- About this Privacy Notice
- About Us
- Our Contact Details
- Our Data Protection Manager
- Who is Responsible for your Personal Information?
- Where do we get Personal Information from?
- What sort of Personal Information do we collect and why?
- What is the Legal Basis for Using your Personal Information?
- When and How we Share Personal Information with Others
- Where your Personal Information is Stored and Processed
- How we Secure your Personal Information
- Keeping your Personal Data Accurate and Up to Date
- How long will we use your Personal Information for?
- Your Rights in relation to our processing of your Personal Information
- Changes to our Privacy Notice
We understand that you care about your personal privacy and Tenjin Limited takes that seriously.
When you visit our website, contact us or become one of our customers or service providers we may collect information about you. Our aim is to handle personal information openly and transparently. The purpose of this Privacy Notice is to explain who we are and how we use and protect your personal data.
Children’s Privacy: Our services are not aimed at children. In the limited circumstances where we may collect and use personal information about children we will comply with relevant law and guidelines.
Tenjin Limited (“Tenjin” or “we” or “us”) provide compliance law training to learners both online, e.g. through the Tenjin Digital Learning Platform and webinars, and offline, e.g. at face to face training events and conferences.
If you need to contact us about this Privacy Notice you can do so by telephone, email and post.
Who is Responsible for your Personal Information?
Unless this Privacy Notice states otherwise, Tenjin Limited is the “controller” of the personal information we process.
Who does this Privacy Notice apply to?
This Privacy Notice will only apply to you where we process your personal information as a controller. It applies to:
- Our customers, including prospective, current and former customers and their employees or representatives;
- Individual contacts including business prospects;
- Individuals who use the Tenjin Digital Learning Platform direct as opposed to through a third party such as their employer;
- Anyone that uses our website or contacts us via our website including our mobile application “app”;
- Our service providers, including their employees and representatives.
Circumstances where this Privacy Notice will not apply to you
Where we provide e-learning services to individual learners on behalf of our customers, Tenjin is a “data processor” of personal data relating to those learners. This means that Tenjin will only process personal data as instructed by our customers and in accordance with the Tenjin Terms and Conditions of Service which can be read here.
Most of the personal information we use is collected from you direct because of your interactions with us such as when you contact us with an enquiry. We may also obtain your personal information from third party sources such as your employer or the subscriber to our e-learning platform or where it is permissible, from publicly available sources.
Tenjin collects personal information about its customers, contacts and service providers. With a few exceptions, this information is usually restricted to basic contact information such as name, job title, employer’s name, work address, work email address and work telephone number. If you purchase our products or services or we purchase yours then we will also need to collect bank information to administer payment. We do not sell personal information to anyone and only share it with third parties who are helping us deliver our products and services (such as an IT database provider or mailer) or where are legally required to do so (such as HMRC). We use your personal information to make your visit to our website or the use of our services including our e-learning modules as easy and smooth as possible. We also need it to process and communicate with you about your order, manage our business and providing you have given us your permission, to occasionally to send you information about our other similar services, products and events by email and by post.
You can learn more about the types of personal data we process and why, here
Data protection law requires us to only process your personal information on the basis of certain legal grounds. The legal grounds will usually be one or more of the following:
- The processing of your personal data is necessary for contractual reasons: where we have a contract with you we will need to process your personal information to provide you with our services e.g. where you have purchased e-learning training, we need to process learners’ names, email addresses and Login credentials to facilitate their use of the Tenjin Digital Learning Platform.
Similarly, if you are contracted to provide us with a service, we will need to process your personal information to fulfil that contract.
- The processing is necessary for our legitimate interests or those of a third party providing these interests are not overridden by your individual interests or rights and freedoms e.g. to send you marketing which is in our legitimate business interests. You can read more about where we rely on this legal ground here.
Where we rely on legitimate interests as a legal ground to process your personal information, you have the legal right to object. You can find out more about this legal right, here. “Your right to object to processing”
- Where you have given us your consent: we only ask for your consent in relation to specific situations and where we need it. If we need your consent, we will collect it separately and make it clear that we are asking for your consent.
Where we rely on your consent as a legal ground to process your personal data, you have the legal right to withdraw your consent at any point in time by contacting us via any method you choose. You can read more about how to withdraw your consent here. “Your Right to withdraw consent”
- The processing of your data is necessary for us to comply with a legal obligation e.g. where we are compelled to process your personal information to comply with a court order or a law.
- The processing is necessary for reasons of substantial public interest based on a law e.g. where you attend one of our events and we need to process information about your dietary requirements or details about a physical disability or impairment to ensure that we can meet your specific needs and to ensure the event is accessible to you.
