What type of information we have


Depending up on the activity and or task, while going about the current range of business activities, employees or IT systems of UK Technical Applications Ltd, may see, collect, process, use or retain any of the following types of information:

  • Personal identifiers, contacts and characteristics of title, christian name, surname, postal address, e-mail address, telephone number, age, sex.

  • Links to associated social media and networking sites of Twitter, Facebook, instagram, linkedIn.

  • Links and in some cases message content made on other associated communication platforms of faccebook messenger, whatsapp, SMS text.

  • Website Cookie files and website user statistics.

  • Test data supplied to us by product trial participants pre and or post a product trial.

  • Test data supplied to us by participants in any of our scientific research.

  • Responses supplied to us during market research.

  • Sales information of product and quantities during the purchase of products from us.

  • Some specific confidential and non confidential commercial information shared with or learned by us while engagement on any client assignments.

  • Business service and systems performance survey responses.

  • Employee Name, Address, Date of Birth, National Insurance, & Tax Reference numbers, current photograph, and where applicable, a copy of the employee's driving licence.

  • Bank account name, account number, sort codes.

  • Still Images.

  • Audio.

  • Video.

  • Writen information in the form of messages, reports, statistical or numerical data.

  • AirDrate project Flight Test data. Flight to From, duration, results.




How we process and transfer personal data to countries outside of the EEA


Data protection legislation prohibits the transfer of personal data to countries outside the European Economic Area (EEA) unless, the country in question has been deemed by the European Commission to provide an adequate level of protection for personal data. UK Technical Applications Ltd and it's suppliers use service providers for some of its cloud based IT support systems that may transfer personal data to servers based in facilities in the United States of America of which is outside the EEA. The serve providers concerned are: SurveyMonkey; Microsoft Office 365; Google; Drop Box; Xero; facebook; whatsapp; LinkedIn; Twitter; Namesco; wix apple All of the above service providers are GDPR compliant and have corporate policies in place that ensure that your data is handled and stored in accordance with GDPR requirements while it is in their care. UKTA conducts a Privacy Inpact Assessment (PIA) before using any new service provider and reviews existing service providers for compliance with the latest GDPR compliance Bi Annually.




Your rights


Under data protection law, you have rights including:

  • Your right to be informed if your personal data is being used.
    An organisation must inform you if it is using your personal data.
  • Your right of access.
    You have the right to find out if an organisation is using or storing your personal data.
    You have the right to ask us for copies of your personal information.
  • Your right to rectification.
    You can challenge the accuracy of personal data held about you by an organisation.
    You have the right to ask us to rectify information you think is inaccurate.
    You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure.
    You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing.
    You have the right to ask us to restrict the processing of your information in certain circumstances.
  • Your right to object to processing.
    You have the the right to object to the processing of your personal data in certain circumstances.
  • Your right to data portability.
    You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
    You have the right to get your personal data from an organisation in a way that is accessible.
  • Your rights relating to decisions being made about you without human involvement.
    We must tell you under what circumstances that may occur. Details about decisions being made about you without human involvement in our company are contaied in the 'Automaed Decision Making' section within the 'What we do with information we have' tab that can be found above.
  • You right to be informed of any significant change.
    We must tell you about any change in how your data is collated, processed, used, stored or destroyed.
Opting out of processing
Should you wish to exercise your right to opt out of processing, this can be requested via email using the subject header ‘Opt Out Notification’, and send to privacy@uktech-applications.co.uk
On receipt of such ‘opt out’ requests, where there is no lawful reason for us to continue to collect and hold your information, we will securely destroy all relevant records as soon as possible.
Request to exercise your rights
If you wish to make a request to exercise any of your rights above, then please contact our Data Protection Officer at privacy@uktech-applications.co.uk, or you can write to us at our company address:
FAO The Data Protection Officer, UK Techncial Applications Ltd, PO BOX 13278, Cheltenham, Gloucestershire, GL50 9EB. You are not required to pay any charge for exercising your rights. If you make, we have one month to respond to you.
We will explain our lawful basis for processing the data and advise individuals of their right to make a complaint to the ICO www.ico.org.uk/make-a-complaint/your-personal-information-concerns/ and or seek judicial remedy if you are unsatisfied with the reasons provided or the way in which we process this information.
There may be exceptions when we will be obliged to make a charge for requests such as where we feel they are manifestly unfounded or excessive. Should a charge apply, we will provide this information in a transparent format.
We may also be required to refuse some requests which relate to information we have a right to withhold or are not permitted to share by law, such as information used in criminal or civil proceedings.
We will always inform you of the reason(s) for our refusal and advise you of your right to make a complaint to the ICO and seek judicial remedy. Subject access requests can be provided in paper based or electronic format such as a PDF or spreadsheet.




