Legal

Privacy Policy

How Tazio Online Media Limited collects, uses, stores and shares your personal data, and the rights you have under UK GDPR.

Last updated 29 July 2024

Privacy Notice

This privacy notice sets out, in line with GDPR, the types of data that Tazio collects, processes and holds for marketing purposes. It also outlines how the information is used, retention periods, and other relevant data details.

This notice applies to current customers and suppliers, former customers, prospective customers, and anyone who subscribes to marketing or downloads materials.

Data Controller Details

The Company is a data controller, determining processes used when handling personal data.

Contact details:

  • Address: Tazio Online Media Limited, Beechwood House, Greenwood Close, Cardiff Gate, Pontprennau, Cardiff CF23 8RD, United Kingdom
  • Telephone: 02922 331 888
  • Email: [email protected]

Data Protection Principles

In relation to personal data, Tazio will:

  • Process it fairly, lawfully and in a clear, transparent way
  • Collect data only for proper reasons related to providing services or engaging suppliers
  • Use it only as explained
  • Ensure it is correct and up to date
  • Keep data only as long as needed
  • Process it securely to prevent unauthorized use, loss or destruction

Types of Data We Process

Tazio holds and processes personal details including name, address, email address and phone numbers of:

  • Current customers
  • Prospective customers
  • Former customers
  • Anyone interested in Tazio who subscribes or downloads content requiring personal data exchange

How And Why We Use Your Personal Data

Tazio markets its services and selected third-party partners' services to:

  • Existing and former customers
  • Third parties who previously expressed interest in services
  • Potential clients or businesses identified as likely to benefit from services

This marketing pursues legitimate business interests in promoting Tazio's services to existing, former and prospective customers.

How We Collect Data And How It Is Used

Data relating to current, former and prospective customers is collected:

  • Directly from the customer
  • From third parties such as referrals or recommendations
  • Through marketing lead generation activity
  • Through GDPR compliant data sources such as Honch or publicly available information like LinkedIn

Personal data is kept within the Company's Marketing CRM system.

Analytics

The website uses analytics cookies solely to track website performance and understand visitor interests.

Cookies

Tazio may log information using cookies — small data files stored on browser by Tazio. Both session cookies (expiring when browser closes) and persistent cookies (remaining until deleted) are used to provide personalized website experience.

Tazio uses cookies to:

  • Store visitors' preferences
  • Record user-specific information on pages accessed or visited
  • Ensure visitors aren't targeted with irrelevant content
  • Customize content based on visitor browser type or information sent
  • Track user behaviour and interest

Information You Voluntarily Submit to the Website

Tazio collects Personal Data when voluntarily provided, such as when contacting with inquiries, registering for gated content, or booking demos or meetings. Personal Data may include:

  • Name and email address
  • Website URL and name
  • Company name
  • Phone number (where relevant and provided)

The legal basis for processing this information is consent. By voluntarily providing Personal Data, users consent to its use per this Privacy Policy. Such Personal Data may be transferred and stored from current location to Tazio offices and authorized third parties' servers.

Automatically-Collected Information

Certain information about users and devices accessing Tazio is automatically collected. When accessing the website, IP address, operating system type, browser type, referring website, pages viewed, and access dates/times are logged. Information about actions taken when using the website, such as links clicked, is also collected.

Non-Identifiable Data

Personally non-identifiable information received and stored when interacting through the Website cannot presently be used to specifically identify users. Such information may be stored in databases owned and maintained by affiliates, agents, or service providers. The Website may use such information and pool it with other information to track total visitors, visitors per page, and visitor Internet service provider domain names. No Personal Data is available or used in this process.

Aggregated Personal Data

Tazio conducts research on customer demographics, interests and behaviour based on Personal Data and other information provided. This research is compiled and analysed. This information doesn't identify users personally.

Cookies won't be used if users don't agree to their use when first accessing the website or if browser settings don't allow cookies. Upon entering the website, users are prompted to select cookie preferences. To withdraw prior agreement to cookie use, users can use website cookie controls enabling preference management.

Why We Process Data

Data protection law permits data processing for certain reasons only:

  • To perform contracts parties are involved in
  • To carry out legally required duties
  • To carry out legitimate interests
  • To protect interests
  • Where something is done in public interest

All processing by Tazio falls into permitted reasons, generally relying on the first three listed.

