We want you to know that we take your privacy and the security of the data we hold about you very seriously and we are committed to doing everything we can in order to protect it. Also, to let you know what we are doing with it, how we manage it and why.
Our policy covers:
- The collection of data
- Usage of data including processing and what we believe to be both Operational purposes and Legitimate Interest
- Management of our Data Policy, who is accountable and how often we review and update our processes, and how we will keep you informed about updates
- How we will store your data, for how long and how we will protect it
- How you can access your data, update it and request to be removed or restricted from any data processing
- How we transfer data within the UK, EU and Overseas. Including working with our US based office
- And finally, what the procedure is if there has been a potential data security breach.
Our Data Policy has been written to ensure compliance with all applicable laws including the Data Protection Act 1998, ePrivacy 2002, superseded by the General Data Protection Act 2018 (these are collectively referred to as “data protection laws”).
Our Policy covers all and any information we collect and data provided by you.
WHO ARE WE?
Suitcase TV Ltd is a is a UK company specializing in software solutions for the broadcast industry since 2000.
When we refer to “we’’ or “our’’ or “Suitcase TV” we are referring to Suitcase TV Ltd.
1. WHAT DATA WILL WE COLLECT?
When you or a company you are employed by chooses to work with Suitcase TV, we will typically collect data on you both directly, through forms, and indirectly through platforms such as, but not limited to, Facebook, Twitter, LinkedIn.
The data we are likely to collect may include, but is not limited to:
- First name and Surname
- Email address
- Business Address, including postcode
- Phone and mobile number
- Job title and seniority
- Company information including firmographics
- Sector information
- Preference data – provided by you at the point of sign up
- Sales data – including order details and value, transaction date and method
- Marketing Opt-in data
- Email communications responses
- History – full audit trail of data usage for compliance requirements
Suitcase TV also collects information about how you use our website.
We are committed to the principles of the data regulations and therefore we will only collect and process data which is collected in a lawful and transparent way, and where the company who collected the data can provide sufficient evidence of the method of collection.
2. HOW WILL WE USE THE INFORMATION WE COLLECT?
In line with the data regulations we will only use the data we collect in a lawful way for legitimate and specific purposes.
We will use your data for a number of purposes including the following:
Our aim is to provide you with the most user-friendly online navigation experience for our website.
- Information about your activity on the website.
- Demographics such as country or language.
- Information about your network/computer and browser type.
Suitcase TV uses Google Analytics, (a web analytics service provided by Google, Inc). to collect this information.
Google Analytics sets a cookie on your computer in order to evaluate your use of our website and compiles reports for us on activity on our website.
A cookie is a small text file received and stored by your browser when visiting websites. Cookies usually contain information regarding the computer used by the visitor to the website which can only be accessed by the website which placed it on your computer.
If you wish not to receive cookies, you can choose to disable or delete cookies through the settings in your browser; however you may lose information which enables you to access the website more quickly or enables use of certain services or systems on the website.
We may also use and disclose this information in anonymised format (so that no individuals are identified) for marketing and strategic development purposes as well as data analysis and reporting purposes
Keeping you up to date with our activities
We would like to keep you informed about our latest products and activities via newletters and marketing emails.
To do this, we may also share your data with email service providers (e.g. MailChimp), in order to provide this service to you.
We will only use third parties who we have audited to ensure they are fully compliant with the data protection regulations and have sufficient processes and policies in place to protect your data and personal information.
We will also only use data for marketing purposes where there is evidence of a valid opt-in consent to say that you have freely given and indicated you wish to receive such communications.
In order for our business to operate we will use data we collect for customers and supplier companies in the following ways:
- For Financial and Accounting purposes, including but not limited to,
- raising purchase orders,
- sending statements,
- discussing payments and invoicing
- For credit checking purposes
- For contractual purposes
- For Human Resource purposes
As a past, current, or prospective customer
We consider the following use of your data to be considered “Legitimate Interest” and illustrates ways in which we will use data to provide and enhance our services to you as a customer of Suitcase TV.
- Contacting you by telephone, mobile, email or post in order to discuss past, current or future projects and opportunities for you to utilise our services
- Sending to you via email or post, invitations to events, company and services updates, seasonal communications and access to reports and white papers we have produced
- Connecting with you via LinkedIn and Inmail
- Sending files to you via email and file sharing platforms
3. HOW WE MANAGE OUR DATA POLICY
Management of data processes and policies
In line with the data regulations we have set out who is both responsible and accountable for privacy and data security within Suitcase TV Ltd.
The board have reviewed the requirements of the GDPR regulations and have determined that Suitcase TV is not required to appoint a formal Data Protection Officer.