How we delete or destroy data


Electronic Files stored on Hard Drives or Memory devices Deleted from the electronic records from all current storage locations. End of Life Electronic Memory Devices For any internal, external hard drive or memory external memory device, at the end of it's life, the device shall be physically disassembled and the disc or integrated circuits containing data shall be physically destroyed to the point where it is physically impossible for the disc to be run, operate or read in a coputer system. The remaining components may then be disposed of in normal landfill waste. Printed Paper Copies Printed copies shall be shredded before being disposed of in paper recycling facility.




Children's Data and Safeguarding - Parent or Guardian guidance


  • The normal business activities of UK Technical Applications Ltd does not involve providing care to children or vulnerable adults. UK Technical Applications Ltd is therefore not required by UK (or as adopted EU) law to operate a ‘Safeguarding System’ and does not meet child safeguarding requirements and is not registered or monitored by the local authority accordingly. However, UK Technical Applications Ltd does operate in accordance with the ICO General Data Protection Regulation for Children 2018 and UK Council for Child Internet Safety (UKCCIS) guidance.
  • UK Technical Applications Ltd does not offer direct online services to Children but it does engage Children in product testing, online surveys and innovation research that are used to provide feedback used for evidence to proof of concept and proof of Market. This information is used to development products under the control of UK Technical Applications Ltd.
  • Although UK Technical Applications Ltd does identify and respect a child’s right that when offering an online service directly to a child, in the UK, only children aged 13 or over are able provide their own consent, following a safeguarding risk assessment carried out inline with the above regulations, UK Technical Applications Ltd have determined that in the best interests of the child's protection and fairness to them, that it shall notify and seek consent from the child’s parent or guardian before engaging in those business activities or any subsequent direct communication with the child.
  • For the purposes of safeguarding and this policy, a ‘child’ is a male or female under the age of 18 years of age. UK Technical Applications Ltd consider its current business activity as inappropriate for those identified as a Vulnerable Adult and shall not engage directly with anybody knowingly identified accordingly.




How we store and retain your information


Your personal data that we see, collect, process, use or retain may either be recieved directly from you or created by us. This data may be stored in any of the following ways:

  • In electonic file formats and variants of Microsoft XLS, Doc, pdf, jpeg.
  • In Off Site 'Cloud Based' file storage solutions of Dropbox & Microsoft Server Exchange.
  • Third party suppliers who we partner with to provide business support services to our organisation may also store your data that you have supplied to us on their IT hardware of which are maintained in accordance with their privacy policies.
    Our providers are:
    TTNC, Namesco, Xero, Survey Monkey, Facebook, Whatsapp, O2, Apple, Google. Professional Advisors Poole Waterfield, Higgs & Sons, exebookkeeping.
    UK law enforcement agencies or HMRC as require to in accordance with this privacy policy,
    AirDrate Product R&D and manufacturing project partners:
    Design Councill of Great Britain (Stakeholder), Charpack Ltd, Alexir Ltd, Camvac Ltd, Iterign Ltd, Proseal Ltd, RNA Ltd.
  • On hard drives of UK Technical Applications Ltd desktop, lap top, ipads, iphones.
  • On memory sticks or CD Rom discs.
  • From time to time, paper copies as required at our offices in Cheltenham, Exmouth or Berkhamsted.
Retained Telephone Records & Messages
  • For verbal communication messages left through our office landline number 01395 224793, any recording is available to us for 90 days after which, it is archived by TTNC for two years in line with TTNC’s privacy statement, found on www.ttnc.co.uk We delete TTNC notification e-mails as soon as possible after reviewing our answer phone messages. The legal basis for this processing is our legitimate interests, namely for use in providing an appropriate follow up response as required to the detail left in the message.

