Contact Us

Privacy Policy

This website is brought to you by TruStack Limited of Cirrus House, 1 Berrymoor Court, Northumberland Business Park, Cramlington, Northumberland, NE23 7RZ (we, our or us). We are committed to protecting and respecting your privacy.

This privacy policy (together with our terms of use https://trustack.co.uk/terms-and-conditions/ and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting https://trustack.co.uk/ (the Site) you are accepting and consenting to the practices described in this policy.

For the purpose of the Data Protection Act 2018 and the UK GDPR (the Data Protection Legislation), we are the controller (i.e. the company who is responsible for, and controls the processing of, your personal data) with registration number ZA565780.

1. The types of personal data we collect about you

Personal data means any information about an individual from which that person can be identified. We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data including first name and surname;
  • Contact Data including email address and phone number;
  • Profile Data including job title and relevant place of work;
  • Technical Data including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device ID and other technology on the devices you use to access this Site;
  • Usage Data including information about how you interact with and use our website; and
  • Marketing and Communications including your preferences in receiving marketing from us and our third parties and your communication preferences.
2. How we collect personal data from you
Information you give us

You may give us personal data about you by filling in forms on our Site or by corresponding with us by phone, e-mail or otherwise. This includes personal data you provide when you register to use our Site, subscribe to our services, search for a product or service, participate in discussion boards or other social media functions linked on our Site and if you report a problem with our Site;

information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.

We also collect, use and share aggregated data such as statistical or demographic data which is not personal data as it does not directly (or indirectly) reveal your identity. For example, we may aggregate individuals’ Usage Data to calculate the percentage of users accessing a specific website feature in order to analyse general trends in how users are interacting with our website to help improve the website and our service offering.

Information we receive from other sources

We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this Site. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, social media providers and credit reference agencies) and may receive information about you from them which we will add to the information which we already hold about you in order to help us provide goods and services and improve and personalise our service to you.

3. Personal data about other individuals

If you give us personal data on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can give consent on his/her behalf to the processing of his/her personal data and receive on his/her behalf any data protection notices.

4. Monitoring

We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention and compliance.

5. Credit checking

To enable us and other companies in our group to make credit decisions about you and for fraud prevention and money laundering purposes, we may search the files of credit reference and fraud prevention agencies (who will record the search). We may disclose information about how you conduct your account to such agencies and your information may be linked to records relating to other people living at the same address with whom you are financially linked. Other credit grantors may use this information to make credit decisions about you and the people with whom you are financially associated, as well as for fraud prevention, debtor tracing and money laundering purposes. If you provide false or inaccurate information and we suspect fraud, we will record this.

6. How we use your personal data
  • The law requires us to have a legal basis for collecting and using your personal data. We rely on one or more of the following legal bases:
  • performance of a contract with you – where we need to perform the contract we are about to enter into or have entered into with you;
  • legitimate interests – we may use your personal data where it is necessary to conduct our business and pursue our legitimate interests. We make sure we consider and balance any potential impact on you and your rights before we process your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or otherwise required or permitted to by law);
  • legal obligation – we may use your personal data where it is necessary for compliance with a legal obligation that we are subject to. We will identify the relevant legal obligation when we rely on this legal basis; and/or
  • consent – we rely on consent only where we have obtained your active agreement to use your personal data for a specified purpose.

We have set out below, in a table format, a description of all the ways we plan to use the various categories of your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

 

Purpose 

Type of personal data 

Legal basis 

To register you as a new customer. 

  1. Identity 

  1. Contact 

  1. Profile 

Performance of a contract with your respective company to which you are the point of contact.  

To manage our relationship with you which will include: 

  1. responding to your enquiries in person, by post, phone, email, social media platforms or otherwise; 

  1. responding to your enquiries and completed assessment forms sent via our Site; 

  1. managing your requests, complaints and feedback; 

  1. allowing you to participate in interactive features of our service, when you choose to do so; and 

  1. notifying you about changes to our terms of privacy policy. 

  1. Identity 

  1. Contact 

  1. Profile 

  1. Necessary to comply with a legal obligation. 

  1. Necessary for our legitimate interests (to provide you with the information, products and services that you request from us and to notify you about changes to our service). 

  1. Consent. 

To publicly share feedback we have received directly from our customers or via third party review platforms concerning our products and services. 

  1. Identity 

  1. Profile 

  1. Necessary for our legitimate interests (to promote the quality of our products and services to current and prospective customers). 

  1. Consent. 

To process and deliver your order including: 

  1. manage payments, fees and charges; and 

  1. collect and recover money owed to us. 

  1. Identity 

  1. Contact 

  1. Profile 

  1. Performance of a contract with your respective company to which you are the point of contact. 

  1. Necessary for our legitimate interests (to recover debts due to us). 

To administer, operate and protect our business and this Site (including troubleshooting, data analysis, testing, research, statistical and survey purposes). 

  1. Identity 

  1. Contact 

  1. Technical 

  1. Necessary to comply with a legal obligation. 

  1. Necessary for our legitimate interests (for the running our business, provision of administration, network security and IT services, to keep our Site safe and secure to prevent fraud and in the context of a business reorganisation or group restructuring exercise). 

To use data analytics to improve our Site, products/services, customer relationships and experiences and to measure the effectiveness of our communications and marketing. 

  1. Technical 

  1. Usage 

Necessary for our legitimate interests (to define types of customers for our products and services, to develop our business and to inform our marketing strategy).  

To ensure that content from our Site is presented in the most effective manner for you and for your computer and to allow you to participate in interactive features of our service, when you choose to do so. 

  1. Technical 

  1. Profile 

Necessary for our legitimate interests (to enable you to fully access our Site with limited technical problems).  