Responsibility and accountability for privacy and data security; and compliance with the GDPR 2018 act for Suitcase TV will fall within the remit of the Finance & HR Director, Fiona Watt.
OPERATIONAL PROCEDURES TO PROTECT DATA
To ensure our employees are aware and comply with data policies we:
- Have presented and communicated our policies to all employees
- Have updated the company handbook
- Have developed an induction procedure for all new employees
- Have updated employee contracts so any action leading to a breach of data policy will be considered “Gross Misconduct”
Reviewing our policies
We want to keep your data as secure as we can so we will regularly review our processes and policies. We will review and update our policy at least every 12 months and when data regulations are updated.
Keeping you informed and up to date
We want you to know your data is in safe hands, so we will email you to let you know that we are currently storing data and personal information about you if we collect it indirectly.
We will also email you when we update our policy, providing you with a link to view the updated policy on our website.
4. HOW WE STORE AND ACCESS DATA
Data we store on employees
As an employer, we hold personal data on employees including personal information around employment history, contacts and remuneration.
Data will be stored electronically within Sage 50 Payroll, within a separate secure hard drive and in paper format in locked filing cabinets.
Our Executive team have access to this information along with any approved HR and PAYE suppliers may be appointed. All access is centrally managed.
Data we store on our customers/potential customers
We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with Suitcase TV. This is typically at least seven years in order to comply with tax and insurance regulations.
Data is only accessible by Suitcase TV employees and all access rights are managed and monitored centrally via secure log in and password. On leaving Suitcase TV all rights and access to any data ceases instantly.
5. HOW CAN YOU ACCESS OR UPDATE YOUR DATA, REQUEST TO BE REMOVED OR OBJECT TO OR RESTRCIT PROCESSING
We want to make it easy for you to be in control of your data.
You have the right to:
- Access the data we hold on you
- Ensure the data we have is accurate and up to date
- Object to us using your data within automated processing or profiling.
- Restrict how we process/use your data
- Request the erasure or deletion of the data we hold on you.
Accessing your data
To access the data we hold on you please contact us with the subject “Data Access Request”.
Please provide two forms of identification (copies are sufficient) from the following list to prove you are the individual requesting the data:
- Driving license
- Birth certificate
- Utility bill (from last 3 months)
- Current vehicle registration document
- Bank statement (from last 3 months)
We will then contact you with details of how you can access the data we store on you within one month of receiving your request. Details can be found in section 9.
Your initial request will be processed free of charge. However, we will charge a reasonable fee, based on the administrative cost of providing the information, should a request be considered unfounded or excessive, particularly if it is repetitive.
We will also charge a reasonable fee based on the administration time involved to provide further copies of the same information.
Updating your data
If you notice an error in the data we hold on you; or would like us to update our records in any way then please contact us with the subject “Data update request”. We will respond within 1 month. Details can be found in section 9.
Objection to or request to restrict processing
If you would like to object to us processing your data or restrict how we process your data in anyway then please contact us with the subject “Objection/Restriction of processing”. Please outline which processes (which can be found in section 2) that you wish to be removed from in the body of the email. We will respond within one month. Our contact details can found in section 9.
Deletion of data
If you would like us to delete all data and information we hold on you please contact us with the subject “Delete record”. Our contact details can found in section 9.
Please note that although we fully respect your wish to remove all data we hold, there is a level of data we may need to retain for legal, accounting and compliance reasons. On receiving your request we will review your request and respond to outline what data we can remove. We will endeavour to respond within 1 month.
Tracking and auditing your requests
All requests will be tracked and audited and stored in our CRM system.
6. HOW WE TRANSFER YOUR DATA
In order to provide our services, we may need to transfer data between:
- Internally amongst authorised employees
- With UK customers and suppliers
- With EU customers and suppliers
- With International customers and suppliers
For UK and EU customers and suppliers we provide a secure environment for data to be uploaded. On upload we require a number of questions to be answered to prove the customer / supplier has the correct levels of consent and compliance.
For International customers and suppliers, we will audit the companies Data Policy and processes to ensure compliance before we accept or share data.
7. REPORTING A POTENITAL DATA BREACH
If we suspect a data breach of any kind we will report it to the Information Commissioner’s Office immediately.
If you suspect a data breach, which you believe may have involved Suitcase TV and the data we hold on you, please email firstname.lastname@example.org with the subject “Data Breach” and we will respond within 72 hours.
This policy was last updated on: 22th May 2018
This policy will be reviewed on: 25th May 2019
HOW TO CONTACT US?
Any questions around our privacy or Data Subject Access Requests can be sent via email to
or by post:
Attention: Finance& HR Director, 30 Silent Street, Ipswich, IP1 1TF
The Supervisory Authority for the UK is the Information Commissioner’s Office. They can be contacted here: https://ico.org.uk/