TCC Global

English

Español

Français

Italiano

日本語

Pусский

Privacy Policy of tcc global N.V.

Privacy Policy of tcc global N.V.

TCC Global N.V.

Zuidplein 84

1077 XV Amsterdam, Netherlands

At tcc global N.V. (“tcc”), we believe privacy is important. We want you to be familiar with the data that we collect, how we use these data and with whom we share them. This privacy policy applies to all personal data we collect in connection with our corporate website, www.tccglobal.com.

What personal data we use

Depending on how you choose to interact with the tcc website, we may collect personal information from you that identifies you as an individual or relates to an identifiable individual (“Personal Data”). Examples include: tcc uses the following Personal Data in line with the use purposes explained below:

  • Usage information, pages you browse, read or watch, and otherwise access, and your geographical location
  • Your name and email address and any information you choose to provide when you send us a message using our Contact Us website page

We collect information to serve your needs, for example to enable you to send us a message using our website. If you do not provide the information requested, you may not be able to do so. If you disclose any Personal Data relating to other people to us or to our service providers in connection with our website, you represent that you have the authority to do so and to permit us to use the information in accordance with this privacy policy.

We collect data to manage our content, operate efficiently and improve our website and services.

How we use Personal Data

tcc uses Personal Data to provide a safe, efficient and customized experience. For example, we use Personal Data to:

  • Provide the website’s functionality to you, and fulfil your requests
    • To respond to your inquiries and fulfil your requests, when you contact us via one of our online contact forms or otherwise, for example, when you send us questions, suggestions, compliments or complaints, or when you request a quote for or other information about our services.
    • To send administrative information to you, such as changes to our terms, conditions and policies.

We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation.

  • Conduct analyses for business reporting.
    • To analyse or predict our users’ preferences in order to prepare aggregated trend reports on how our digital content is used, so we can improve our services.

We will engage in this activity where we have a legitimate interest.

  • Accomplish our business purposes.
    • For data analysis, for example, to improve the efficiency of our services;
    • For audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements;
    • For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks;
    • For developing new products and services;
    • For enhancing, improving, or modifying our current products and services;
    • For identifying usage trends, for example, understanding which parts of our services are of most interest to users;

We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or where we have a legitimate interest.

  • Recruitment purposes

In accordance with the General Data Protection Regulation (GDPR), we have implemented this privacy notice to inform you of the types of data we process about you. We also include within this notice the reasons for processing your data, the lawful basis that permits us to process it, how long we keep your data for and your rights regarding your data.

A) Data Protection Principles

Under GDPR, all personal data obtained and held by us must be processed according to a set of core principles. In accordance with these principles, we will ensure that:

  1. processing is fair, lawful and transparent;
  2. data is collected for specific, explicit, and legitimate purposes;
  3. data collected is adequate, relevant and limited to what is necessary for the purposes of processing;
  4. data is kept accurate and up to date. Data which is found to be inaccurate will be rectified or erased without delay;
  5. data is not kept for longer than is necessary for its given purpose;
  6. data is processed in a manner that ensures appropriate security of personal data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organisation measures;
  7. we comply with the relevant GDPR procedures for international transferring of personal data;

B) Types of data held

We keep several categories of personal data on our prospective employees in order to carry out effective and efficient processes. We keep this data in a personnel file relating
to each employee and we also hold the data within our computer systems, most usually
on Recruitee and bamboohr our specialist recruitment and HR systems.

Specifically, we hold the following types of data:

  1. personal details such as name, address, phone numbers, salary information
  2. name and contact details of your next of kin
  3. your photograph
  4. your gender, marital status, information of any disability you have or other medical information
  5. right to work documentation
  6. information on your race and religion for equality monitoring purposes
  7. information gathered via the recruitment process such as that entered into a CV or included in a CV cover letter
  8. references from former employers
  9. details on your education and employment history etc.
  10. driving license
  11. criminal convictions

C) Collecting your data

You may provide several pieces of data to us directly during the recruitment period. 

In some cases, we will collect data about you from third parties, such as employment agencies, former employers when gathering references or credit reference agencies.