To send you relevant marketing communications and make personalised suggestions and recommendations to you about our or third party products and services that may be of interest to you. 

  1. Identity 

  1. Contact 

  1. Technical 

  1. Profile 

  1. Usage 

  1. Marketing and Communications 

  1. Necessary for our legitimate interests (to provide you, or permit carefully selected third parties and trusted partners, with information about other goods and services we offer that are similar to those that you have already purchased or enquired about). 

  1. Consent. 

If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your personal data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your personal data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your personal data. 

 

We may combine this information with information you give to us and information we collect about you. We may us this information and the combined information for the purposes set out above (depending on the types of information we receive). 

 

7. Disclosure of your information 

We may share your personal data with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006.

 

We may share your personal data with selected third parties including: 

  • business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you including, but not limited to, Gytpol, Dell, VAIONI, Wasabi, Delinea, Westcoast Cloud, Azure, Pulsant, BT, Xero, Connectwise,  Microsoft, Citation, Hudu, Proofpoint, KeepIT, Blackpoint Cyber, Arctic Wolf, Logic Monitor, Netskope, Microsoft and Keeper; 
  • analytics and search engine providers that assist us in the improvement and optimisation of our Site; and 
  • credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you. 

 

We may disclose your personal data to third parties: 

  • in the event of a group restructure/intra-group organization or that we sell or buy any business or assets, in which case we may disclose your personal data to the relevant entity within the TruStack Limited group of companies or to the prospective seller or buyer of such business or assets; 
  • if all, or substantially all, of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets; and 
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction. 

 

To find out more about who we may share your personal data with, please follow the link: https://trustack.co.uk/data-processors-gdpr/

 

8. Cookies 

A cookie is a small text file which is placed onto your computer (or other electronic device) when you access our website. 

 

We use cookies to better the users experience while visiting the Site. Where applicable this Site uses a cookie control system allowing the user on their first visit to the Site to allow or disallow the use of cookies on their computer and/or device. This complies with recent legislation requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user’s computer and/or device. 

 

Cookies are small files saved to your computer’s hard drive that track, save and store information about your interactions and usage of the Site. This allows the Site, through its server to provide the users with a tailored experience. 

 

This Site uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information. You can read Google’s privacy policy here for further information http://www.google.com/privacy.html.  

 

Consent: There is a notice on our home page which describes how we use cookies and which also provides a link to our Privacy Policy. If you use this website after this notification has been displayed to you, we will assume that you consent to our use of cookies for the purposes described in this Privacy Policy. 

 

Third-party cookies: We work with third-party suppliers who may also set cookies on our Site, for example Facebook and LinkedIn. These third-party suppliers are responsible for the cookies they set on our Site. If you want further information, please go to the website for the relevant third party. 

 

How to turn off cookies: If you do not want to accept cookies, you can change your browser settings so that cookies are not accepted. If you do this, please be aware that you may lose some of the functionality of this website. For further information about cookies and how to disable them please go to: www.aboutcookies.org or www.allaboutcookies.org  

 

To find out more about the type of cookies our website uses, please take a look at our cookie policy https://trustack.co.uk/cookies-policy/

 

9. Where we store your personal data 

The personal data that we collect from you may be transferred to, and stored at, a destination outside the UK. It may also be processed by staff operating outside the UK who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.

 

Whenever we transfer your personal data out of the UK to service providers, we ensure a similar degree of protection is afforded to it by ensuring that the following safeguards are in place: 

  • we will only transfer your personal data to countries that have been deemed by the UK to provide an adequate level of protection for personal data; 
  • we may use specific standard contractual terms approved for use in the UK which give the transferred personal data the same protection as it has in the UK, namely the International Data Transfer Agreement; 
  • where you have provided consent to the proposed transfer after being informed of any potential  risks; and/or
  • to perform the terms of a contract we have with you.

 

10. Security 

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. 

 

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

 

11. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any business, legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax or other requirements. Details of retention periods for different aspects of your personal data are available, please contact us to request this information. In some circumstances you can ask us to delete your data. 

 

12. Your rights 

Marketing: You have the right to ask us not to process your personal data for direct marketing  
purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. 

 

Access to information: The Data Protection Legislation gives you the right to access  
information held about you. Your right of access can be exercised in accordance with the Data Protection Legislation. 

 

Right to be Forgotten: In certain circumstances you can request us to delete all information  
we hold which identifies you. You can make this request at any time but please note we may be compelled to maintain your information due to specific legislative or regulatory requirements, for example we keep copy invoices in case of an HMRC investigation. 

 

Data Corrections: You have the right to request us to correct any inaccuracies of your personal data free of charge. You can exercise this right at any time and: 

  • providing us with enough information to identify you (e.g. account number, username, registration details); and
  • specifying the information that is incorrect and what it should be replaced with. 

 

Transfer: You can request us to transfer the personal data we hold which identifies you to another person. 

 

Erasure. Request erasure of your personal data in certain circumstances. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. 

 

Right to Object. Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) as the legal basis for that particular use of your data (including carrying out profiling based on our legitimate interests). In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your right to object. 

 

Restriction of Processing. Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in one of the following scenarios: 

  • if you want us to establish the data’s accuracy; 
  • where our use of the data is unlawful but you do not want us to erase it; 
  • where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or 
  • you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. 

 

Complaints: You have the right to complain to us about the way we use your information,  
please contact us if you would like to talk to us. If we cannot resolve your complaint, you have the right to complaint to the Information Commissioner’s Office. Their contact information can be found at: https://ico.org.uk/global/contact-us/  

 

13. Third Party Links

Our Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. 

 

14. Changes to our privacy policy 

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy. 

 

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us, for example a new email address. 

 

15. Contact

Questions, comments and requests regarding this privacy policy are welcomed, please contact us if you have any queries.