Privacy Policy

Title: Privacy Policy

Reference: ISP-02

Status: Approved

Version: 1.0

Date: 17/Mar/2022

Review Date: 16/Mar/2023

Classification: Confidential / Business Purposes Only / Public


Our Contact Details

Organisation Name: TechSecScot

website: https://www.techsecscot.com

email: stuart@techsecscot.com

Address: Provided on request

Telephone: Provided on request


What type of personal information do we collect?

We currently collect and process the following PII (Personal Identifiable Information):

Newsletter Subscription:

  • First Name

  • Last Name

  • Email Address

Client Information:

  • First Name

  • Last Name

  • Telephone Number

  • Email Address

  • Billing / Invoice Address

The following Information is collected by our Payment Services Provider (Zettle by PayPal):

  • First Name

  • Last Name

  • Email Address

  • Billing / Invoice Address

  • Payment Card Details

The following is collected by our web hosting provider (Google)

  • User Agent (The details of your browser & Operating System)

  • Time spent on website

  • Pages accessed

  • Estimated Location

Google Analytics

The Site uses Google Analytics by Google. Like many services, Google Analytics uses first-party cookies to report on visitor interactions. These cookies are used to store non-personally identifiable information, such as browser type, operating system, the date and time of a visit, where visitors came from, visited pages, the time spent viewing site, return visits to the site, and other anonymous metrics. This data is transmitted to Google and then used to compile statistical reports on User activity for the Site. We collect this non-personally identifiable information to better understand how Visitors use the Site, and to help manage and maintain the Site.

If You wish to opt-out of Analytics, please visit the Google Analytics opt-out page and follow the on-page instructions.

For a detailed guide on how to stop websites tracking you, please read the Personal Data Security Essentials document on our Blog page here - https://www.techsecscot.com/blog

You can generally opt-out of cookies from third-party advertisers and ad networks by visiting their Sites (if the advertiser or ad network offers this capability). It is also possible to opt out of some, but not all, of these cookies in one location at the Network Advertising Initiative (NAI), or Digital Advertising Alliance (DAA) opt-out web pages.

If You wish to disable cookies, you may do so through individual Internet browser options. More detailed information about cookie management with specific web browsers can be found at www.aboutcookies.org, or at the browsers' respective websites.

Affiliate Links

TechSecScot uses affiliate links to help with the running cost of the website. By clicking on these links, cookies may be stored in your browser cache. Our affiliates use these cookies to track where you came from and to log this information if you purchase a product or service. If you make a purchase. TechSecScot may receive a payment for signposting our affiliate. This costs you nothing and is paid from our affiliate directly to us.

Our affiliates include:

Amazon - The online shopping platform

Awin - Affiliate Marketing Platform

BSI - The Training and Standards provider

IT Governance - The Training provider

UDEMY - The online learning platform

TCM - The Cyber Mentor

No other links are affilliate

How do we collect this data?

Newsletter – Data is provided by you with your double consent. Consent can be withdrawn at any time by clicking the Unsubscribe button on any of the Newsletters. Our Mail List is operated by MailChimp who are the Controller of the PII. TechSecScot are the Processor.

Client Details – Provided by you with your consent or sourced from Companies House if required. TechSecScot are the Controller.

Payment Services – Provided by you to our provider with your consent as part of a contract of sale between you and TechSecScot. No Payment details are ever seen or processed by TechSecScot and any Requests for Information or Subject Access Requests in relation to Payment Services are fully the responsibility of the Payment Provider used for the transaction who will act as the controller. Service provided by Zettle at the time of writing.

Web Services – Data is not collected or processed by TechSecScot. The Controller and Processor of PII in relation to Cookies or Analytical data are the responsibility of the Hosting Provider. In the case of www.techsecscot.com at the time of writing, that controller/processor is Google.


How do we use this data?

Newsletter – We may use this data to better understand our followers. Enabling us to provide more efficient and relevant information or services. We will also send you updates on information available to the Cyber Security community and services we provide.

Client Details – As part of a contract with you to provide a service as per our terms of sale. Details will be used by TechSecScot to complete the required contract and complete the invoice for payment.

Payment Services – TechSecScot do not have access to or knowledge of the details you provide to the Payment Services Provider.

Web Services – TechSecScot do not have access to or knowledge of the information collected on Website visitors by the hosting provider Google.


Do we share your data?

TechSecScot do not share data with any organisation, company or individual outside of TechSecScot. Any data given by you to one of our service providers is the responsibility of that Service Provider or Data Controller/Processor.


Lawful Reason

Under EU General Data Protection Regulations (GDPR) TechSecScot collect and process PII under the following principles:

a. Your Consent. Consent may be withdrawn at anytime by unsubscribing or contacting the controler via email: stuart@techsecscot.com

b. We have a contractual obligation to hold the data.


How do we store your data?

Newsletter Subscriber Data – This data is held by the service provider on secure remote servers. Strict access requirements are in force for the security of subscribers. Data will be held for as long as consent is given or the service is withdrawn.

Client data is stored by TechSecScot. It is held in a secure premises, restricted access and encrypted for your security. Data is held for a period of 5 years after completion of the contract as per the requirements of UK legislation.

Payment Services – TechSecScot do not store this data

Website data – TechSecScot do not store this data


How is your data destroyed?

If TechSecScot no longer requires your PII or a Lawful Reason is no longer applicable, TechSecScot will remove all traces of your data from it’s systems. This is done by digital file shredding. The data is not recoverable in any form after this is completed. When no longer in use, the hard drives used in the processing of PII will be wiped completely ensuring total destruction.


Your data protection rights

Under data protection law, you have rights including:

Your right of access - You have the right to ask us for copies of your personal information.

Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.

Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at stuart@techsecscot.com if you wish to make a request.


How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at stuart@techsecscot.com

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk