electronic Communications (EC Directive) Regulations 2003, specifically s.22(3)(a),(b) and (c).
REVISION OF TERMS
We may at any time revise these terms and conditions without notice. Please check these terms and conditions regularly, as continued use of this website after a change has been made is your acceptance of the change.
Delivery of Services
Once a license is purchased you will immediately receive an e-mail with a download link, as well as comprehensive instructions and details of where you can access support.
The information, software and content held within this website has been created by Tiny and Judy Consulting Ltd (T/A Tribe of Traders) and are for educational purposes only.