For example, personal data of customers and suppliers is collected and processed to perform contractual obligations and maintain accurate accounting records for legal compliance.

Tazio also collects data for activities in the Company's legitimate interests:

  • Contacting prospective customers
  • Tracking website performance and understanding visitor interests
  • Ensuring network and information security
  • Dealing with legal claims against Tazio or bringing legal claims against others
  • Preventing fraud

How Your Personal Information May Be Used

Tazio may use personal information in the following ways:

  • To operate, maintain and develop the website
  • To create accounts, identify users, and customize websites to accounts
  • To send promotional information, such as newsletters with unsubscribe options
  • To send administrative communications like confirmation emails, technical notices, policy updates, or security alerts
  • To respond to comments or inquiries
  • To provide support
  • To track and measure website performance
  • To protect, investigate, and deter unauthorized or illegal activity
  • To review marketing program effectiveness and analyse general demographic trends
  • To notify of new information or services that may interest users
  • To send promotional materials

Legal Bases For Processing Data Under GDPR

Below are the types of lawful basis Tazio relies on to process Personal Data:

Legitimate Interest

Legitimate Interest means the interest of Tazio's business in conducting and managing its business to enable providing best service/product and most secure experience. Tazio considers and balances potential impacts on users (both positive and negative) and user rights before processing Personal Data for legitimate interests. Personal Data isn't used for activities where interests are overridden by impacts on users unless consent or legal permission exists.

Performance of Contract

Performance of Contract means processing data where necessary for contract performance to which users are party or to take steps at user request before entering such contract.

Comply with a legal or regulatory obligation

This means processing Personal Data where necessary for compliance with legal or regulatory obligations Tazio is subject to.

Consent

Consent means where users have consented to certain Personal Data use.

Special Categories of Data

Tazio knows it must process special categories of data per more stringent guidelines, however it doesn't and won't process special category data relating to past, present, or potential customers.

Special categories of data are data relating to:

  • Health
  • Criminal convictions and offences
  • Sex life
  • Sexual orientation
  • Race
  • Ethnic origin
  • Political opinion
  • Religion
  • Trade union membership
  • Genetic and biometric data

If You Do Not Provide Data To Us

One reason for processing data is allowing Tazio to carry out contract duties. If data needed for this isn't provided, Tazio may be unable to perform those duties.

Sharing Data

Internal Sharing

Tazio may share personal data with selected third parties to facilitate business operations and marketing efforts. When engaging other entities to perform specific functions, they're provided only information necessary to fulfil duties per data protection standards.

  • Tazio Colleagues: Data may be shared internally with colleagues when necessary to enable them performing duties effectively.

External Sharing

Service Providers & Partners. Tazio occasionally hires external companies to assist with marketing functions, customer relationship management, and administrative support. Only minimum required data for partners completing tasks is shared. This includes:

  • HubSpot (EU-based processing): Tazio uses HubSpot for secure storage and management of CRM database including customer contact information such as names and email addresses, primarily for marketing and customer feedback contact purposes.

Legal & Compliance. Data may be shared for legal reasons, including:

  • Legal Advisors and HM Courts & Tribunal Service: Data may be shared with legal representatives for defending legal claims against Tazio or pursuing legal action against customers, suppliers, or third parties.
  • Third-Party Marketing Agents: Data may be shared with selected third-party marketing agents meeting compliance and contractual obligations, assisting with specific marketing activities.

Compliance with Legal Obligations

Tazio may share data as required by applicable laws, regulations, or legal requests from public authorities to meet imposed legal obligations.

Marketing Use Of Data

Personal data is used to send updates (by email, text message, telephone or post) about Tazio products and/or services, including exclusive offers, promotions or new products and/or services.

Tazio has legitimate interest in using personal data for marketing purposes (see "How and why we use your personal data"). This means consent isn't usually needed to send marketing information. If marketing approach changes so consent is needed, this will be requested separately and clearly.

Users have the right to opt-out of receiving marketing communications at any time by:

  • Contacting [email protected]
  • Using the "unsubscribe" link in emails or "STOP" number in texts

Tazio may ask users to confirm or update marketing preferences if requesting further products/services in the future, or if changes occur in law, regulation, or business structure.

Tazio may disclose personal data to:

  • Other Tazio members
  • Third parties in the event Tazio sells or transfers business or assets, disclosing personal data to prospective and actual buyers

Where data is disclosed to other Tazio members, those members may contact users and send marketing communications about potentially interesting products and services.