  • Phone records of your call to or fom us using one of our mobile devices is recorded automatically on the relevant suppliers and voice mail messages left by you are left on their system until we delete those messages. Our suppliers are GDPR compliant and storage of your information is maintained in accordance with their privacy polices

Retention of you personal and business data We retain data detailed in the 'What type of information do we have' tab client for the duration of the business relationship and as long as required. Personal data that we process shall not be kept for longer than is necessary. We retain securely information of all transactions and financial data made with us, including banking records as are required to be retained by HMRC for a minimum of 5 years and 8 months. Notwithstanding the other provisions of this section, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. Security of Acess to you Information
Only trained and authorised personel shall have access to your data. Storage applications and computer equuipment used for acessing, viewing and processing your data is password protected. We deploy encyrpted communications and 2 Factor Authentication technology where and whenever possible. In the event of mobile or desktop devices becoming lost or stolen, we use technology that allows us to remotely remove any data downloaded to an authorised device connected to our cloud storage solution the next time the device is operated. To protect against online data theft and loss, all of UK Technical Applications Ltd.’s desk top, laptops or I-pads are protected by security and antivirus software, licensed and automatically updated with with the latest virus definition files supplied by one of the following companies:
Bullguard Ltd;
McAfee Ltd;
Norton 360 Security; Avast Software Incorporated. IT User Policies UK Technical Applications Ltd operates are:
  • 'Client Confdentiality Policy' . All employees, contractors or suppliers are boud to keep client information confidential. With regards to sharing information with others, see the 'What we do with the information' tab above.
  • 'Clear Desk Policy'. No printed sensitive, private data or memory device is permitted to be left un attended on a desk or work area when others are present that are not authorised to have access to that data, or when there is unsecrue access to the building or overnight. Printed copies are either destroyed upon completion of use or stored in a locked (preferably steel) cabinet or cupboard.
  • 'Unattended Device Screen Lock Policy' . No device shall be left un attended with a screen unlocked. Auto Lock is also used where possible.
  • 'Need to Know Basis Policy' is used when discussing or using your data that involves other colleagues or partners.
  • 'Single User Account Credentials' . We avoid sharing log in credentials to IT systems and accounts where possible. Where User log in's are issued for company IT systems, the user must not make known or share their personal log in credentials with any other user. The user must take measures to ensure other users do not use the systems that are logged in to using their personal log in credentials. Users must take sesible precautions to protect their company systes log in credntials from theft.
  • 'Computer and Device Theft Policy' . No mobile device shall be left unattended while out of our secure locations of our offices. Our Offices are physically secure buildings located within lower than average crime areas. When our offices are left unattended, windows and dorrs shall be closed and doors locked. Devices and equipment should where possible be out of sight from any casual passer by of the building. When visitors or tradespersons are present at any time within the offices, the company representative should exercise hightened vidgulance with security safeguards detailed above.




Changes to this privacy notice


UK Technical Applications Ltd has adopted a Quality System that strives to seek opportunities for continual improvement. We therefore may change our privacy policy notified here to incorporate changes in legislative requirements of both the Data Protection Act 2018 and General Data Protection Regulations (GDPR) 2017 or changes in business activitiies, processes and procedures. We may contact you to notify you of changes, however individuals should check this page regularly to ensure that they are satisfied with any changes notified here. Further information can be found on the Information Commissioners Office (ICO) website here. Iss 5 of this policy is effective from 2nd March 2020 Paul Bradley

Data Protection Officer UK Technical Applications Ltd privacy@uktech-applications.co.uk




Exclusions


We have excluded notices relating to the following requirements.

  • Information on Recruitment and Retention Policies regarding Automated Decision Making including Profiling International Transmission of Data.
  • We have also excluded information on recruitment and retention policies as we do not employ any staff other than directors at this time.
  • We do not envisage at this time providing our services directly to children below the age in which parental consent is required. (See Children's Data and Safeguarding - Parent or Guardian Guidance)
Sould we begin to collect or process personal information relating to the above, we will update our privacy policy accordingly.