Should you be successful in your job application, we will gather further information from you, for example, your bank details and next of kin details, once your employment begins.

Personal data is kept in files or within the Company’s HR and IT systems.

D) Lawful basis for processing

The law on data protection allows us to process your data for certain reasons only. The information below categorises the types of data processing we undertake and the lawful basis we rely on.

E) Special categories of data

Under GDPR ‘Special categories of data’ are those relating to your:

  1. health
  2. sex life
  3. sexual orientation
  4. race
  5. ethnic origin
  6. political opinion
  7. religion
  8. trade union membership
  9. genetic and biometric data.

We carry out processing activities using special category data:

  1. for the purposes of equal opportunities monitoring
  2. in our sickness absence management procedures
  3. to determine reasonable adjustments

Most commonly, we will process special categories of data when the following applies:

  1. you have given explicit consent to the processing
  2. we must process the data in order to carry out our legal obligations
  3. we must process data for reasons of substantial public interest
  4. you have already made the data public.

F) Failure to provide data 

Your failure to provide us with data may mean that we are unable to fulfil our requirements for entering into a contract of employment with you.

G) Criminal conviction data

We will only collect criminal conviction data where it is appropriate given the nature of your role and where the law permits us. This data will usually be collected at the recruitment stage, however, may also be collected during your employment. We use criminal conviction data to determine your suitability, or your continued suitability for the role if appointed.

H) Who we share your data with 

Employees within our company who have responsibility for recruitment, will have access to your data which is relevant to their function. All employees with such responsibility have been trained in ensuring data is processing in line with GDPR.

Data is shared with third parties for the following reasons: completion of the recruitment process, reference checking.

We may also share your data with third parties as part of a Company sale or restructure, or for other reasons to comply with a legal obligation upon us. We have a data processing agreement in place with such third parties to ensure data is not compromised. Third parties must implement appropriate technical and organisational measures to ensure the security of your data.

We do not share your data with bodies outside of the European Economic Area.

I) Protecting your data 

We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented processes to guard against such issues.

J) Retention periods 

We keep your data for as long as we need it for, which, in relation to unsuccessful candidates, is twelve months.

At the end of this period, we will delete or destroy your data, unless you have already withdrawn your consent to our processing of your data in which case it will be deleted or destroyed upon your withdrawal of consent.

Where you have provided consent to our use of your data, you also have the right to withdraw that consent at any time. This means that we will stop processing your data and there will be no consequences of withdrawing consent.

If your application is successful, your data will be kept and transferred to the systems we administer for employees (currently Bamboo HR). We have a separate privacy notice for employees, which will be provided to you.

K) Automated decision making 

Automated decision-making means making decision about you using no human involvement e.g. using computerised filtering equipment. No decision will be made about you, solely on the basis of automated decision making, which has a significant impact on you.

L) Employee rights

You have the following rights in relation to the personal data we hold on you:

  1. the right to be informed about the data we hold on you and what we do with it;
  2. the right of access to the data we hold on you. More information on this can be found in the section headed “Access to Data” below and in our separate policy on ‘Subject Access Requests’;
  3. the right for any inaccuracies in the data we hold on you, however they come to light, to be corrected. This is also known as ‘rectification’;
  4. the right to have data deleted in certain circumstances. This is also known as ‘erasure’;
  5. the right to restrict the processing of the data;
  6. the right to transfer the data we hold on you to another party. This is also known as ‘portability’;
  7. the right to object to the inclusion of any information;
  8. the right to regulate any automated decision-making and profiling of personal data.

In addition to the above rights, you also have the unrestricted right to withdraw, at any time, consent that you have previously provided, to our processing of your data. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent although we may not be able to continue to process your application. However, in some cases, we may continue to use the data where so permitted by having a legitimate reason for doing so.

If you wish to exercise any of the rights explained above, please contact the Human Resources team. 

M) Consent

Where you have provided consent to our use of your data, you also have the right to withdraw that consent at any time. This means that we will stop processing your data. 

N) Making a complaint

If you think your data rights have been breached, you are able to raise a complaint with the Information Commissioner (ICO). You can contact the ICO at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF or by telephone on 0303 123 1113 (local rate) or 01625 545 745.

