We are Transport Exchange Group, company registration number 03464353, located at One Six Six, First Floor,166 College Rd, Harrow,HA1 1BH
We collect professional personal data (e.g. business-related information) in order to support the activities of our organisation and have carried out assessments of the legal basis for processing this data. We have concluded that collecting this data is necessary on the grounds of contractual and legal obligations together with our legitimate interests for the use of client data, to support membership activities and/or to deliver related commercial services. We have in place the appropriate systems and security controls to ensure that we protect your data and to prevent it from being used, lost, altered, disclosed or otherwise accessed in an unauthorized way
Information you provide to us
We collect personal information from you to allow us to deliver our services and comply with legal obligations which we are subject to. These can include:
We require information from you to create an account(s) on our Services or for interacting with Transport Exchange Group, this will include information such as your name, postal address, work address, job title and role, email address, telephone number and any additional information to support the Service or information that you are applying for.
We may require information to support service delivery (depending on the type of service), to support membership activities, assist us with policy representation.
In particular, we will share your name, address and contact details with a 3rd party to fulfill product purchases from our Shop.
If you contact us or participate in a survey, contest, or promotion, we collect the information you submit such as your name, contact information, and message.
Information from third-party services
If you choose to take services from our trusted partners, we may exchange information with that partner to enable us to deliver that service.
Payment and Card Information
Some of our Services can be paid for by credit or debit card. If you chose to use this payment method, you must provide certain information for identification and verification, such as your name, credit or debit card number, card expiration date, CVV code, billing and shipping address. This information is encrypted and sent to your card network. Payments are processed by our 3rd party supplier, SagePay.
We strictly do not store the credit or debit card number, card expiration date, CVV code. We do store your delivery and billing address to fulfil your order. Note that third-party payment processors may retain this information in accordance with their own privacy policies and terms.
Qualification, Accreditation and Auditing Evidence
Transport Exchange Group offers services and training which can result in individuals or your organisation receiving a recognised qualification or accreditation issued by Transport Exchange Group on behalf of the awarding body. To allow Transport Exchange Group to issue these qualifications / accreditations we must share some personal data with the awarding body/accreditation centre and retain certain material as evidence as required by the awarding body. This may include, names, unique learner information and contact details as well as proof of identification (such as a copy of an individual’s driving license).
Special Categories of Data
We do not collect any special categories of data about you unless you have provided your explicit consent for us to do so, for instance so that reasonable adjustments can be provided under assessment conditions.
How is your personal information collected?
We may collect personal information in the following ways:
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
How we use your personal data
We will only use your personal data in accordance with the law. Most commonly, we will use your personal data in the following circumstances:
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
You will receive marketing communications from us if you have requested information from us or purchased services from us and, in each case, you have not opted out of receiving that marketing. You may also receive third-party marketing communications where you have attended one of our seminars, events, or briefings and these have been sponsored. We share attendee contact information with our sponsors but you may opt out of any marketing communications you receive at any time.
Excluding data that is shared with third-party sponsors of our seminars, events, or briefings (referred to above), we will get your express opt-in consent before we share your personal data with any organisation outside the Company for marketing purposes.
You can ask us or third parties to stop sending you marketing messages at any time. Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of service purchase.
When you visit our website, we collect standard internet log information and details of visitor behavior patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website.
In order to provide you with our products and services, or to reply to any enquiries, we collect professional information (e.g. business-related data) about you and your company submitted to our websites, passed on during telephone conversations, included in emails and mobile messaging and any other form of written or verbal communication. For example, we might keep a record of your name, work address and associated delivery addresses, work email address and work telephone number/s.
We also hold the IP addresses of visitors to the website.
We may automatically log personal data or link information automatically logged by other means with personal data about specific individuals. However, we will only use this information to help us respond to queries you may have about our products or services or to tell you about other products and services that we think you may be interested in. We will not pass this information on to any third parties.
We may use a number of different cookies on our site. If you do not know what cookies are, or how to control or delete them, then we recommend you visit www.aboutcookies.org for detailed guidance.
You can set your browser not to accept cookies and the above website tells you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.
Currently we operate an ‘implied consent’ policy which means that we assume you are happy with this usage. If you are not happy, then you should either not use this site, or you should delete our cookies having visited the site.
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law and is free of malicious content which could otherwise compromise our systems.
Both incoming and outgoing telephone calls to or from Transport Exchange Group may be recorded and monitored. This is done for customer service purposes, including training. Calls are retained in a protected environment for a period of 12 months, are subject to security access controls, and are not shared with any 3rd parties.
If you would like to request an un-mointored call back, please use the Unmonitored Call Request form.
Change of Purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us.
Under data protection laws, you have a number of rights. You have the right to:
If you wish to exercise any of the rights set out above, please contact us as instructed below. You can obtain further information about these rights by visiting www.ico.com
Before processing your request, we may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. You can do this by emailing our DPO or writing to our data protection officer at the registered company address (please see below).
When we receive a complaint from a person or company we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any staff members involved in the complaint.
We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for two years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.