Compliance & Our Contact Details


UK Technical Applications Ltd (UKTA), a private limied company, registered in England & Wales, Company Registration number 7196954, Registered office address Ground Floor, Custom House, Waterfront East, Brierley Hill, West Midlands, England, DY1 1HH are Data Controller’s for the purpose of this privacy notice and commit to implementing and complying with the requirements of the Data Protection Act 2018 and General Data Protection Regulations (GDPR) 2017 to our organisation.
UK Technical Application Ltd requires its employees and contracted staff who have access to UKTA customer data and personal information to undergo a Privacy Training course on a bi-annual basis.
We have appointed Mr Paul Bradley as our Data Protection Officer to ensure continued compliance with these regulations and to administer our privacy policy and this notice. The Data Protection Officer (DPO) will monitor, handle and process any requests made to privacy@uktech-applications.co.uk. within the timescales defined in the regulations. The DPO and company can be contacted at: UK Technical Applications Ltd PO Box 1327 Cheltenham Gloucestershire GL50 9EB Website: www.uktech-applications.co.uk E-Mail: info@uktech-applications.co.uk Telephone Number: +44 (0) 1395 224793 We are registered with the Information Commissioner’s Office (ICO) www.ico.org.uk.
Our ICO Registration Certificate number is ZA595897, effective from 23/12/2019.




How we apply this Privacy Policy to your data and your consent


We are committed to safeguarding the privacy of our website visitors and service users. This policy applies where we are acting as a data controller with respect to your personal data when you visit our website or engage in business activities with our organisation through verbal, face to face or other electronic methods of communication. The data control and privacy practices further apply to our products and services available under the domain and subdomains of www.uktech-applications.co.uk (the Site) and domain names www.airdrate.com (The Airdrate brand that is the care of and operated by UK Technical Applications Ltd). By visiting and using our website or engaging in our services, you agree to be bound by the terms and conditions of this Privacy Policy. If you do not agree, then please do not continue to use our company or access our website. You may coplain about the terms of the policy detailed in this privacy notice. See the 'How to Complain' tab below. By using our website and agreeing to this policy, you consent to our use of data obtained through cookies in accordance with the terms of this policy. The ' Cookie policy' provides information on what cookies are and how cookies can be manged. Consent to use cookies is obtained for new visitors through a Pop Up menu inviting you to accept or decline the use of cookies. You can withdraw your consent at any time. See 'Your Rights' tab below. Our website may contain links to other website’s we feel you may find useful. In using these links, individuals are transferred to the named website and our privacy notice no longer applies. Individuals will be governed by the linked websites privacy notices and their use of cookies. Individuals should make themselves aware of these notices and should they disagree with the way in which their data is being used, they should stop using the site immediately and remove any cookies which may have been placed on your computer by following the links provided in the ‘cookies policy'of the associated website operator.




What do we do with the information we have


We use the information that you have given us in order to:

  • Communicate with you.

  • Record and process transactions as required by law.

  • Retain written agreements made between us for future refernce.

  • We use website cookies and process anonymous visitor data about your use of our website and services ("usage data"). The usage data may include your IP address, approximate geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data taken from is our analytics tracking system, Google Analytics, Google AdWords, namesco and wix. This usage data may be processed for the purposes of analysing the use of the website and services. More information on how to management cookies can be found in our 'Cookies Policy'.

  • Bank Account Name, Sort Code and Account Number for suppliers business accounts are held in our records so as to allow us to make payments to our suppliers as required. No personal bank details of customers are held in our records.

  • Bank Account statements containing transactions and card details of comapny issued business cards are retained on our systems for the purposes of business financail management and to meet mandatory requirements laid down by HMRC.

  • Where an employee wishes for their renumeration or expenses to be paid directly in to their personal bank account, the details of their account numbers are retained securely in our company accounting system Xero of which is maintained in accordance with the privacy policy of Xero Ltd.

  • Retention of the transaction data transmitted to our employees personal bank account is processed and made secuerly through our appointed bank of which operate in accordance with the codes governing Banking and Financial institutions.

  • For product and brand test/trial participants, we use your data provided to us to verify products work correctly, obtain end user feedback that is evaluated and used to improve the product, brand or services provided. This information is also used by our Research & Development Division in our Proof of Concept, Product or Brand validation projects, of which may be used in the application to enter innovation or business competitions, awards, grants, financial applications or sales and marketing promotions.