O) Data protection compliance

tcc is reinvigorating its data protection processes and committees to help ensure and maintain compliance with this regulation across the group. The Executive responsibility is with the CEO, Simon Hay and COO, Kathryn Herrick, supported by the steering team. 

As a new part of this structure we have appointed a Data Protection Champion (DPC) in every region and Business Unit. The DPC ensures that guidelines and instructions are properly implemented and executed, campaigns and projects comply with GDPR and they support the DPO and steering team on their monitoring task. The DPC’s are the connector between the day to day business and the governance structure.

Cookies

Cookies are electronic placeholders that are placed on your computer by websites to track your individual movements on that website over time. tcc uses two types of cookies:

  • Strictly necessary cookies – these cookies are essential so that you can move round the website and use its features. They are session-based and therefore last only for the duration of the user's session. Cookies are used by the tcc website to keep track of user sessions to balance the usage of this website on all tcc web servers. They are not tied to a specific identity — in general, no identifiable personal information about you is stored by them. However, where this information qualifies as Personal Data, we will treat it as such, and as set out in this privacy policy.

If you do not want a cookie placed on your computer as a result of using a tcc website,you can disable the necessary cookies altogether by modifying the preferences section of your web browser. Note that, if you do so, some aspects of tcc websites may be unavailable to you.

Depending on your cookie consent selection of settings upon first visiting the website, tcc uses persistent cookies. This type of cookie remains on your hard drive and provides information about the session you are in and waits for the next time you use that site again. This provides useful information to tcc, enabling it to recognize repeat users, facilitate the user's access to and use of the site, and allow a site to track usage behaviour, which lets tcc make content improvements. Such cookies are used only for this purpose, and they are not used to identify users or to track their usage of other sites.

Depending on your cookie consent selection of settings upon first visiting the tcc website, tracking cookies and third-party cookies may be used to process additional information, enable noncore functionalities on the tcc website and enable referenced third-party functions (such as a social media "share" link).

  • Analytical cookies – these cookies are used to provide statistical information about our website – they are used for performance measurement and improvement. They are disabled by default, but if you do choose to accept all cookies, they will be turned on. This category is also known as Analytics. Activities like page visit counting, page loading speed, bounce rate and technologies sued to access the tcc website are included in this category. We use Google Analytics to track all those performance metrics.

Google Analytics

Google Analytics is a web analytics service. Web analysis is the gathering, collection and analysis of data about the behaviour of visitors to websites. Among other things, a web analysis service collects data on which website a data subject has come to a website from (so-called referrers), which subpages of the website were accessed or how often and for which period of time a subpage was viewed. A web analysis is mainly used to optimize a website and for the cost-benefit analysis of Internet advertising.

The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

Google Analytics uses cookies. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Google might transfer the personal information collected via this technical procedure to third parties.

In addition, this website uses the Analytics feature UserID to track interaction data. This User ID will be additionally anonymized and encrypted and will not be linked with other data.

You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible.

In addition, you may prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en

This browser add-on informs Google Analytics via JavaScript that no data and information about website visits may be transmitted to Google Analytics.

In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.

Further information and Google‘s applicable privacy regulations can be found at https://policies.google.com/privacy?hl=en and https://marketingplatform.google.com/about/ The following link provides a further explanation of Google Analytics https://marketingplatform.google.com/about/.

Do Not Track (DNT)

There is currently no standard for how DNT consumer browser settings should work on commercial websites. However, the industry has self-regulatory initiatives designed to provide consumers a choice in the types of ads they may see online and to conveniently opt-out from online behavioral ads served by some or all of the companies participating in these programs. Our websites do not respond to DNT consumer browser settings.

External Links Disclaimer

Some of tcc's websites link to other sites created and maintained by other public- and/or private-sector organizations. tcc provides these links solely for your information and convenience. When you transfer to an outside website, you are leaving the tcc domain, and tcc's information management policies no longer apply. tcc encourages you to read the privacy statement of each external website that you visit before you provide any Personal Data.

