GDPR Privacy Policy

1. Introduction

At TLR Carcom Engineering Ltd., we are committed to protecting the privacy and data of our customers, partners, and employees. This Privacy Policy outlines our practices regarding the collection, use, storage, and protection of personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

TLR Carcom Engineering Ltd. is the data controller responsible for the processing of personal data collected and used as described in this policy. If you have any questions or concerns regarding your personal data, please contact us at:  TLR Carcom Engineering Ltd, 17 Siddeley Way, Daventry, Northamptonshire, NN11 8PA

3. Types of Personal Data Collected

We may collect and process the following categories of personal data:

• Contact information (e.g., name, email address, phone number)
• Customer and vendor records
• Employee information (for employment purposes)
• Financial information (for billing and payments)
• Website usage data (e.g., cookies and analytics)
• Other information provided by you directly

4. Purposes of Data Processing

We collect and process personal data for the following purposes:

• To fulfill contractual obligations with customers and vendors
• To provide customer support and communication
• For internal administrative purposes
• To comply with legal obligations
• To improve our products and services
• For marketing and promotional purposes (with explicit consent)
• To ensure the security and integrity of our systems

5. Legal Basis for Data Processing

Our processing of personal data is based on one or more of the following legal grounds:

• Contractual necessity
• Compliance with a legal obligation
• Consent
• Legitimate interests

6. Data Sharing and Transfers

We may share personal data with:

• Service providers and partners involved in providing our services
• Regulatory authorities and law enforcement agencies as required by law
• Other third parties with your explicit consent

Personal data may be transferred to countries outside the European Economic Area (EEA) only when adequate safeguards are in place to ensure the security and privacy of your data.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, as required by law, or as otherwise communicated to you.

8. Data Security

We have implemented appropriate technical and organisational measures to protect personal data from unauthorised access, disclosure, alteration, and destruction. These measures are regularly reviewed and updated.

9. Data Subject Rights

As a data subject, you have the following rights:

• Access to your personal data
• Rectification of inaccuracies in your data
• Erasure of your data
• Restriction of processing
• Data portability
• Object to processing
• Withdraw consent (if processing is based on consent)

To exercise these rights or make a complaint, please contact us using the details provided in Section 2.

10. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices or legal requirements. Any updates will be posted on our website, and the date of the last update will be revised accordingly.

11. Contact Information

If you have any questions or concerns about our GDPR policy or our data processing practices, please contact us using the details provided in Section 2.

By using our services and providing your personal data, you consent to the practices described in this Privacy Policy.