  • Verbal Communications made with us by telephone on our office number 01395 224793 are not recorded but an electronic log of the call is captured and retained. Diary notes containing name, address, telephone number contact, email address and details of the enquiry may also be taken and kept for the lifetime of the business relationship or for a maximum period of three years if no further business ensues. Telephone calls may be processed through our virtual office receptionist Allday PA systems. A log of these calls are kept and notified to us. Calls answered by Allday PA may be recorded for training purposes. Their privacy policy may be found on www.alldaypa.co.uk. We use a VOIP system supplied by The Telephone Number Company (TTNC) to collect Calling Line Identification (CLI) Information to communicate with individuals with regards to your call. TTNC also record answerphone messages on our behalf which are converted to a.WAV file and sent via e-mail to our e-mail applications.

Automated Decision Making

For those supplying data for Pre Trial Surveys for the AirDrate Return Journey pack project, we use logic functions that are built in to the survey system that will automatically make decisions based upon the answers that have been provided. The logic can automatically select question that enables the system to decide if a person is elegible and suitable to be offered a free trial for the product under test. Contact details are provided within the survey for those using the system to contact us if they feel the decision provided based upon the automatic logic is incorrect.

Sharing Information With Others

We may where required, share relevant information with:

Agencies and Professional Advisors

HMRC

UK Law enforcement agencies (Police, Borderforce / Imigration, Customs & Excise)

CMS

Courts

Higgs & Sons Solicitors (Legal Advisors)

Poole Waterfield (Accountants)

Support services and Project Partners that are subject to Non Disclosure and Confidentiality agreements manged uder their own Privacy Policies:

Design Council

Iterign Ltd

Camvac Ltd

Charpak Ltd

Alexir Ltd

Namesco Ltd

Proseal Ltd

RNA Ltd

Aerbuddies Ltd

AirDrate Ltd

When Sharing Information

We will not disclose or convey any of your personal data to any third party without your express consent except in the following circumstances:

Where It may be necessary for us to disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

When processing financial transactions relating to our website for product and services are handled by our internal accounting department. Your financial data will be stored and processed only for the purposes of financial recording and establishment of credit limits and payment record. We reserve the right to share credit information with legitimate credit reference agencies where there has been unlawful payment default for supply of any goods or services. Complaints and queries relating to such financial transactions will be handled by the company accounting department. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against financial risks.

Coleagues within UK Techncial Applications Ltd will share information between them as required but if personal data needs to be shared between colleagues, it will be on a 'Need To Know Basis'.




How to complain & Investigation of breaches


If you are unhappy with how UK Technical Applications Ltd has used your personal information, your rights or with any part of the Privacy Policy published in tjis Privacy Notice, you can contact your Data Protection Office wh can be reahed at privacy@uktech-applications.co.uk. Further contact details can found under the 'Compliance and Our Contact Details' above.

You can also complain to the ICO (www.ico.org) if you are unhappy with how we have used your data.

www.ico.org.uk/make-a-complaint

The ICO’s address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113




How we get information and why we have it


Most of the personal information we see, collect, process, use or retain is provided to us directly by you over the telephone, by written communication through the postal service, by e-mail, text, whatsapp, facebook messenger, that can be for any of the following reasons:

  • For us to be able to communicate with you about services we are currently proposing or currently providing to you.

  • For us to be able to communiacate with you about or evaluate services you are or proposiing to provide to us.

  • To provide you with a V.A.T invoice.

  • To provide prospective or existing clients with estimates, draft agreements, business proposals or quotations.

  • Sales and Purchase Invoices, receipts, bank account details, date and nature of financial transactions to satisfy HMRC requirements.

  • Communication include but may not be limited to landlines, mobile telephones, text, e-mail, whatsapp, messenger, microsoft teams, spreadsheets and word docs, written letter, voip services, recorded messages.

We also collect and receive personal information indirectly from the following sources in the following scenarios:

  • Statistics to the usage of our website pages are collected by cookies for analysis so as to be able to monitor your expeience during your visit to our website and to review how and if it is required to improve upon user experience for future visitors to our website.
  • Some publicly available user account profile information from facebook, twitter, istagram, whatsapp, linkedIn.
  • Data provided by you in responses to surveys, colated using SurveyMonkey during product testing market research.

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

(a) Your consent. You are able to remove your consent at any time. You can do this by contacting us at privacy@uktech-applications.co.uk. More iformation about your rights and how to exercise your rights can be found at the 'Your Rights' tab below.

(b) We have a contractual obligation.

(c) We have a legal obligation.

(d) We have a vital interest.

(e) We have a legitimate interest.





download.png

Land FAQ