1. What we need
Our Personal Data Protection Policy governs the use and storage of your data. You can see our Personal Data Protection Policy at http://www.tfork.com/privacy-policy
Tuning Fork Advisory Ltd (Company Registration C90114) is a Controller of the personal data you (data subject) provide us.
This Privacy Notice is intended to set out your rights and answer any queries you may have about your personal data.
We collect the following types of personal data from you.
- your name and surname
- your home or work address
- your email address and phone number;
- your identity card number
- your nationality
- information related to the browser or device you use to access our website;
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
2. Why we need it
We need your personal data:
- to establish and fulfil a contract with you, for example, if you enter into an agreement to provide or receive services. We require this information to enter into a contract with you and are unable to do so without it;
- to maintain an effective communication channel with you throughout the execution of a service/job, to manage our relationship with you as our customer and to improve our services and enhance your experience with us in the future;
- to respond, with your express consent, to any comments or complaints we may receive from you, and/or in accordance with our legitimate interests including to investigate any complaints received from you or from others, about our website or our products or services;
- to personalise (i) our communications to you; provide you with (ii) updates on standards and directives that affect your work and sector (iii) training courses and events; and (iv) products or services for you, in accordance with our legitimate interests;
- to protect Tuning Fork’s legitimate business interests and legal rights, including but not limited to, use in connection with legal claims, compliance, regulatory and investigative purposes (including disclosure of such information in connection with legal process or litigation);
- to monitor any customer account to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law and our legitimate interests
Where applicable and allowed, you have been given an opportunity to opt-out. You will continue to be able to opt-out of electronic communications at any time by following the instructions in the relevant communication.
We may also collect your IP address automatically as you interact with our website. This is in the interest of ensuring that there is no malicious use of the website and maximum protection to your data.
3. What we do with it
Your personal data is processed in our offices in St. Julian’s located in Malta. Hosting and storage of your data takes place in our Zoho Cloud-based system which is located in the EU and US.
Zoho is ISO 27001:2013 and SOC 2 Type II certified (proving its system is designed to keep its clients’ sensitive data secure) and has certified its compliance with the EU-U.S. Privacy Shield Framework, subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
We may also share your personal data with the below third parties:
- our professional advisors such as our auditors and external legal and financial advisors;
- marketing and communications agencies where they have agreed to process your personal data in line with this Privacy Notice;
- search engine and web analytics.
No other third party providers have access to your data, unless specifically required by law.
4. How long we keep it
Information collected from visitors to the Site will only be kept in order to provide the required service. Where you ultimately become a client of Tuning Fork Advisory Limited, your data will be retained for as long as you maintain a client relationship with us, in order to meet our contractual obligations to you and for a period after that to identify issues, respect claim limitation periods and to resolve any legal proceedings.
We may also retain aggregate information beyond this time for research purposes and to help improve our services. Information is held and ultimately destroyed in accordance with Tuning Fork Advisory’s data retention policies. Should you require your information to be updated, amended or deleted from our records please contact email@example.com outlining your requirements.
5. What are your rights?
Under the General Data Protection Regulation, you have the right to:
- Access your personal data by making a subject access request;
- Rectification, erasure or restriction of your information where this is justified;
- Object to the processing of your information where this is justified; and
- Data portability.
To exercise your rights, please contact Tuning Fork using any of the following contact details:
Tuning Fork Advisory Limited
135/2, Kyle Buildings,
St. Julians, STJ 1870
If you still feel that your personal data has not been handled appropriately according to the law, you can contact the Information & Data Protection Office (IDPC) located in Sliema and file a complaint with them.
Office of the Information and Data Protection Commissioner
Floor 2, Airways House, Triq Il-Kbira, Tas-Sliema SLM 1549, Malta.