Thredd respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.

 

Who we are

Thredd (‘we’ or ‘us’ or ‘our’) collects and processes your personal information through your use of this website, including any data you may provide through this website when you sign up to our contact option, newsletter or service in accordance with this privacy policy. This policy provides you with the necessary information regarding your rights and our obligations, and explains how, why and when we may process your personal data.

The personal data we hold about you must be accurate and current. Please keep us informed if your data changes during your relationship with us.

Thredd Group Limited, registered under company number (11319858), with its registered office address at 6th Floor, Victoria House, Bloomsbury Square, London WC1B 4DA complies with the Data Protection Act 2018.Detailed below is how we comply to this Act.

 

Information that we collect

Thredd processes your personal information to meet our legal, statutory and contractual obligation. We will never collect any unnecessary personal data from you and do not process your information in any way, other than as specified in this notice.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped as follows:

  • Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
  • Contact Data includes billing address, email address and telephone numbers.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Profile Data includes your username and password, feedback and survey responses.
  • Usage Data includes information about how you use our website.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

We collect information in the following ways:

  • Contact details whenever you submit a form on our website. Eg the contact us form or a newsletter subscription.
  • Personal data, relating to job applications submitted on this website.

 

How we use your information

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal obligation.

Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending direct marketing communications to you. You have the right to withdraw consent or exercise your rights under the data protection laws at any time by contacting us.

 

Purposes for which we will use your personal data

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal basis we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us at dataprotection@globalprocessing.com if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

Purpose/Activity

Type of data

Lawful basis for processing including basis of legitimate interest

To register you as a new customer, prospective partner, employees, issuers.

(a) Identity

(b) Contact

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)

To manage our relationship with you which will include:

(a) Notifying you about changes to our terms or privacy policy

(b) Asking you to leave a review or take a survey

(a) Identity

(b) Contact

(c) Profile

(d) Marketing and Communications

(a) Performance of a contract with you

(b) Necessary to comply with a legal obligation

(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)

To enable you to partake in completing a survey

(a) Identity

(b) Contact

(c) Profile

(d) Usage

(e) Marketing and Communications

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)  

(a) Identity

(b) Contact

(c) Technical

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

(b) Necessary to comply with a legal obligation

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

(a) Identity

(b) Contact

(c) Profile

(d) Usage

(e) Marketing and Communications

(f) Technical

Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)

To use data analytics to improve our website, products/services, marketing, customer relationships and experiences

(a) Technical

(b) Usage

Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

To make suggestions and recommendations to you about Thredd goods or services that may be of interest to you

(a) Identity

(b) Contact

(c) Technical

(d) Usage

(e) Profile

(f) Marketing and Communications

Necessary for our legitimate interests (to develop our products/services and grow our business)

To process job applications and assess suitability for roles within Thredd.

(a) Identity

(b) Contact

(c) Profile

 

Necessary for our legitimate interests (Recruitment)

To communicate with you directly regarding job applications.

 

Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

Thredd has a number of Data Security controls in place. These include;

  • Encryption of Data
  • Access Segregation
  • Secure Storage
  • Access Authorisation
  • Technical controls including but not limited to Firewalls, Networking Controls and Secure Processing controls

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

 

Marketing

We strive to provide you with choices regarding certain personal data uses, particularly around marketing. Where you have consented to us using your details for direct marketing, we will keep such data until you notify us otherwise and/or withdraw your consent.

 

Cookies

You can set your browser to refuse all or allow some browser cookies. For more information about the cookies we use, please see our cookie policy.

 

Your rights

You have the right to access any personal information that Thredd processes about you and to request information about: -

  • What personal data we hold about you
  • The purposes of the processing
  • The categories of personal data concerned
  • The recipients to whom the personal data has/will be disclosed
  • How long we intend to store your personal data for
  • If we did not collect the data directly from you, information about the source

If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct or complete the information and we will strive to correct it as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.  

You also have the right to request erasure of your personal data or to restrict processing (where applicable) in accordance with the data protection laws; as well as to object to any direct marketing from us; to exercise your data portability rights, and to be informed about any automated decision-making we may use.

If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.

 

Sharing your information with others

We’ll keep your information confidential, but we may share it in certain circumstances, for the purposes set out in this policy, with:

  • our affiliates, including our subsidiaries in other countries;
  • our service providers, sub-contractors and agents;
  • anyone to whom we may transfer any part of our business, rights, obligations or assets or our shares;

 

International Transfers

As required by law, we will take all steps reasonably necessary to ensure that information about you is treated securely and in accordance with this notice; We may transfer your personal information within Global Processing Services group .We ensure your personal data is protected by requiring all our group companies to follow the same rules when processing your personal data.

Thredd has in place controls with any third parties required to process your personal data including but not limited to Controller to Processor agreements, International Data Transfer Agreement (ITDA), where applicable and contractual terms including all standard security requirements.

 

Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

 

Lodging a Complaint

Thredd only processes your personal information in compliance with this privacy policy. If, however you wish to raise a complaint regarding the processing of your personal data or are unsatisfied with how we have handled your information, you have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues by calling 0303 123 1113 or via www.ico.org.uk/make-a-complaint/.

We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

 

How can you contact us?

If you have any further questions or would like to exercise any of the rights set out above, please contact us at dataprotection@globalprocessing.com. We always welcome your comments or suggestions, including thoughts on how we can improve or clarify this privacy policy.

 

Changes to the privacy policy

We keep our privacy policy under regular review, please check this page regularly for changes to this policy.