If users have consented to receiving marketing communications from Tazio (or, if corporate subscribers, haven't objected to marketing communications), they have the right to ask Tazio to stop sending marketing communications at any time. This won't affect lawfulness of processing before consent withdrawal or objection receipt. To withdraw consent or object to marketing communications, contact [email protected] or follow unsubscribe instructions in each electronic marketing communication. Once Tazio receives notification that users no longer wish marketing, information won't be processed for this purpose unless another legitimate legal basis exists.

Protecting Data

Tazio is aware of requirements to ensure data protection against accidental loss or disclosure, destruction and abuse, having implemented processes to guard against such.

Where data is shared with third parties, contracts ensure data is held securely and per GDPR requirements. Third parties must implement appropriate technical and organizational measures ensuring data security.

How Long We Keep Data For

If active Tazio customers, data is retained per contractual obligations, though users can opt out of marketing data at any time.

Former customer and prospective customer data is retained for 12 months after last confirmed contact then deleted. Users can opt out of marketing data at any time.

Notification occurs one month prior to and one week prior to data deletion, giving the option to opt back in if desired.

Should users opt out of marketing data, this is retained indefinitely to ensure that if data is received via third party, the wish not to be contacted is respected.

Automated Decision Making

Tazio doesn't make decisions based on automated decision making (e.g., decisions taken using electronic systems without human involvement) in marketing.

Your Rights in Relation to Data

Data protection law gives certain rights relating to held data. These are:

  • The right to be informed. Tazio must explain how data is used, the purpose of this privacy notice.
  • The right of access. Users have the right to access held data by making a subject access request.
  • The right for any inaccuracies to be corrected. If held data is incomplete or inaccurate, users can require correction.
  • The right to have information deleted. Users can ask Tazio to delete data from systems where no reason for continued processing exists.
  • The right to restrict data processing. For example, if held data is believed incorrect, Tazio stops processing data (whilst still holding it) until data accuracy is ensured.
  • The right to portability. Users may transfer held data for their own purposes.
  • The right to object to information inclusion. Users have the right to object to data use where Tazio uses it for legitimate interests.
  • The right to regulate automated decision-making and profiling of personal data. Users have a right not to be subject to automated decision making adversely affecting legal rights.

Where consent has been provided for data use, users also have the unrestricted right to withdraw consent at any time. Withdrawing consent means Tazio stops processing previously consented data. There are no consequences for consent withdrawal. However, in some cases, Tazio may continue using data where permitted by having legitimate reasons such as contractual obligations.

To exercise any explained rights, contact [email protected].

Children's Information

Tazio doesn't knowingly collect personally identifiable information from children under 16. Children under 16 shouldn't submit Personal Data through the Website. Parents and legal guardians are encouraged to monitor children's Internet usage and enforce this privacy policy by instructing children never to provide personal data without permission. If parents or guardians believe Tazio has personally identifiable information of children under 16 in its database, contact [email protected] immediately and Tazio will use best efforts to promptly remove such information.

Web Links

Tazio contains links to other sites. Tazio isn't responsible for the privacy practices or content of such other sites. Users are encouraged to be aware when leaving the site to read privacy and spam policies of each website collecting personally identifiable information. This Privacy Policy applies solely to information Tazio collects.

Email Communications

If users send emails with questions or comments, personally identifiable information may be used to respond to questions or comments, and questions or comments may be saved for future reference. For security reasons, non-public personal information such as passwords, social security numbers, or bank account information shouldn't be sent via email. Users may "opt-out" of receiving future commercial email communications by clicking the "unsubscribe" link in most sent emails, however, Tazio reserves the right to send transactional emails such as customer service communications or communications with Customer Success Managers.

Changes to Tazio's Policy

The Website may change from time to time. As a result, at times it may be necessary to make changes to this Privacy Policy. Tazio reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before providing any Personal Data. Continued Website use after any changes or revisions to this Privacy Policy indicates agreement with revised Privacy Policy terms.

Making a Complaint

The supervisory authority in the UK for data protection matters is the Information Commissioner (ICO). If data protection rights have been breached in any way by Tazio, complaints can be made to the ICO.

Data Protection Manager

The Company isn't required to appoint a Data Protection Officer. All GDPR correspondence should be addressed to [email protected].

Tazio's Data Protection Representative is the CIO, Richard Gaze.