- Other legal grounds: we may process your personal data based on other legal grounds. You can contact us at any time to ask us what legal grounds we rely on to process your personal information for any specific purposes.
We may share your personal information with our business partners, e.g. a purchaser of Tenjin’s business assets, and third-party service providers who act on our behalf such as IT service providers or where we are required or permitted by law to do so, e.g. for law enforcement. Our third-party service providers are not allowed to share or use your personal data that we make available to them for any purpose other than to provide services to us. Learn more here “Third Party Service Providers”
Any personal information that you submit to us will usually be held on secure servers, based within the UK or the European Economic Area (EEA). E.g. Our secure servers are located in London, UK.
However, sometimes, to provide our services, we will need to transfer your information to other countries some of which are outside the EEA and do not provide an equivalent level of data protection as the country where you live and may not be recognised by the European Commission as providing an adequate level of data protection. Tenjin will only transfer your personal data to these countries where it has implemented legal safeguards to ensure that your personal information is treated by those third parties in a way that is consistent with and respects the EU and UK laws on data protection such as standard contractual clauses which have been approved by the European Commission as providing adequate protection for your personal data.
If you have any specific questions about where your personal data is transferred, and the measures put in place to protect it please contact us.
Tenjin has put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Our service providers that process your personal data on our behalf are legally and contractually required to implement similar security measures to us including ensuring that anyone that accesses your personal data is subject to a duty of confidentiality.
We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Further information about our security measures is available on request. Please contact us.
If any of the personal information you have given us changes, e.g. if you change your email address or you wish to cancel any request you have made to us or if you think the information we hold about you is inaccurate, please let us know by contacting us.
Tenjin will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
Your personal data will be retained securely for so long as is necessary to fulfil the purposes we collected it for but including for the purposes of satisfying any legal, accounting or reporting requirements and where required to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled. E.g. If you have a contract with us then we will typically keep information for six or twelve years after the contract is finished.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with data protection law or other applicable regulation.
If you have any specific questions about retention of your information, please contact us.
This Privacy Notice is intended to provide you with information about what personal data Tenjin collects about you and how it is used. If you have any questions about this, please contact us.
You also have various other legal rights that relate to the way in which we use your personal data, including:
Your right of access
You have the right to ask us for copies of your personal information and the way in which it is used. Although this right always applies, there are some exemptions and restrictions, which means you may not always receive all the information we hold. E.g. We may not be able to provide you with your personal information if doing so reveals personal data about someone else or we are legally prevented from disclosing it to you. If you want to request your personal data, please contact us.
Your right to ensure accuracy
Our aim is to keep your personal data accurate, current and complete. We ask you to contact us to let us know if any of your personal data is inaccurate or changes so that we can keep your personal data up-to-date. You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. If you wish to do this or let us know your details have changed please contact us.
Your right to erasure
You have the right to ask us to erase your personal information in certain circumstances such as when it is no longer necessary for the purposes for which it was collected or when your personal data has been unlawfully processed. The right to erasure is not absolute and only applies in specific circumstances.
Your right to restriction of processing
You have the right to ask us to restrict the processing of your information for a period in certain circumstances such as where you believe it is inaccurate and we need to verify that claim or you are considering objecting to our use of your personal data or in other certain circumstances. If you want to, you can make a request for restriction at the same time as you raise another objection. You can exercise this right verbally or in writing, but it may be easier and quicker for us to address your request if it is put in writing.
Your right to object to processing
You have the right to object to us processing your personal data where the legal ground we rely on to process it is “legitimate interests” or your data is being processed by us for scientific or historical research, or statistical purposes, or for direct marketing. You can exercise this right verbally or in writing, but it may be easier and quicker for us to address your request if it is put in writing.
Your right to data portability
This only applies to information you have given us. You have the right to ask that we transfer the information you gave us to another organisation or to you, in a format that is commonly used and can be read by a computer. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.
Your right to withdraw your consent
If you have consented to us collecting and using your personal data, you have the right to fully or partially withdraw your consent at any time. To withdraw consent to our electronic marketing, simply follow the opt-out links on any electronic marketing message or contact us.
Withdrawing your consent will not affect the lawfulness of any processing of your information prior to the withdrawal of your consent although it may prevent us providing you with certain services. We will advise you if this is the case at the time you withdraw your consent.
How to exercise your legal rights in relation to your personal data
If you would like to exercise any of your legal rights, please contact us. We may need you to prove your identity. You are not required to pay any charge for exercising your rights. We have one month to respond to you.
Your right to complain
If you think we have breached your data protection rights you have the right to complain to the appropriate supervisory authority (in the UK, this is the Information Commissioners Office. Their contact details are on their website at www.ico.org.uk) or make an application to a court.