Security

tcc implements commercially reasonable technical and organizational security controls to protect your Personal Data against theft, loss or misuse. Your data will be stored in a secure operating environment that is not accessible without authorization. tcc applies mitigation measures following periodic risk assessments to ensure an adequate level of protection of your Personal Data.

tcc has put in place appropriate physical, technical and administrative procedures to safeguard and secure the information from loss, misuse, unauthorized access, disclosure, alteration or destruction. tcc cannot guarantee the security of information on or transmitted via the internet.

Personal Data about minors and children

tcc does not knowingly collect data from or about children under 16. If we learn that we have collected Personal Data from a child under 16, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 16, please contact us at data.privacy@tccglobal.com

Sensitive Personal Data

Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Data (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the website or otherwise to us.

Cross-Border Data Transfers

Your Personal Data may be stored and processed in any country where we have facilities or in which we engage service providers, and by using our services you understand that your information will be transferred to countries outside of your country of residence, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Data.

Additional Information Regarding the EEA: Some of the non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here:  https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en). For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission, to protect your Personal Information.

Your right to access Personal Data

In addition to the information that is available on tcc's website, you have the right to access the Personal Data that tcc holds about you, all subject to the exemptions as contained in applicable laws and regulations. If you request the data, then tcc will assist you. Your identity will need to be confirmed before you are provided with access to Personal Data. We ask that you put your request in writing to the address included in the section “Contact us” below, and include the following information:

  1. Your full mailing address
  2. Names of specific files or types of records to which you request access, including specific dates of those records, where possible

Please provide as much detail as possible.

We will respond to your request consistent with applicable law. You will be notified if access to the records you have requested is granted or denied, and which exemptions apply.

Your right to correct or amend Personal Data

If you believe there is a mistake in your Personal Data, you have a right to ask for the information to be corrected. We may ask you to provide documentation to show where tcc's files are incorrect. We will respond to your request consistent with applicable law, will amend the erroneous data without undue delay, and will notify you once the correction you have requested has been completed.

Your right to take Personal Data with you (portability)

You may obtain and reuse the Personal Data held by tcc for your own purposes across different services. tcc allows you to move, copy or transfer Personal Data easily from one IT environment to another in a safe and secure way, without hindrance to usability. This right applies to your Personal Data held by tcc, where the processing was automated and used in the light of our service provision within the contract you have with tcc, or where such processing was based on the consent you gave tcc for it.

Follow the instructions at "Your Right to Access the Personal Data" and indicate that you wish to obtain the information for reuse purposes, indicating your desire to take the Personal Data with you. We will respond to your request consistent with applicable law.

Your right to be forgotten

tcc does not store Personal Data without a predefined and documented purpose. We follow laws that require us to delete Personal Data if the reason for its collection and storage no longer exists. If, however, you wish to have your Personal Data deleted at an earlier date, please contact our privacy team at data.privacy@tccglobal.com. We will respond to your request consistent with applicable law.

Questions or complaints

We encourage anyone who has questions about our use of Personal Data or interested to raise any concerns about this, to contact us at data.privacy@tccglobal.com or at the address provided in the section "Contact us" below. We will do our best to answer your questions and resolve any complaints and disputes regarding our use of Personal Data. Alternatively, individuals in the EEA have the right to lodge a complaint with a data protection authority for your country or region or where an alleged infringement of applicable data protection law occurs.  A list of data protection authorities is available at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

Review and ratification

We may occasionally update or modify this privacy policy. To ensure that the importance of this privacy policy is communicated uniformly throughout the enterprise, all members of tcc's board of directors will review, update and ratify this privacy policy at least annually.

For material changes to this privacy policy, we will notify you by placing a prominent notice on the home page of our website or, if legally required, by directly sending you a notification. We encourage you to periodically review this privacy policy to stay informed about how we are helping to protect the Personal Data we collect. Your continued use of the service constitutes your agreement to this privacy policy and any updates.

Contact us

TCC Global N.V. is the company responsible for the collection, use and disclosure of your Personal Data under this privacy policy. If you have any questions, please contact us at data.privacy@tccglobal.com or:

TCC Global N.V.

Zuidplein 84

1077 XV Amsterdam, Netherlands

Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.